| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: nova.rambler.ru nicht entfernbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.01.2017, 10:44
| #1 |
 |  nova.rambler.ru nicht entfernbar Moin, habe vor zwei Tagen festgestellt, dass sich wohl ein nova.rambler.ru auf meinen PC eingeschlichen hat. Bekomme diesen nun nicht mehr los. Wie löse ich das Problem? LG. |
|
26.01.2017, 13:05
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  nova.rambler.ru nicht entfernbar Hallo und
__________________ +++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
26.01.2017, 13:09
| #3 |
| | nova.rambler.ru nicht entfernbar Habe Malwarebytes mal gestartet, den Log allerdings nicht gespeichert, geändert hat es an der Situation zumindest nichts. Starte nun mit deinem vorgeschlagenen Programm.
__________________ LG. |
|
26.01.2017, 13:15
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Log wirde automatisch gespeichert. Einfach im Verlauf nachsehen. Es wurde extra eine Anleitung dazu verlinkt. Also bitte alles lesen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 13:19
| #5 |
| | nova.rambler.ru nicht entfernbarCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.01.2017 Suchlaufzeit: 07:19 Protokolldatei: malwarebytes-26.01.2017.txt Administrator: Ja Version: 0.0.0.0000 Malware-Datenbank: v2017.01.26.01 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Phil Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 341083 Abgelaufene Zeit: 22 Min., 46 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01 durchgeführt von Phil (Administrator) auf SUPERPARCHITA (26-01-2017 13:12:04) Gestartet von C:\Users\Phil\Downloads Geladene Profile: Phil (Verfügbare Profile: Phil) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\AdBlocker\AdBlockerService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe (Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe (BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe (Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\SpotifyCrashService.exe (BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe (BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe (Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Oracle Corporation) C:\Users\Phil\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-03-20] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-03-20] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10149712 2016-05-23] (Visicom Media Inc.) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Chromium] => "c:\users\phil\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Spotify Web Helper] => C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-24] (Spotify Ltd) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [uTorrent] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-20] (BitTorrent Inc.) HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Spotify] => C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-24] (Spotify Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-08] (AVAST Software) Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-26] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG CHR HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{86C15C86-7EC0-4D3A-A5FD-C011E82E301B}: [DhcpNameServer] 82.163.143.171 Tcpip\..\Interfaces\{8E3FA1BE-487E-4631-89B7-ED56BF5B16E6}: [DhcpNameServer] 82.163.143.171 Tcpip\..\Interfaces\{9361F888-A3BA-4570-A873-C07129A8821B}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{BA94C931-D33F-4259-A23E-145E0B5E84CF}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{E0F197DE-4865-44F9-BFE2-68F883018A48}: [DhcpNameServer] 82.163.143.171 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-8c9195fb HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-8c9195fb HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131231474506803804&GUID=C2F51A81-B0EE-4A6A-81B0-0369F623F0DC HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB SearchScopes: HKLM -> DefaultScope {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} SearchScopes: HKU\S-1-5-21-18176717-516900863-2037645015-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} SearchScopes: HKU\S-1-5-21-18176717-516900863-2037645015-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll => Keine Datei BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll => Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-12] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-12] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 6dhz67ax.default FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default [2017-01-26] FF NewTab: Mozilla\Firefox\Profiles\6dhz67ax.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\6dhz67ax.default -> Search Provided by Bing FF DefaultSearchUrl: Mozilla\Firefox\Profiles\6dhz67ax.default -> hxxps://www.google.com/search?bcutc=sp-006 FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\6dhz67ax.default -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\6dhz67ax.default -> Search Provided by Bing FF Homepage: Mozilla\Firefox\Profiles\6dhz67ax.default -> hxxp://www.google.de/ FF Keyword.URL: Mozilla\Firefox\Profiles\6dhz67ax.default -> user_pref("keyword.URL", true); FF NetworkProxy: Mozilla\Firefox\Profiles\6dhz67ax.default -> http", "130.207.85.164" FF NetworkProxy: Mozilla\Firefox\Profiles\6dhz67ax.default -> http_port", 80 FF Extension: (Cliqz) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\cliqz@cliqz.com.xpi [2016-12-31] FF Extension: (ProxTube) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\ich@maltegoetz.de.xpi [2016-10-19] FF Extension: (Video DownloadHelper) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-31] FF Extension: (Adblock Plus) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml [2016-05-01] FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\google-avast.xml [2016-09-13] FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\search provided by bing.xml [2016-10-23] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\cliqz@cliqz.com => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-12] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-18176717-516900863-2037645015-1001: temasys.com.sg/TemWebRTCPlugin -> C:\Users\Phil\AppData\Roaming\Tem\TemWebRTCPlugin\0.8.874\npTemWebRTCPlugin.dll [2016-06-27] (Temasys) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.de/ CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM024XHN-M101MBB_S30YJ9EG212330" CHR Profile: C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default [2017-01-26] CHR Extension: (Google Präsentationen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-13] CHR Extension: (Google Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13] CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13] CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13] CHR Extension: (Google-Suche) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13] CHR Extension: (Avast SafePrice) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-27] CHR Extension: (Google Tabellen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-13] CHR Extension: (Google Docs Offline) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-11] CHR Extension: (Avast Online Security) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-27] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23] CHR Extension: (Google Mail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13] CHR Extension: (Chrome Media Router) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-27] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdBlockerService; C:\Program Files (x86)\AdBlocker\AdBlockerService.exe [8192 2016-09-30] () [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-11] (Digital Wave Ltd.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-20] (Lenovo(beijing) Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [269192 2014-06-16] () R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] () R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-03-20] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-08] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-08] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-08] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-08] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-08] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-08] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation) S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-26] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation) S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S3 dbx; system32\DRIVERS\dbx.sys [X] S3 KMDFVirtualKbd; \SystemRoot\System32\drivers\KMDFVirtualKbd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-26 13:12 - 2017-01-26 13:14 - 00028907 _____ C:\Users\Phil\Downloads\FRST.txt 2017-01-26 13:11 - 2017-01-26 13:12 - 00000000 ____D C:\FRST 2017-01-26 13:10 - 2017-01-26 13:11 - 02420736 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe 2017-01-26 10:57 - 2017-01-26 10:57 - 00000000 ____D C:\Users\Phil\AppData\LocalLow\uTorrent 2017-01-26 10:36 - 2017-01-26 10:36 - 03988944 _____ C:\Users\Phil\Downloads\AdwCleaner_6.042.exe 2017-01-26 10:36 - 2017-01-26 10:36 - 01889232 _____ (Malwarebytes ) C:\Users\Phil\Downloads\mbae-setup-1.09.1.1291.exe 2017-01-24 17:35 - 2017-01-24 17:35 - 00003114 _____ C:\WINDOWS\System32\Tasks\{193D157F-7060-41D6-B6C9-D147DFFB5D27} 2017-01-19 19:03 - 2017-01-19 19:03 - 00000000 ____D C:\Users\Phil\Downloads\Zoey 101 Music Mix 2017-01-15 01:18 - 2017-01-25 02:23 - 00000000 ____D C:\Users\Phil\Downloads\Ultrasound (Pack2)11-30 2017-01-14 15:39 - 2017-01-14 15:39 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files 2017-01-09 04:20 - 2017-01-25 02:18 - 00000000 ____D C:\Users\Phil\Downloads\Hell's UltraSounds Special 2017-01-09 00:50 - 2017-01-25 01:43 - 00000000 ____D C:\Users\Phil\Downloads\UltraTraxx Rare Remixes (PACK1)1-10 2017-01-08 18:09 - 2017-01-08 23:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-01-08 13:21 - 2017-01-14 22:49 - 00000000 ____D C:\Users\Phil\Downloads\DJ Bourg - La Grande Retrospective Musicale Del´Annee (Yearmix 2016) 2017-01-04 06:28 - 2017-01-22 14:48 - 00000000 ____D C:\Users\Phil\Desktop\Neuer Ordner (2) 2017-01-03 02:53 - 2017-01-03 12:44 - 00000000 ____D C:\Users\Phil\AppData\Roaming\avidemux 2017-01-03 00:50 - 2017-01-26 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits) 2017-01-02 17:48 - 2017-01-02 17:48 - 00001149 _____ C:\Users\Phil\Desktop\MediathekView.lnk 2017-01-02 16:58 - 2017-01-02 16:58 - 09545308 _____ (XMedia Recode ) C:\Users\Phil\Downloads\XMediaRecode3358_setup.exe 2017-01-02 16:58 - 2017-01-02 16:58 - 00001086 _____ C:\Users\Public\Desktop\XMedia Recode.lnk 2017-01-02 16:58 - 2017-01-02 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 2017-01-02 16:53 - 2017-01-02 16:53 - 00000000 ____D C:\Users\Phil\Documents\NeroVideo 2017-01-02 15:40 - 2017-01-02 16:53 - 00000000 ____D C:\Users\Phil\AppData\Local\Nero 2017-01-02 15:40 - 2017-01-02 15:40 - 00000000 ____D C:\Users\Phil\AppData\Local\Nero_AG 2017-01-02 14:13 - 2017-01-02 14:13 - 00000000 ____D C:\Users\Phil\AppData\Local\RapidSolution 2017-01-02 14:12 - 2017-01-02 14:12 - 00000000 ____D C:\ProgramData\simplitec 2017-01-02 14:09 - 2017-01-02 14:09 - 00002929 _____ C:\Users\Public\Desktop\Nero 2017.lnk 2017-01-02 14:03 - 2017-01-26 10:46 - 00000000 ____D C:\Program Files (x86)\Nero 2017-01-02 14:03 - 2017-01-02 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017 2017-01-02 14:02 - 2017-01-26 10:11 - 00000000 ____D C:\ProgramData\Nero 2017-01-02 14:02 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2017-01-02 14:02 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2017-01-02 14:02 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2017-01-02 13:55 - 2017-01-02 16:54 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Nero 2017-01-02 13:55 - 2017-01-02 13:55 - 03065512 _____ (Nero AG) C:\Users\Phil\Downloads\Nero2017-1.10.0.6_stub_trial.exe 2017-01-02 13:55 - 2017-01-02 13:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero 2017-01-02 13:35 - 2017-01-02 13:35 - 37762752 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper(1).exe 2017-01-02 13:30 - 2017-01-02 13:31 - 37762752 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper.exe 2017-01-02 13:24 - 2017-01-02 13:24 - 00001924 _____ C:\Users\Phil\Desktop\Magic DVD Ripper.lnk 2017-01-02 13:24 - 2017-01-02 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic DVD Ripper 2017-01-02 13:24 - 2017-01-02 13:24 - 00000000 ____D C:\ProgramData\MagicSoftware 2017-01-02 13:23 - 2017-01-02 13:24 - 00000000 ____D C:\Program Files (x86)\MagicDVDRipper 2017-01-02 13:23 - 2017-01-02 13:23 - 06287268 _____ (Magic DVD Software, Inc. ) C:\Users\Phil\Downloads\MagicDVDRipper800.exe 2017-01-02 13:23 - 2017-01-02 13:23 - 00000000 ____D C:\Users\Phil\AppData\Local\MagicSoftware 2017-01-02 13:17 - 2017-01-02 13:17 - 00001353 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk 2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Digiarty 2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty 2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\Program Files (x86)\Digiarty 2017-01-02 13:16 - 2017-01-02 13:17 - 37767416 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper-pt.exe 2017-01-01 23:08 - 2017-01-01 23:08 - 12951333 _____ C:\Users\Phil\Downloads\Follow Me.zip 2016-12-29 19:19 - 2016-12-30 16:55 - 07773553 _____ C:\Users\Phil\Desktop\19 Sandmann's Dummies feat. Die Olsenbande - Mächtig gewaltig (Radio Edit).mp3 2016-12-29 17:13 - 2016-12-30 12:11 - 00001923 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk 2016-12-29 17:09 - 2016-12-29 17:09 - 00000000 ____D C:\Users\Phil\AppData\Local\WinZip 2016-12-29 17:09 - 2016-12-29 17:09 - 00000000 ____D C:\ProgramData\UniqueId 2016-12-29 17:08 - 2016-12-29 17:44 - 00000000 ____D C:\Program Files\WinZip 2016-12-29 17:08 - 2016-12-29 17:09 - 00000000 ____D C:\ProgramData\WinZip 2016-12-29 17:08 - 2016-12-29 17:08 - 00000000 ____D C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C2410B.TMP 2016-12-28 20:13 - 2016-12-29 17:09 - 1887817728 _____ C:\Users\Phil\Downloads\Emo_Twinks_2.avi 2016-12-27 08:59 - 2016-12-28 18:51 - 2198378496 _____ C:\Users\Phil\Downloads\Gay Porn - [Saggerz Skaterz] Emo Twinks.avi ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-26 13:13 - 2016-09-17 20:22 - 00000000 ____D C:\Users\Phil\AppData\Roaming\uTorrent 2017-01-26 13:05 - 2016-11-20 12:29 - 00000000 ____D C:\Users\Phil\AppData\LocalLow\Mozilla 2017-01-26 12:59 - 2015-12-03 22:35 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Skype 2017-01-26 12:56 - 2015-11-22 19:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-26 12:32 - 2015-11-28 00:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-26 12:10 - 2016-02-26 13:57 - 00000000 ____D C:\Users\Phil\Knuddels-Stapp 2017-01-26 11:32 - 2015-11-13 19:35 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-18176717-516900863-2037645015-1001 2017-01-26 11:04 - 2015-03-20 19:21 - 00000000 ____D C:\ProgramData\LU 2017-01-26 11:03 - 2015-11-13 12:37 - 00001275 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk 2017-01-26 11:00 - 2015-03-21 01:53 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-26 11:00 - 2015-03-21 01:53 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-26 11:00 - 2014-03-18 10:53 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-26 11:00 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2017-01-26 10:59 - 2016-01-27 21:41 - 00000000 ____D C:\Users\Phil\AppData\Local\Spotify 2017-01-26 10:59 - 2016-01-27 21:40 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Spotify 2017-01-26 10:55 - 2015-11-13 19:28 - 00000000 ____D C:\Users\Phil 2017-01-26 10:53 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-26 10:50 - 2015-12-04 14:21 - 00000306 __RSH C:\ProgramData\ntuser.pol 2017-01-26 10:46 - 2013-08-22 15:44 - 00721840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-26 10:46 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-01-26 10:45 - 2015-03-20 18:59 - 00004608 _____ C:\WINDOWS\system32\VfService.trf 2017-01-26 10:26 - 2016-03-06 15:44 - 00000000 ____D C:\Users\Phil\AppData\Local\Overwolf 2017-01-26 10:23 - 2015-03-20 19:10 - 00000000 ____D C:\Program Files\Lenovo PhoneCompanion 2017-01-26 10:23 - 2015-03-20 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-01-26 10:21 - 2015-11-29 23:22 - 00000000 ____D C:\Program Files (x86)\AVS4YOU 2017-01-26 10:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Branding 2017-01-26 10:10 - 2015-03-20 19:13 - 00000000 ____D C:\ProgramData\Energy Manager 2017-01-26 01:27 - 2015-11-13 14:34 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mp3tag 2017-01-26 01:25 - 2015-11-28 00:34 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2017-01-26 01:25 - 2015-11-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-01-26 01:25 - 2015-11-28 00:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2017-01-25 22:25 - 2015-11-14 00:11 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Audacity 2017-01-25 12:06 - 2015-12-21 14:18 - 00162304 ___SH C:\Users\Phil\Desktop\Thumbs.db 2017-01-25 12:00 - 2016-11-05 12:28 - 00000000 ____D C:\Program Files (x86)\AdBlocker 2017-01-25 11:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-25 10:15 - 2016-10-23 13:52 - 00000000 ____D C:\Users\Phil\AppData\Local\JDownloader v2.0 2017-01-25 10:13 - 2016-03-13 01:15 - 00000000 ____D C:\Users\Phil\AppData\Roaming\vlc 2017-01-25 01:20 - 2016-12-17 14:30 - 00003180 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-25 01:20 - 2016-04-26 01:39 - 00002366 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2017-01-25 01:20 - 2016-01-03 15:19 - 00003188 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-18176717-516900863-2037645015-1001 2017-01-18 16:19 - 2016-09-08 23:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\spek 2017-01-17 05:29 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-17 05:27 - 2015-03-20 18:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-01-15 23:06 - 2015-11-13 16:26 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2017-01-15 22:38 - 2016-03-06 15:45 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TS3Client 2017-01-14 15:38 - 2016-09-12 00:04 - 00001421 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2017-01-14 15:38 - 2016-07-04 16:45 - 00001358 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2017-01-14 15:38 - 2016-07-04 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2017-01-14 15:38 - 2016-07-04 16:44 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2017-01-14 15:32 - 2016-07-04 16:44 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft 2017-01-14 00:31 - 2015-12-03 22:35 - 00000000 ____D C:\ProgramData\Skype 2017-01-13 14:15 - 2016-03-13 01:16 - 00000000 ____D C:\Users\Phil\AppData\Roaming\dvdcss 2017-01-12 00:52 - 2015-11-20 22:07 - 00000000 ____D C:\ProgramData\Oracle 2017-01-12 00:51 - 2016-03-06 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-12 00:51 - 2016-03-06 18:11 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-12 00:50 - 2016-03-06 18:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-11 22:51 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-11 17:18 - 2016-02-26 13:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-11 17:17 - 2015-11-15 03:35 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-11 17:11 - 2015-11-15 03:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-10 11:56 - 2015-11-22 19:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-01-10 11:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-10 11:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-09 01:08 - 2016-11-25 00:13 - 00000000 ____D C:\Users\Phil\Downloads\UTR144 2017-01-07 10:12 - 2015-11-14 21:50 - 01407488 ___SH C:\Users\Phil\Documents\Thumbs.db 2017-01-06 20:53 - 2016-12-13 22:52 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Sony 2017-01-06 00:34 - 2015-11-15 01:56 - 01823232 ___SH C:\Users\Phil\Downloads\Thumbs.db 2017-01-05 16:32 - 2016-12-23 16:01 - 00000000 ____D C:\Users\Phil\Desktop\DDRock 2017-01-05 16:26 - 2015-11-27 21:07 - 00000000 ___RD C:\Users\Phil\dwhelper 2017-01-05 07:02 - 2016-04-18 22:06 - 00000000 ____D C:\Users\Phil\Desktop\Neuer Ordner (3) 2017-01-02 20:49 - 2016-04-25 14:34 - 00000000 ____D C:\Users\Phil\MediathekView 2017-01-02 18:34 - 2016-04-25 14:32 - 00000000 ____D C:\Users\Phil\.mediathek3 2017-01-02 16:58 - 2016-07-13 19:10 - 00000000 ____D C:\Program Files (x86)\XMedia Recode 2017-01-02 14:12 - 2015-03-20 18:16 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-01 18:41 - 2016-01-09 11:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-01-01 18:36 - 2016-07-18 21:09 - 00000000 ____D C:\Users\Phil\.legitmix 2016-12-30 12:12 - 2016-09-02 18:51 - 00002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk 2016-12-30 12:12 - 2016-05-20 18:08 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-12-30 12:12 - 2016-05-12 20:20 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-12-30 12:12 - 2016-05-01 14:52 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2016-12-30 12:12 - 2016-05-01 14:52 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2016-12-30 12:12 - 2016-02-26 13:57 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels Standalone.lnk 2016-12-30 12:12 - 2016-02-26 13:53 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-12-30 12:12 - 2016-01-07 18:43 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-12-30 12:12 - 2016-01-03 15:11 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-12-30 12:12 - 2015-12-19 17:01 - 00001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disketch CD-Beschriftungssoftware.lnk 2016-12-30 12:12 - 2015-12-07 18:27 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-12-30 12:12 - 2015-12-03 01:28 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2016-12-30 12:12 - 2015-11-20 22:09 - 00001346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk 2016-12-30 12:12 - 2015-11-14 00:11 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-12-30 12:12 - 2015-03-20 18:56 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk 2016-12-30 12:11 - 2016-09-13 21:45 - 00001849 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-12-30 12:11 - 2016-09-04 13:37 - 00001068 _____ C:\Users\Public\Desktop\eMuleTorrent.lnk 2016-12-30 12:11 - 2016-09-02 18:54 - 00002057 _____ C:\Users\Public\Desktop\FL Studio 11.lnk 2016-12-30 12:11 - 2016-07-12 05:40 - 00001004 _____ C:\Users\Public\Desktop\ManyCam.lnk 2016-12-30 12:11 - 2016-07-04 16:45 - 00001360 _____ C:\Users\Public\Desktop\Free DVD Video Converter.lnk 2016-12-30 12:11 - 2016-06-15 14:10 - 00000992 _____ C:\Users\Public\Desktop\Winamp.lnk 2016-12-30 12:11 - 2016-05-25 20:17 - 00001001 _____ C:\Users\Public\Desktop\Bandicam.lnk 2016-12-30 12:11 - 2016-05-20 18:08 - 00001186 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-12-30 12:11 - 2016-05-12 20:20 - 00001210 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2016-12-30 12:11 - 2016-03-13 01:15 - 00000936 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-12-30 12:11 - 2016-03-06 15:43 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2016-12-30 12:11 - 2016-02-27 02:35 - 00000992 _____ C:\Users\Public\Desktop\Mp3tag.lnk 2016-12-30 12:11 - 2016-02-26 13:53 - 00001160 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-12-30 12:11 - 2016-02-14 22:48 - 00000303 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk 2016-12-30 12:11 - 2016-02-09 04:11 - 00001030 _____ C:\Users\Public\Desktop\SoulseekQt.lnk 2016-12-30 12:11 - 2016-01-07 18:43 - 00002200 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-30 12:11 - 2015-12-26 12:22 - 00000980 _____ C:\Users\Public\Desktop\CDex.lnk 2016-12-30 12:11 - 2015-12-19 17:01 - 00001197 _____ C:\Users\Public\Desktop\Disketch CD-Beschriftungssoftware.lnk 2016-12-30 12:11 - 2015-12-07 18:27 - 00000976 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-12-30 12:11 - 2015-12-03 22:35 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk 2016-12-30 12:11 - 2015-11-14 00:11 - 00001020 _____ C:\Users\Public\Desktop\Audacity.lnk 2016-12-30 12:11 - 2015-11-13 19:30 - 00001457 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-12-30 12:11 - 2015-11-13 19:28 - 00000469 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-12-30 12:11 - 2015-11-13 19:28 - 00000467 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-12-30 12:11 - 2015-11-13 16:27 - 00001987 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-12-30 12:10 - 2016-12-13 22:59 - 00001566 _____ C:\Users\Phil\Desktop\vegas130.exe - Verknüpfung.lnk 2016-12-30 12:10 - 2016-10-23 13:55 - 00002164 _____ C:\Users\Phil\Desktop\JDownloader 2.lnk 2016-12-30 12:10 - 2016-09-17 20:31 - 00002675 _____ C:\Users\Phil\Desktop\µTorrent.lnk 2016-12-30 12:10 - 2016-09-13 21:45 - 00001863 _____ C:\Users\Phil\Desktop\Spotify.lnk 2016-12-30 12:10 - 2016-09-12 00:05 - 00002307 _____ C:\Users\Phil\Desktop\Chromium.lnk 2016-12-30 12:10 - 2016-09-02 18:54 - 00001157 _____ C:\Users\Phil\Desktop\ASIO4ALL v2 Instruction Manual.lnk 2016-12-30 12:10 - 2016-07-09 03:40 - 00000000 ____D C:\Program Files (x86)\eMuleTorrent 2016-12-30 12:10 - 2016-06-08 21:17 - 00001933 _____ C:\Users\Phil\Desktop\DVD Flick.lnk 2016-12-30 12:10 - 2016-05-21 13:14 - 00002190 _____ C:\Users\Phil\Desktop\InstagramDownloader - CHIP Downloader.lnk 2016-12-30 12:10 - 2016-03-06 16:28 - 00001899 _____ C:\Users\Phil\Desktop\Knuddels.lnk 2016-12-30 12:10 - 2016-02-26 13:57 - 00002114 _____ C:\Users\Phil\Desktop\Knuddels Standalone.lnk 2016-12-30 12:10 - 2016-02-14 22:48 - 00000367 _____ C:\Users\Phil\Desktop\Heimnetzgruppe - Verknüpfung.lnk 2016-12-30 12:10 - 2016-01-25 01:44 - 00002326 _____ C:\Users\Phil\Desktop\Chrome App Launcher.lnk 2016-12-30 12:10 - 2015-12-19 18:36 - 00001265 _____ C:\Users\Phil\Desktop\Professional Label Software SE.lnk 2016-12-30 12:10 - 2015-12-04 14:20 - 00001086 _____ C:\Users\Phil\Desktop\Format Factory.lnk 2016-12-30 12:10 - 2015-11-25 01:03 - 00001098 _____ C:\Users\Phil\Desktop\Free Alarm Clock.lnk 2016-12-30 12:10 - 2015-11-22 16:12 - 00001901 _____ C:\Users\Phil\Desktop\eMuleTorrent.lnk 2016-12-30 12:10 - 2015-11-13 15:18 - 00001045 _____ C:\Users\Phil\Desktop\VirtualDJ 8.lnk 2016-12-30 12:10 - 2015-11-13 13:53 - 00000424 _____ C:\Users\Phil\Desktop\Arbeitssplatz.lnk 2016-12-29 19:24 - 2015-11-13 12:35 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{07652670-E09D-4463-9537-7A223D22B87F} 2016-12-27 09:54 - 2016-11-06 15:51 - 00000002 _____ C:\END ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-04-25 14:31 - 2016-04-25 14:31 - 37860047 _____ () C:\Program Files (x86)\MediathekView_v11.zip 2015-03-20 18:09 - 2015-03-20 18:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-02-25 11:50 - 2016-02-25 11:50 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Phil\FFInstOnline.exe Einige Dateien in TEMP: ==================== 2016-10-23 13:51 - 2016-10-23 13:51 - 0079736 _____ (AppWork GmbH) C:\Users\Phil\AppData\Local\Temp\131217006643445404.exe 2016-11-05 12:28 - 2016-11-05 12:28 - 0789384 _____ (StarkIndastri ) C:\Users\Phil\AppData\Local\Temp\adblocker.exe 2017-01-11 17:57 - 2017-01-11 17:57 - 0737856 _____ (Oracle Corporation) C:\Users\Phil\AppData\Local\Temp\jre-8u111-windows-au.exe 2017-01-02 14:01 - 2014-10-29 02:58 - 1040384 _____ (Microsoft Corporation) C:\Users\Phil\AppData\Local\Temp\kernel32.dll 2017-01-02 14:12 - 2017-01-02 14:12 - 13748240 _____ (Nero AG ) C:\Users\Phil\AppData\Local\Temp\Nero TuneItUp_2.4.6.195.exe 2017-01-25 10:14 - 2017-01-25 10:14 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole3593948613513437771.dll 2017-01-25 10:14 - 2017-01-25 10:14 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole4390557319286301889.dll 2017-01-25 10:15 - 2017-01-25 10:15 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole8904135303260292371.dll 2016-12-08 19:21 - 2016-12-08 19:21 - 13983608 _____ (Google Inc.) C:\Users\Phil\AppData\Local\Temp\{666FA83C-87B4-4B82-AE2A-B39D28AF21CE}-55.0.2883.87_54.0.2840.99_chrome_updater.exe 2016-10-20 10:07 - 2016-10-20 10:07 - 44295032 _____ (Google Inc.) C:\Users\Phil\AppData\Local\Temp\{F4FD0A43-4C2F-4119-8D94-E24462144B88}-54.0.2840.71_chrome_installer.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-21 05:08 ==================== Ende von FRST.txt ============================ |
|
26.01.2017, 13:20
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Gab es denn nie irgendwelche Funde?
__________________ --> nova.rambler.ru nicht entfernbar |
|
26.01.2017, 13:21
| #7 |
| | nova.rambler.ru nicht entfernbar Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01
durchgeführt von Phil (26-01-2017 13:15:13)
Gestartet von C:\Users\Phil\Downloads
Windows 8.1 (Update) (X64) (2015-11-13 18:28:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-18176717-516900863-2037645015-500 - Administrator - Disabled)
Gast (S-1-5-21-18176717-516900863-2037645015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-18176717-516900863-2037645015-1003 - Limited - Enabled)
Phil (S-1-5-21-18176717-516900863-2037645015-1001 - Administrator - Enabled) => C:\Users\Phil
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
AdBlocker (HKLM-x32\...\{708B2796-B19A-4BEE-BA20-6051D8B3F8D8}_is1) (Version: 1.0.0.2 - StarkIndastri) <==== ACHTUNG
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.4.1036 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.80.0.2016 - Georgy Berdyshev)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.0 - Conexant)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Disketch CD-Beschriftungssoftware (HKLM-x32\...\Disketch) (Version: 3.34 - NCH Software)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
eMule (HKLM-x32\...\eMule1.0.0.9) (Version: 1.0.0.9 - eMule)
eMuleTorrent (HKLM-x32\...\eMuleTorrent) (Version: 1.0.0.22 - eMule.com)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Energy Manager (x32 Version: 1.5.0.21 - Lenovo) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.31.109 - Digital Wave Ltd)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Knuddels Standalone App (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Knuddels Standalone App ) (Version: "2015.12.6.0" - "Knuddels Standalone App")
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{891BDB32-6BA9-46EC-826C-324125B10A18}) (Version: 2.5.001.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo Updates (x32 Version: 1.0.0.65 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo)
Magic DVD Ripper V8.0.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version: - Magic DVD Software, Inc.)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.3.0 (HKLM-x32\...\ManyCam) (Version: 5.3.0 - Visicom Media Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Music Recorder (x32 Version: 18.001.2 - Nero AG) Hidden
Nero 2017 (HKLM-x32\...\{18625598-62C3-4DBF-B1AA-3BD27395F7F5}) (Version: 18.0.05900 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Sigel Professional Label Software SE (HKLM-x32\...\Sigel Professional Label Software SE) (Version: - )
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SoulseekQt Version 2016.1.24 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2016.1.24 - Soulseek LLC)
Spotify (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Start Menu (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TemWebRTCPlugin (HKLM-x32\...\{C99BE9E3-2401-4832-8342-C5BF190CFFBD}) (Version: 0.8.874 - Temasys)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VirtualDJ 8 (HKLM-x32\...\{24F8CB37-888B-41E6-B119-CDC3F5075F57}) (Version: 8.0.2483.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Color Themes Pack 2.3 (HKLM-x32\...\Winamp Color Themes Pack) (Version: 2.3 - Paweł Porwisz)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.18 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
WinZip (HKLM\...\WinZip) (Version: 21.0 (12288g) - 64-bit - WinZip Computing, S.L.)
XMedia Recode Version 3.3.5.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.8 - XMedia Recode)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-18176717-516900863-2037645015-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {40E66640-5CBE-4A4D-ABB7-0693E786F733} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {470CDF8B-5BD2-40B9-A6C4-B32FA1C48418} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-06-16] ()
Task: {4CF12A74-BD27-415B-92A8-0058E3143274} - System32\Tasks\SafeZone scheduled Autoupdate 1463764111 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {80D49A7D-D979-42BD-8764-E6E7CEBF29BD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)
Task: {8FB164E5-A65A-4FED-9F42-4522A7410C51} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG)
Task: {A628A5FF-2AB3-47BB-A3B8-974419058355} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-06-16] (Lenovo)
Task: {A6603B27-FA9B-4561-9786-A4AA54DD8D00} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {AA5AF9C6-2DFC-4834-ACDD-52539C91F433} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {ABE58FA7-260F-4A64-A57C-76675C37B704} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-06-16] ()
Task: {B4FCEBDC-7CB4-4299-A017-8E336CC60CE5} - System32\Tasks\{60DAB822-9A31-4A47-B237-1C9C7C366EB7} => pcalua.exe -a C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.exe -c -FN="C:\Users\Phil\AppData\Roaming\{425374E8-6701-199E-0C37-3E4CD0E5C372}\SynHelper.exe"-P=/Uninstall /s /noun /DelSelfDir
Task: {B8F930AB-7233-4100-9E69-7F044362CC09} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {BD25C5B0-A208-41CB-90C1-1E33E869A8CB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {BEE7DC85-4E5F-4DE8-994D-13904180BBCE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-06-16] (Lenovo)
Task: {C75F2EDE-EF6C-469C-B00A-AD9F14EEF8BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {D015B755-443A-4750-B246-889689F6070A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {D20E2376-FF23-4FB2-81B8-92633D0451CB} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {D9ACE840-8FD0-4D5C-9998-C6C285EE8617} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-06-16] (Lenovo)
Task: {E56D9C13-A831-4752-87FE-AC61563EA26A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {E85B910E-DC16-4F6D-8EE6-EF0F31276C68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {E8686384-FBD2-488F-B736-6E5E321059B1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-24] (AVAST Software)
Task: {EA186686-B843-446E-AD1E-3E915A9069D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {FFB80839-9851-4032-910F-19996086BFA4} - System32\Tasks\{193D157F-7060-41D6-B6C9-D147DFFB5D27} => pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Phil\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\2to3.lnk -> C:\Program Files (x86)\eMule\python\Scripts\2to3.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze-postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze-postinstall.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze-quickstart.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze-quickstart.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cygdb-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cygdb-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cython-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cython-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\easy_install-2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\easy_install-2.7-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\easy_install-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\easy_install-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\epylint-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\epylint-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\f2py.lnk -> C:\Program Files (x86)\eMule\python\Scripts\f2py.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\guidata-tests.lnk -> C:\Program Files (x86)\eMule\python\Scripts\guidata-tests.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\guiqwt-tests.lnk -> C:\Program Files (x86)\eMule\python\Scripts\guiqwt-tests.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\idle.lnk -> C:\Program Files (x86)\eMule\python\Lib\idlelib\idle.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcluster-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcluster-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcluster2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcluster2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcontroller-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcontroller-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcontroller2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcontroller2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipengine-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipengine-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipengine2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipengine2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\iptest-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\iptest-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\iptest2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\iptest2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython_win_post_install.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython_win_post_install.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\isympy.lnk -> C:\Program Files (x86)\eMule\python\Scripts\isympy.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\miniterm.lnk -> C:\Program Files (x86)\eMule\python\Scripts\miniterm.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\nosetests-2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\nosetests-2.7-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\nosetests-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\nosetests-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilconvert.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilconvert.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pildriver.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pildriver.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilfile.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilfile.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilfont.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilfont.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilprint.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilprint.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip2-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip2.7-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pt2to3.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pt2to3.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ptdump.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ptdump.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ptrepack.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ptrepack.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pygmentize-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pygmentize-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pylint-gui-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pylint-gui-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pylint-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pylint-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyreverse-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyreverse-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyside-uic-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyside-uic-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyside_postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyside_postinstall.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pytest.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pytest.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyuic4.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyuic4.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pywin32_postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pywin32_postinstall.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pywin32_testall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pywin32_testall.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\register_python.lnk -> C:\Program Files (x86)\eMule\python\Scripts\register_python.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2html.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2html.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2latex.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2latex.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2man.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2man.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2odt.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2odt.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2odt_prepstyles.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2odt_prepstyles.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2pdf-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2pdf-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2pseudoxml.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2pseudoxml.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2s5.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2s5.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2xetex.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2xetex.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2xml.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2xml.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rstpep2html.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rstpep2html.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\runxlrd.lnk -> C:\Program Files (x86)\eMule\python\Scripts\runxlrd.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sift.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sift.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\skivi-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\skivi-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-apidoc-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-apidoc-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-autogen-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-autogen-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-build-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-build-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-quickstart-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-quickstart-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\spyder.lnk -> C:\Program Files (x86)\eMule\python\Scripts\spyder.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\spyder_win_post_install.lnk -> C:\Program Files (x86)\eMule\python\Scripts\spyder_win_post_install.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\symilar-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\symilar-script.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttffamily.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttffamily.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttffiles.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttffiles.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttfgroups.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttfgroups.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttfmetadata.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttfmetadata.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttx.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttx.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\vitables.lnk -> C:\Program Files (x86)\eMule\python\Scripts\vitables.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\wpcp.lnk -> C:\Program Files (x86)\eMule\python\Scripts\wpcp.bat ()
Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\wppm.lnk -> C:\Program Files (x86)\eMule\python\Scripts\wppm.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-05 12:28 - 2016-09-30 14:57 - 00008192 _____ () C:\Program Files (x86)\AdBlocker\AdBlockerService.exe
2016-11-05 12:28 - 2016-09-30 14:57 - 00020992 _____ () C:\Program Files (x86)\AdBlocker\Service.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-20 19:04 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-03-20 18:59 - 2015-03-20 18:59 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2015-03-20 18:59 - 2015-03-20 18:59 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2015-03-20 18:10 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 12:50 - 2015-03-20 19:13 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2016-09-08 19:01 - 2016-09-08 19:01 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-25 22:09 - 2017-01-25 22:09 - 04459096 _____ () C:\Program Files\AVAST Software\Avast\defs\17012501\algo.dll
2016-09-08 19:01 - 2016-09-08 19:01 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-04 16:44 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-07-04 16:44 - 2017-01-09 13:21 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-07-04 16:44 - 2017-01-09 13:21 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-07-04 16:44 - 2017-01-09 13:21 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-03-20 18:04 - 2013-09-16 20:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-01 10:23 - 2014-10-01 10:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 10:25 - 2014-10-01 10:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2016-01-27 21:41 - 2016-12-24 23:07 - 51777648 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libcef.dll
2016-07-01 17:55 - 2016-07-01 17:55 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-27 21:41 - 2016-12-24 23:07 - 01803888 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libglesv2.dll
2016-01-27 21:41 - 2016-12-24 23:07 - 00086128 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Phil\Desktop\WhatsApp Dateien:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\legitmix.com -> hxxp://legitmix.com
IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\legitmix.com -> hxxps://legitmix.com
IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2017-01-24 17:36 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-18176717-516900863-2037645015-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8F605078-005D-4DC5-A10D-B87DE090F774}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0ABB12FD-972F-4F46-888A-EFA87B67B5DE}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{AAD13B89-887B-4C12-BDE9-5720B07F8BBF}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{0A2B8231-409E-48C8-B782-F4F073536A16}] => C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{FFB78175-BC32-4E85-A1FE-E9064D1510A5}] => LPort=55100
FirewallRules: [{FD31D86F-94A8-4509-97BA-9D7ADAA7BEDE}] => C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{17C6CBD5-073D-41B7-ADDA-D2F9F8CE99DC}C:\program files (x86)\soulseekqt\soulseekqt.exe] => C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{06B28F46-83A7-4F61-9A6D-992E818B7BD0}C:\program files (x86)\soulseekqt\soulseekqt.exe] => C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [TCP Query User{E0352B13-293E-4232-A83E-1353ED449049}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [UDP Query User{40B4F400-7801-4487-8FB1-F7723A52ECB1}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [TCP Query User{6F5E588D-5F4F-4BF4-BE77-24E323916910}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9B301A12-0DB6-4A94-97A8-2F67A28E938A}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8F7D71DA-8DBD-426A-88DD-68E5F4DD91C8}C:\users\phil\ffinstonline.exe] => C:\users\phil\ffinstonline.exe
FirewallRules: [UDP Query User{B5A0A261-67A6-4D29-9CF6-28260220678A}C:\users\phil\ffinstonline.exe] => C:\users\phil\ffinstonline.exe
FirewallRules: [{9324FCA9-2DF4-4E7A-A73D-69382856AC94}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{38740415-2326-493E-9E4A-639B9C612792}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{2C94930F-FA8F-44D0-998C-66323562CACD}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{0B138151-A7C0-4B98-9425-C197314CAB81}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{D2831A16-2999-480C-9873-637569F2720B}] => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{1630DD38-72A7-4432-8E99-32582FF55BC8}] => C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{BD541C52-A539-4331-B4D9-E6F6D14516A3}] => C:\Program Files (x86)\PicosmosTools\PTInstOnline.exe
FirewallRules: [TCP Query User{995EC91A-01E1-43D9-AD11-0748CDFAC633}C:\program files (x86)\virtualdj\virtualdj8.exe] => C:\program files (x86)\virtualdj\virtualdj8.exe
FirewallRules: [UDP Query User{E5E4FE9A-EA9E-4CFE-83CC-E1CF22ECD777}C:\program files (x86)\virtualdj\virtualdj8.exe] => C:\program files (x86)\virtualdj\virtualdj8.exe
FirewallRules: [{1EF525F1-79B7-431B-9809-8B937BBAE3D6}] => C:\Users\Phil\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A5C72B30-C526-4B97-8CB7-B273393E4068}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77B5948B-1919-4612-89F7-7640B9BA22E5}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B207B076-B451-4D3B-B9E1-89354CF8F3FB}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{466C2EF2-2010-4D66-AFE4-412CD106DBE0}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{365E860F-402A-4301-98B8-56F1C083614B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E7388C48-896A-4FF1-A9F3-C45F24BE7F99}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{906E6A30-769C-4470-A62D-074C2055BF22}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5C8DA653-3099-4BC2-81FD-414919F04185}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A53420E2-F57D-4F0E-A4C8-4224171D5B93}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe
FirewallRules: [UDP Query User{CB235FE2-B114-4E22-88C0-2F35A427E822}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe
FirewallRules: [TCP Query User{D0ED129F-5F02-4103-B196-7F80823E8454}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe
FirewallRules: [UDP Query User{6732C4BF-549A-44EE-8DA8-572001DBB525}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe
FirewallRules: [TCP Query User{6CAE1EAA-F677-4CB0-B12A-EC20431FC68B}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{31BC8797-BAAC-49DC-B7EB-148F70105E57}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe
FirewallRules: [{72330670-BD4F-460E-800D-B1111373994A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED94A1C3-1AD6-4983-AE6C-A6205478E4D1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3EEA096F-F057-46EA-BA3F-B0EC62EEF2F5}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7D5AA269-6D70-4C0C-AF44-D589F6342B3F}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{306500C6-E0AE-4A7F-AA04-4F071AC08593}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E13CA20-EE3F-4265-B9B9-DF2BB820CF2F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6EFA119-0A27-4705-9B5B-E7DC610D36B8}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB5D4F7A-E871-48DC-80C1-0ECD55351083}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7AD15C9E-0687-49E1-B608-956E58A779D6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DAB87BB1-69DF-47BD-B56F-5F73D6A9F6B0}] => LPort=2869
FirewallRules: [{C2DBBB4F-361F-47AC-A509-227D00451385}] => LPort=1900
FirewallRules: [{FACB5F5B-FD16-4014-A923-30494D467B7F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7C55E431-D485-42FD-A55B-05D02B9E5B32}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{04743087-5FED-4992-B2FA-8F534A32D89F}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{4331A288-517E-49AA-A12E-CA5BACAC6024}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [UDP Query User{82AF5EC6-51A2-413B-ACCB-4DA8D4678B44}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [TCP Query User{92E00EC3-C210-415C-8BEA-F56BA56E15A2}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{B98D6D39-C38D-4118-8C0E-1C17C875AD39}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{A084EE50-5815-4763-8259-44275A92FF3B}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [UDP Query User{23537AAF-AC31-4869-BB8B-93801F602EA7}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe
FirewallRules: [TCP Query User{097866BD-BAC7-490B-A86B-65F02D50020F}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [UDP Query User{52D609D5-016B-48E2-91FB-411811D385CD}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [{85B9D874-370C-4DD3-808E-058491EE9129}] => C:\Users\Phil\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{35B51B49-1329-48E3-BCDA-4BE3694C27FD}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7B74F16-32AC-4A02-92DB-B941A90032D4}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A981E664-FF4A-480B-BF91-F3798DC8BF36}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4C546CE-E5D2-491C-B343-1FC7A1A313FB}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EF77C32-DEC6-43E2-9E3B-2D489B30233B}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD11F33C-9135-4539-9C88-A23BFB5CB060}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D680D83E-4396-4E2E-BBB2-E2199500F6D7}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{50D4508A-54E5-494A-AB12-543A9C23FC7A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D9050F7-2F98-4C51-916D-1BDB9664C5BB}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E5FF7175-AABC-4087-8963-531F8C78E58A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51E667D4-E220-44B9-8FF7-14AEF35183BE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{96592BF8-327D-468A-A82C-D0E0E5B92293}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{27F67796-6A32-48BA-A425-8E78EE187290}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{D304B771-FE9B-4E2A-80D5-67981E238FFB}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{E797203D-1D2D-40CD-9F05-E125BA3E23EE}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{00A0CCA6-E4F5-410C-9D23-2B9D1E97E999}] => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{DA4E765A-AA2D-4F26-A717-717E8842D405}] => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
==================== Wiederherstellungspunkte =========================
14-01-2017 00:30:25 ASU_MSI_TRAN
21-01-2017 05:36:37 Geplanter Prüfpunkt
26-01-2017 10:16:35 OpenOffice 4.1.1 wird entfernt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/26/2017 10:53:39 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (01/26/2017 10:47:23 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (01/26/2017 06:19:32 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/25/2017 12:00:11 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (01/25/2017 06:19:33 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/24/2017 11:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc015000f
Fehleroffset: 0x0009e024
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0x01d27693ee79503d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CDex\CDex.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 66530a7b-e287-11e6-82b2-f4066981efdd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/24/2017 11:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1
Name des fehlerhaften Moduls: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1
Ausnahmecode: 0x80000003
Fehleroffset: 0x0025e84a
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0x01d27693ee79503d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CDex\CDex.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\CDex\CDex.exe
Berichtskennung: 64d21f0a-e287-11e6-82b2-f4066981efdd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/24/2017 06:19:35 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/23/2017 06:19:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/22/2017 06:19:39 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (01/26/2017 10:54:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (01/26/2017 10:54:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (01/26/2017 10:52:42 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.
Error: (01/26/2017 10:53:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.01.2017 um 10:47:10 unerwartet heruntergefahren.
Error: (01/26/2017 10:45:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
Der Dienst wurde nicht gestartet.
Error: (01/26/2017 10:45:39 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2017 07:01:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AdBlockerService" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/26/2017 03:43:04 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2017 03:42:33 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/25/2017 12:00:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AdBlockerService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-09-09 03:59:42.185
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-09 01:51:43.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-09 00:46:02.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 23:43:56.870
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 23:15:21.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 22:47:23.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 22:38:40.737
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 22:31:19.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-08 22:30:28.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) 3558U @ 1.70GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 3919.29 MB
Summe virtueller Speicher: 9364.27 MB
Verfügbarer virtueller Speicher: 4777.24 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:889.82 GB) (Free:52.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:2.51 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35DA7228)
Partition: GPT.
==================== Ende von Addition.txt ============================
Nur so PUP's, die hab ich dann sofort gelöscht. |
|
26.01.2017, 13:24
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar dann auch bitte sinnigerweise die Logs MIT FUNDEN posten 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 13:27
| #9 |
| | nova.rambler.ru nicht entfernbarCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.12.2016 Suchlaufzeit: 03:58 Protokolldatei: malwarebytes-26.01.2017.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.12.30.01 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Phil Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 337497 Abgelaufene Zeit: 37 Min., 27 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 PUP.Optional.DownloadProtect, C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe, 5236, Löschen bei Neustart, [a2d7b33a811993a3df467702857b6e92] Module: 1 PUP.Optional.FusionCore, C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libmp3lame.dll, Löschen bei Neustart, [7108b23ba5f5ab8b97088fdf08f88d73], Registrierungsschlüssel: 19 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [4a2f6885b6e495a18cef55fff60c52ae], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [4a2f6885b6e495a18cef55fff60c52ae], PUP.Optional.Vondos, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, In Quarantäne, [c1b84ca1ddbd46f00f7fa79747b95fa1], PUP.Optional.WebDiscoverBrowser, HKLM\SOFTWARE\WebDiscoverBrowser, In Quarantäne, [da9f09e41486b18514743049768dc63a], PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, In Quarantäne, [c4b56489fd9d75c106a153eed0304eb2], PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [4534a04dc0dad264c6cc84170ef4936d], PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AAFCAFFA-9A80-4B23-8783-EEB754C440AF}, Löschen bei Neustart, [57223faed1c9d066510d71a540c022de], PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered locel, Löschen bei Neustart, [3841a6479cfe42f4d918c4514cb4de22], PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\LenovoBrowserGuard, In Quarantäne, [89f026c79dfd2b0bba3af4752ed2e11f], PUP.Optional.OffersOlymp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [a6d37974b5e59e987d62dfb67e82d52b], PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [bfbadc111c7e9c9a9002128923df7789], PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD, In Quarantäne, [5f1a1ad39bffe94db6f7d69446babc44], PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8ABBD5C4}, In Quarantäne, [3f3aa548f5a5b77f2cdb55390201cc34], PUP.Optional.InstallCore, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\csastats, In Quarantäne, [235675786733d26469b86c2407fcbf41], PUP.Optional.InstallCore, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\ICSW1.23, In Quarantäne, [3f3a7b727d1d83b36f9d10370af96e92], PUP.Optional.WebDiscoverBrowser, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\WebDiscoverBrowser, In Quarantäne, [6514905dc7d3082ee0a4b5c4eb18d62a], PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}, In Quarantäne, [5128cb226238fb3bae7b83c6dd23946c], PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [1267509da3f7d066d4bd1b80d131b749], PUP.Optional.ProductSetup, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\PRODUCTSETUP, In Quarantäne, [b3c6f0fde7b3f44238ec1e328b78d62a], Registrierungswerte: 18 PUP.Optional.FusionCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\DVDVIDEOSOFT\LIB\LIBMP3LAME.DLL, 3, In Quarantäne, [7108b23ba5f5ab8b97088fdf08f88d73] PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49¶m1=1¶m2=f[c4b56489fd9d75c106a153eed0304eb2]D4%26b[c4b56489fd9d75c106a153eed0304eb2]DIE%26cc[c4b56489fd9d75c106a153eed0304eb2]Dde%26pa[c4b56489fd9d75c106a153eed0304eb2]DWincy%26cd[c4b56489fd9d75c106a153eed0304eb2]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[c4b56489fd9d75c106a153eed0304eb2]D1725735817%26a[c4b56489fd9d75c106a153eed0304eb2]Dwncy_fs_15_49%26os[c4b56489fd9d75c106a153eed0304eb2]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49¶m1=1¶m2=f[a9d057963367b482aafdc57ca45cf010]D4%26b[a9d057963367b482aafdc57ca45cf010]DIE%26cc[a9d057963367b482aafdc57ca45cf010]Dde%26pa[a9d057963367b482aafdc57ca45cf010]DWincy%26cd[a9d057963367b482aafdc57ca45cf010]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[a9d057963367b482aafdc57ca45cf010]D1725735817%26a[a9d057963367b482aafdc57ca45cf010]Dwncy_fs_15_49%26os[a9d057963367b482aafdc57ca45cf010]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36¶m1=1¶m2=f[4534a04dc0dad264c6cc84170ef4936d]D4%26b[4534a04dc0dad264c6cc84170ef4936d]DIE%26cc[4534a04dc0dad264c6cc84170ef4936d]Dde%26pa[4534a04dc0dad264c6cc84170ef4936d]DWincy%26cd[4534a04dc0dad264c6cc84170ef4936d]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[4534a04dc0dad264c6cc84170ef4936d]D452713350%26a[4534a04dc0dad264c6cc84170ef4936d]Dwbf_fsvideosft_16_36%26os_ver[4534a04dc0dad264c6cc84170ef4936d]D6.3%26os[4534a04dc0dad264c6cc84170ef4936d]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AAFCAFFA-9A80-4B23-8783-EEB754C440AF}|Path, \Yahoo! Powered locel, Löschen bei Neustart, [57223faed1c9d066510d71a540c022de] PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36¶m1=1¶m2=f[bfbadc111c7e9c9a9002128923df7789]D4%26b[bfbadc111c7e9c9a9002128923df7789]DIE%26cc[bfbadc111c7e9c9a9002128923df7789]Dde%26pa[bfbadc111c7e9c9a9002128923df7789]DWincy%26cd[bfbadc111c7e9c9a9002128923df7789]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[bfbadc111c7e9c9a9002128923df7789]D452713350%26a[bfbadc111c7e9c9a9002128923df7789]Dwbf_fsvideosft_16_36%26os_ver[bfbadc111c7e9c9a9002128923df7789]D6.3%26os[bfbadc111c7e9c9a9002128923df7789]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD|Publisher, ClientConnect LTD, In Quarantäne, [5f1a1ad39bffe94db6f7d69446babc44] PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8abbd5c4}|1, 1458241516, In Quarantäne, [3f3aa548f5a5b77f2cdb55390201cc34] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{86C15C86-7EC0-4D3A-A5FD-C011E82E301B}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [1d5cbb32ecaebd7951a8830ab3508c74] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{8E3FA1BE-487E-4631-89B7-ED56BF5B16E6}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [c7b2bf2ecfcb06309168cac3b94ae31d] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{9361F888-A3BA-4570-A873-C07129A8821B}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [8fea1dd01585d95d6099e6a7937041bf] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{BA94C931-D33F-4259-A23E-145E0B5E84CF}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [047512dbf8a22511c336335a42c102fe] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{E0F197DE-4865-44F9-BFE2-68F883018A48}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [3f3a5994c6d4a88ea257f697db281fe1] PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49¶m1=1¶m2=f[5128cb226238fb3bae7b83c6dd23946c]D4%26b[5128cb226238fb3bae7b83c6dd23946c]DIE%26cc[5128cb226238fb3bae7b83c6dd23946c]Dde%26pa[5128cb226238fb3bae7b83c6dd23946c]DWincy%26cd[5128cb226238fb3bae7b83c6dd23946c]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[5128cb226238fb3bae7b83c6dd23946c]D1725735817%26a[5128cb226238fb3bae7b83c6dd23946c]Dwncy_fs_15_49%26os[5128cb226238fb3bae7b83c6dd23946c]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}|TopResultURLFallback, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49¶m1=1¶m2=f[bcbd0ce1594149edf930341520e059a7]D4%26b[bcbd0ce1594149edf930341520e059a7]DIE%26cc[bcbd0ce1594149edf930341520e059a7]Dde%26pa[bcbd0ce1594149edf930341520e059a7]DWincy%26cd[bcbd0ce1594149edf930341520e059a7]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[bcbd0ce1594149edf930341520e059a7]D1725735817%26a[bcbd0ce1594149edf930341520e059a7]Dwncy_fs_15_49%26os[bcbd0ce1594149edf930341520e059a7]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36¶m1=1¶m2=f[1267509da3f7d066d4bd1b80d131b749]D4%26b[1267509da3f7d066d4bd1b80d131b749]DIE%26cc[1267509da3f7d066d4bd1b80d131b749]Dde%26pa[1267509da3f7d066d4bd1b80d131b749]DWincy%26cd[1267509da3f7d066d4bd1b80d131b749]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[1267509da3f7d066d4bd1b80d131b749]D452713350%26a[1267509da3f7d066d4bd1b80d131b749]Dwbf_fsvideosft_16_36%26os_ver[1267509da3f7d066d4bd1b80d131b749]D6.3%26os[1267509da3f7d066d4bd1b80d131b749]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5 PUP.Optional.DownloadProtect, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_urls768, "C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe", In Quarantäne, [a2d7b33a811993a3df467702857b6e92] PUP.Optional.ProductSetup, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\PRODUCTSETUP|tb, 0K2Y1J1E2T1S2X0X0Z1S1N1C2S1G, In Quarantäne, [b3c6f0fde7b3f44238ec1e328b78d62a] Registrierungsdaten: 1 Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Gut: (8.8.8.8), Schlecht: (82.163.143.171 82.163.142.173),Ersetzt,[fe7bb13cb2e8bd79e63daa360300ac54] Ordner: 43 PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.SysTweak, C:\Users\Phil\AppData\Roaming\systweak, In Quarantäne, [64157c7165359f97efbbb7a6a65a857b], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp\simple-storage, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\_metadata, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Program Files (x86)\Offers Olymp, In Quarantäne, [96e3915c7822082e652b197daf514bb5], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\firefox@browser-security.de, In Quarantäne, [99e0bd304c4e9b9bbf206f557d83619f], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\firefox@browser-security.de\simple-storage, In Quarantäne, [99e0bd304c4e9b9bbf206f557d83619f], PUP.Optional.OpenCandy, C:\Users\Phil\AppData\Roaming\OpenCandy, In Quarantäne, [36433bb2f0aa63d3fb512752dc2642be], PUP.Optional.OpenCandy, C:\Users\Phil\AppData\Roaming\OpenCandy\7EF2F133A3EE46D2BB9B72E0E75D2AB6, In Quarantäne, [36433bb2f0aa63d3fb512752dc2642be], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security, Löschen bei Neustart, [3049a944d8c27eb81e0ba0f530d2758b], PUP.Optional.Winsere, C:\Program Files (x86)\Winsere, In Quarantäne, [7ffa38b51d7dcc6a043cc3d6cd3546ba], PUP.Optional.Winsere, C:\Program Files (x86)\Winsere\Winsere, In Quarantäne, [7ffa38b51d7dcc6a043cc3d6cd3546ba], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\4987ceef-0673-0, In Quarantäne, [de9bc22b900ad75fb75c3f5b748e7c84], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\4987ceef-6d21-1, In Quarantäne, [c4b5e805cdcd1b1b7a99326825dda957], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{073785f0-012c-0}, In Quarantäne, [78011cd1603ae94db262128806fc9c64], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{094fb846-012c-1}, In Quarantäne, [e2976f7e564471c532e2c0dac43e40c0], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{0e63db1c-512c-0}, In Quarantäne, [f98002eb6c2e95a11ef6910947bba858], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{31dfb2e4-012c-1}, In Quarantäne, [68113eaffd9d72c4858fd6c47e8449b7], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], Dateien: 128 PUP.Optional.FusionCore, C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libmp3lame.dll, Löschen bei Neustart, [7108b23ba5f5ab8b97088fdf08f88d73], Adware.FusionCore, C:\Users\Phil\AppData\Local\Microsoft\Windows\INetCache\emuletorrent.exe, In Quarantäne, [b1c85895504a72c44a5c26de6a96c53b], Trojan.Downloader, C:\Program Files (x86)\Video DVD Maker\download_codecs.exe, In Quarantäne, [0079e10c0892ff37867aeedb40c1837d], Adware.FusionCore, C:\Program Files (x86)\eMuleTorrent\eMuleTorrent.exe, In Quarantäne, [82f70de0f0aa81b5d7cff212c040817f], PUP.Optional.BundleInstaller, C:\Users\Phil\AppData\Local\Temp\13121700669229037601.exe, In Quarantäne, [4237ca236733e84e4633c240c43da25e], PUP.Optional.FusionCore, C:\Users\Phil\AppData\Local\Temp\is-KAGUD.tmp\Fusion.dll, In Quarantäne, [87f237b639616dc9a80b930d50b0df21], PUP.Optional.FusionCore, C:\Users\Phil\AppData\Local\Temp\is-UGMJI.tmp\Fusion.dll, In Quarantäne, [aecbea03fb9ff93d0ba8a9f7d32da65a], PUP.Optional.InstallCore, C:\Users\Phil\Downloads\Installer_For_Nero_Burning_Rom.exe, In Quarantäne, [3a3f8667aaf065d1b6ce1374ce33ff01], PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeDVDVideoConverter_2.0.65.823_d(1).exe, In Quarantäne, [24552bc20397082eabf4b1bdd22eaa56], PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeDVDVideoConverter_2.0.65.823_d.exe, In Quarantäne, [3148b9343f5b53e38718412d33cd3cc4], PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeYouTubeToDVDConverter_3.1.103.829_d.exe, In Quarantäne, [c8b11bd2227839fd732c36381ee29070], PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeYouTubeToMP3Converter_4.1.28.831_d.exe, In Quarantäne, [fe7ba04d910940f6ebb44e207c8457a9], PUP.Optional.Vondos, C:\Users\Phil\AppData\Roaming\Browser-Security\uninstall.exe, In Quarantäne, [c1b84ca1ddbd46f00f7fa79747b95fa1], PUP.Optional.WinYahoo, C:\Windows\System32\Tasks\Yahoo! Powered locel, In Quarantäne, [1861a04d13875ed8cc2427ee7090a060], PUP.Optional.WinYahoo, C:\Windows\Tasks\Yahoo! Powered locel.job, In Quarantäne, [6d0ca8454852f244bbb9849255abd62a], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\doso.txt, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\hdat1, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\hdat2, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\mala, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\midefe, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\doso.txt, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\aowLC, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\hdat1, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\hdat2, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\midefe, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\sXwbG, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\tote, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\@offersolymp.xpi, In Quarantäne, [d0a94e9f8317231359a5b0e4d42cf50b], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\firefox@browser-security.de.xpi, In Quarantäne, [c3b6fcf13d5d49ed8b0087dae91a6997], PUP.Optional.WinYahoo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, In Quarantäne, [c1b85e8f2c6e6fc7f1f5db9fcf3443bd], PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage, In Quarantäne, [b9c0806dd4c6191d54b3bac133d0df21], PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage-journal, In Quarantäne, [7108519cc8d20f27a265ed8e59aa8779], PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage, In Quarantäne, [4a2f717c6b2fe0561debe89326dd41bf], PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage-journal, In Quarantäne, [99e047a694069c9a4bbddf9ccc3747b9], PUP.Optional.WinYahoo, C:\Program Files (x86)\Mozilla Firefox\browser\components\mrt.js, In Quarantäne, [1c5d658852484ee8ab59a1e5fd0623dd], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\4187f8f8a43b5971a9b33d8538b5098f.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\68da72d5eb8a9b2ba5c1aa2c44169dad.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\ad71cd37b38ea225add63e29b9fa7d28.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\d0b793487b63caaa5cea4df171a0f27d.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\0a9a85550d5ce75d402429f49ea7c78f.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\0c1a4bd194c5dd89781223bdc34d64c4.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\276fb25d355538b4368f8a6a6cb93f86, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\4187f8f8a43b5971a9b33d8538b5098f.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\8f65750e2f58adcff88b41f833be1d08.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\a8840dc665557850f806576f9bd6e914.cfg, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\a8840dc665557850f806576f9bd6e914.inf, In Quarantäne, [adcc16d7108a38fea809365510f37090], PUP.Optional.DownloadProtect, C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe, Löschen bei Neustart, [a2d7b33a811993a3df467702857b6e92], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\json2.min.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\main.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp\simple-storage\store.json, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\background.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon128.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon16.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon48.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\manifest.json, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\content.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\index.html, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\main.css, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\main.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\pxl2.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\_metadata\verified_contents.json, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], PUP.Optional.OffersOlymp, C:\Program Files (x86)\Offers Olymp\bbiilhoacmmppcmcogfmaailncbelbgn.crx, In Quarantäne, [96e3915c7822082e652b197daf514bb5], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security\data, In Quarantäne, [3049a944d8c27eb81e0ba0f530d2758b], PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security\license.rtf, In Quarantäne, [3049a944d8c27eb81e0ba0f530d2758b], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\HowToRemove.html, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\chromium-min.jpg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\down.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\ff menu.JPG, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\ff search engine-min.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\hp-min ff.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\hp-min ie.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\search engine.gif, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\setup pages.gif, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\sp-min.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\start-min.jpg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\up.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\bapi16.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\bapi17.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\cito, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\install.log, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\leni, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\soco, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\soni.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\Sqlite3.dll, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\toro.cfg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.exe, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\HowToRemove.html, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\chromium-min.jpg, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\down.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\ff menu.JPG, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\ff search engine-min.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\hp-min ff.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\hp-min ie.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\search engine.gif, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\setup pages.gif, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\sp-min.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\start-min.jpg, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\up.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\config.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\info.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\install.log, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\noso, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\Sqlite3.dll, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\uninst.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\yahoo! powered.xml, In Quarantäne, [de9b2fbe5149c571c51e3aba1fe429d7], PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js, In Quarantäne, [3841de0f5347b2842efdf6fef50e956b], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml, In Quarantäne, [ed8c9c51297139fd776c1cd89b68a25e], PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\user.js, In Quarantäne, [1069ec017228f442f83341b3f90ad030], PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\yahoo! powered.xml, In Quarantäne, [7afffcf128723402eef5cf25bd461fe1], PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\user.js, In Quarantäne, [0d6cb33a18820e28999246aee61dca36], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
26.01.2017, 13:33
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 13:46
| #11 |
| | nova.rambler.ru nicht entfernbar Deinstallation abgeschlossen. |
|
26.01.2017, 15:16
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.01.2017, 20:39
| #13 |
| | nova.rambler.ru nicht entfernbarCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
Phil :: SUPERPARCHITA [administrator]
26.01.2017 15:33:09
mbar-log-2017-01-26 (15-33-09).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 371982
Time elapsed: 1 hour(s), 3 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
26.01.2017, 20:42
| #14 |
| | nova.rambler.ru nicht entfernbarCode:
ATTFilter 20:40:29.0103 0x193c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:40:29.0103 0x193c UEFI system
20:40:35.0655 0x193c ============================================================
20:40:35.0655 0x193c Current date / time: 2017/01/26 20:40:35.0655
20:40:35.0655 0x193c SystemInfo:
20:40:35.0655 0x193c
20:40:35.0655 0x193c OS Version: 6.3.9600 ServicePack: 0.0
20:40:35.0656 0x193c Product type: Workstation
20:40:35.0656 0x193c ComputerName: SUPERPARCHITA
20:40:35.0656 0x193c UserName: Phil
20:40:35.0656 0x193c Windows directory: C:\WINDOWS
20:40:35.0656 0x193c System windows directory: C:\WINDOWS
20:40:35.0656 0x193c Running under WOW64
20:40:35.0656 0x193c Processor architecture: Intel x64
20:40:35.0656 0x193c Number of processors: 2
20:40:35.0656 0x193c Page size: 0x1000
20:40:35.0656 0x193c Boot type: Normal boot
20:40:35.0656 0x193c CodeIntegrityOptions = 0x00000001
20:40:35.0656 0x193c ============================================================
20:40:36.0487 0x193c KLMD registered as C:\WINDOWS\system32\drivers\33825173.sys
20:40:36.0488 0x193c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
20:40:39.0003 0x193c System UUID: {C334BC4C-398D-93C8-1075-E5F506D16C21}
20:40:40.0268 0x193c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:40.0272 0x193c ============================================================
20:40:40.0272 0x193c \Device\Harddisk0\DR0:
20:40:40.0272 0x193c GPT partitions:
20:40:40.0272 0x193c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D7E0B6FB-E275-449D-AD2B-34F0539C091F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:40:40.0272 0x193c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {91CC3BA4-D96F-416D-A9B0-EA3F4AE89923}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:40:40.0272 0x193c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {99D1CE56-F334-46DB-A809-EAD15CCD76C8}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:40:40.0273 0x193c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E6A679AB-B102-46B6-8B6E-4AD991123CD9}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:40:40.0273 0x193c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9DE476CF-8629-4F88-8CA2-2DF199D7C690}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3A5800
20:40:40.0273 0x193c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C114FAB-374E-4D69-AF5D-9B2220D8E5BC}, Name: Basic data partition, StartLBA 0x6F850000, BlocksNum 0x3200000
20:40:40.0273 0x193c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {62BA94D9-7E48-4BD9-AFB4-B35177B7D901}, Name: Basic data partition, StartLBA 0x72A50000, BlocksNum 0x1CB6800
20:40:40.0273 0x193c MBR partitions:
20:40:40.0273 0x193c ============================================================
20:40:40.0304 0x193c C: <-> \Device\Harddisk0\DR0\Partition5
20:40:40.0343 0x193c D: <-> \Device\Harddisk0\DR0\Partition6
20:40:40.0343 0x193c ============================================================
20:40:40.0343 0x193c Initialize success
20:40:40.0343 0x193c ============================================================
20:40:41.0572 0x187c ============================================================
20:40:41.0572 0x187c Scan started
20:40:41.0572 0x187c Mode: Manual;
20:40:41.0572 0x187c ============================================================
20:40:41.0572 0x187c KSN ping started
20:40:41.0791 0x187c KSN ping finished: true
20:40:44.0196 0x187c ================ Scan system memory ========================
20:40:44.0196 0x187c System memory - ok
20:40:44.0197 0x187c ================ Scan services =============================
20:40:44.0393 0x187c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:40:44.0401 0x187c 1394ohci - ok
20:40:44.0433 0x187c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:40:44.0436 0x187c 3ware - ok
20:40:44.0484 0x187c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:40:44.0503 0x187c ACPI - ok
20:40:44.0525 0x187c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:40:44.0528 0x187c acpiex - ok
20:40:44.0541 0x187c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:40:44.0542 0x187c acpipagr - ok
20:40:44.0567 0x187c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:40:44.0569 0x187c AcpiPmi - ok
20:40:44.0577 0x187c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:40:44.0578 0x187c acpitime - ok
20:40:44.0636 0x187c [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:40:44.0638 0x187c ACPIVPC - ok
20:40:44.0706 0x187c [ 1E16C9A8CFBE5D2317EADA233389928D, F08F65B4170104556BF8F2CD19D553D863DE5E1167CDE433C85DFE78C0F1DD96 ] AdBlockerService C:\Program Files (x86)\AdBlocker\AdBlockerService.exe
20:40:44.0708 0x187c AdBlockerService - ok
20:40:44.0844 0x187c [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:44.0853 0x187c AdobeFlashPlayerUpdateSvc - ok
20:40:44.0906 0x187c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:40:44.0928 0x187c ADP80XX - ok
20:40:44.0964 0x187c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:40:44.0971 0x187c AeLookupSvc - ok
20:40:45.0040 0x187c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:40:45.0055 0x187c AFD - ok
20:40:45.0077 0x187c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:40:45.0079 0x187c agp440 - ok
20:40:45.0131 0x187c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:40:45.0133 0x187c ahcache - ok
20:40:45.0168 0x187c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
20:40:45.0171 0x187c ALG - ok
20:40:45.0209 0x187c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:40:45.0213 0x187c AmdK8 - ok
20:40:45.0225 0x187c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:40:45.0229 0x187c AmdPPM - ok
20:40:45.0245 0x187c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:40:45.0248 0x187c amdsata - ok
20:40:45.0277 0x187c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:40:45.0285 0x187c amdsbs - ok
20:40:45.0304 0x187c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:40:45.0305 0x187c amdxata - ok
20:40:45.0333 0x187c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:40:45.0335 0x187c AppID - ok
20:40:45.0359 0x187c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:40:45.0361 0x187c AppIDSvc - ok
20:40:45.0416 0x187c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:40:45.0423 0x187c Appinfo - ok
20:40:45.0550 0x187c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:45.0554 0x187c Apple Mobile Device Service - ok
20:40:45.0603 0x187c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:40:45.0621 0x187c AppReadiness - ok
20:40:45.0701 0x187c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:40:45.0733 0x187c AppXSvc - ok
20:40:45.0798 0x187c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:40:45.0802 0x187c arcsas - ok
20:40:45.0843 0x187c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:40:45.0844 0x187c AsyncMac - ok
20:40:45.0856 0x187c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:40:45.0858 0x187c atapi - ok
20:40:45.0913 0x187c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:40:45.0919 0x187c AudioEndpointBuilder - ok
20:40:45.0960 0x187c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:40:45.0981 0x187c Audiosrv - ok
20:40:46.0006 0x187c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:40:46.0010 0x187c AxInstSV - ok
20:40:46.0048 0x187c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:40:46.0063 0x187c b06bdrv - ok
20:40:46.0094 0x187c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:40:46.0095 0x187c BasicDisplay - ok
20:40:46.0108 0x187c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:40:46.0110 0x187c BasicRender - ok
20:40:46.0134 0x187c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:40:46.0135 0x187c bcmfn2 - ok
20:40:46.0196 0x187c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:40:46.0206 0x187c BDESVC - ok
20:40:46.0223 0x187c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:40:46.0224 0x187c Beep - ok
20:40:46.0285 0x187c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
20:40:46.0305 0x187c BFE - ok
20:40:46.0372 0x187c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
20:40:46.0399 0x187c BITS - ok
20:40:46.0486 0x187c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:40:46.0497 0x187c Bonjour Service - ok
20:40:46.0524 0x187c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:40:46.0527 0x187c bowser - ok
20:40:46.0569 0x187c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:40:46.0576 0x187c BrokerInfrastructure - ok
20:40:46.0608 0x187c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
20:40:46.0613 0x187c Browser - ok
20:40:46.0661 0x187c [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
20:40:46.0666 0x187c BthA2DP - ok
20:40:46.0693 0x187c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:40:46.0695 0x187c BthAvrcpTg - ok
20:40:46.0727 0x187c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
20:40:46.0731 0x187c BthEnum - ok
20:40:46.0760 0x187c [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
20:40:46.0762 0x187c BthHFAud - ok
20:40:46.0810 0x187c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:40:46.0812 0x187c BthHFEnum - ok
20:40:46.0832 0x187c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:40:46.0833 0x187c bthhfhid - ok
20:40:46.0868 0x187c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
20:40:46.0878 0x187c BthHFSrv - ok
20:40:46.0916 0x187c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
20:40:46.0924 0x187c BthLEEnum - ok
20:40:46.0944 0x187c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:40:46.0946 0x187c BTHMODEM - ok
20:40:46.0974 0x187c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
20:40:46.0978 0x187c BthPan - ok
20:40:47.0064 0x187c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
20:40:47.0103 0x187c BTHPORT - ok
20:40:47.0123 0x187c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
20:40:47.0127 0x187c bthserv - ok
20:40:47.0173 0x187c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:40:47.0176 0x187c BTHUSB - ok
20:40:47.0206 0x187c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:40:47.0209 0x187c cdfs - ok
20:40:47.0229 0x187c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:40:47.0236 0x187c cdrom - ok
20:40:47.0272 0x187c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:40:47.0277 0x187c CertPropSvc - ok
20:40:47.0292 0x187c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:40:47.0294 0x187c circlass - ok
20:40:47.0364 0x187c [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:40:47.0374 0x187c CLFS - ok
20:40:47.0635 0x187c [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:40:47.0723 0x187c ClickToRunSvc - ok
20:40:47.0757 0x187c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:40:47.0758 0x187c CmBatt - ok
20:40:47.0825 0x187c [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:40:47.0840 0x187c CNG - ok
20:40:47.0915 0x187c [ 38FB50952621B66F64CE8478293D9181, 74C615117404393ED8249196907477CF5954E7CA99DA18844619C9587B721351 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
20:40:47.0957 0x187c CnxtHdAudService - ok
20:40:47.0992 0x187c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:40:47.0994 0x187c CompositeBus - ok
20:40:47.0999 0x187c COMSysApp - ok
20:40:48.0004 0x187c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:40:48.0006 0x187c condrv - ok
20:40:48.0080 0x187c [ AE49702BBAB1497DF5D9B2B7B101FE0E, 4E98C8185B0552F0B529B8052AE7010458E912172CF8D869C15B72AF6E46CF5F ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:40:48.0109 0x187c cphs - ok
20:40:48.0151 0x187c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:40:48.0154 0x187c CryptSvc - ok
20:40:48.0180 0x187c [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
20:40:48.0186 0x187c CxAudMsg - ok
20:40:48.0205 0x187c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
20:40:48.0207 0x187c dam - ok
20:40:48.0211 0x187c dbx - ok
20:40:48.0256 0x187c [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
20:40:48.0258 0x187c DbxSvc - ok
20:40:48.0327 0x187c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:40:48.0348 0x187c DcomLaunch - ok
20:40:48.0401 0x187c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:40:48.0415 0x187c defragsvc - ok
20:40:48.0460 0x187c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:40:48.0472 0x187c DeviceAssociationService - ok
20:40:48.0498 0x187c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:40:48.0503 0x187c DeviceInstall - ok
20:40:48.0560 0x187c [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:40:48.0565 0x187c Dfsc - ok
20:40:48.0606 0x187c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:40:48.0611 0x187c dg_ssudbus - ok
20:40:48.0644 0x187c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:40:48.0653 0x187c Dhcp - ok
20:40:48.0726 0x187c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
20:40:48.0768 0x187c DiagTrack - ok
20:40:48.0901 0x187c [ 465949FD7AF3931B415D3FE2193DB782, 4EE3881F62183EF4F9A32EBADC019DD1FB70A2FE009503130146343FA7915E36 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
20:40:48.0911 0x187c DigitalWave.Update.Service - ok
20:40:48.0973 0x187c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
20:40:48.0980 0x187c disk - ok
20:40:49.0010 0x187c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:40:49.0012 0x187c dmvsc - ok
20:40:49.0090 0x187c [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:40:49.0104 0x187c Dnscache - ok
20:40:49.0156 0x187c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:40:49.0174 0x187c dot3svc - ok
20:40:49.0209 0x187c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
20:40:49.0214 0x187c DPS - ok
20:40:49.0259 0x187c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:40:49.0260 0x187c drmkaud - ok
20:40:49.0296 0x187c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:40:49.0302 0x187c DsmSvc - ok
20:40:49.0399 0x187c [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:40:49.0440 0x187c DXGKrnl - ok
20:40:49.0485 0x187c [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
20:40:49.0499 0x187c e1iexpress - ok
20:40:49.0529 0x187c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:40:49.0533 0x187c Eaphost - ok
20:40:49.0653 0x187c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:40:49.0739 0x187c ebdrv - ok
20:40:49.0776 0x187c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
20:40:49.0778 0x187c EFS - ok
20:40:49.0792 0x187c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:40:49.0795 0x187c EhStorClass - ok
20:40:49.0818 0x187c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:40:49.0822 0x187c EhStorTcgDrv - ok
20:40:49.0837 0x187c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:40:49.0838 0x187c ErrDev - ok
20:40:49.0870 0x187c [ C9EC31F59DF549819862E8DA83E5E9B0, 5F53AEF5276D495C095CD05CC8A598CD364A16DE058F0DF46FD3C3D6446244D5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
20:40:49.0881 0x187c ETD - ok
20:40:49.0947 0x187c [ BFFD4F272773F73F9A17A54469EF1B40, FF2981D15BB5A6B83D320BAC20D29E1906397026B8DDD4DBB5F948577E9DC4EF ] ETDService C:\Program Files\Elantech\ETDService.exe
20:40:49.0950 0x187c ETDService - ok
20:40:50.0009 0x187c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
20:40:50.0022 0x187c EventSystem - ok
20:40:50.0115 0x187c [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:40:50.0130 0x187c EvtEng - ok
20:40:50.0170 0x187c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:40:50.0176 0x187c exfat - ok
20:40:50.0196 0x187c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:40:50.0203 0x187c fastfat - ok
20:40:50.0250 0x187c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
20:40:50.0270 0x187c Fax - ok
20:40:50.0307 0x187c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:40:50.0308 0x187c fdc - ok
20:40:50.0336 0x187c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:40:50.0338 0x187c fdPHost - ok
20:40:50.0353 0x187c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:40:50.0356 0x187c FDResPub - ok
20:40:50.0377 0x187c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:40:50.0382 0x187c fhsvc - ok
20:40:50.0403 0x187c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:40:50.0405 0x187c FileInfo - ok
20:40:50.0427 0x187c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:40:50.0428 0x187c Filetrace - ok
20:40:50.0442 0x187c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:40:50.0443 0x187c flpydisk - ok
20:40:50.0474 0x187c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:40:50.0484 0x187c FltMgr - ok
20:40:50.0580 0x187c [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\WINDOWS\system32\FntCache.dll
20:40:50.0613 0x187c FontCache - ok
20:40:50.0688 0x187c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:50.0689 0x187c FontCache3.0.0.0 - ok
20:40:50.0721 0x187c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:40:50.0723 0x187c FsDepends - ok
20:40:50.0742 0x187c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:40:50.0744 0x187c Fs_Rec - ok
20:40:50.0813 0x187c [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:40:50.0832 0x187c fvevol - ok
20:40:50.0856 0x187c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:40:50.0858 0x187c FxPPM - ok
20:40:50.0872 0x187c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:40:50.0874 0x187c gagp30kx - ok
20:40:50.0906 0x187c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:40:50.0907 0x187c gencounter - ok
20:40:50.0942 0x187c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:40:50.0947 0x187c GPIOClx0101 - ok
20:40:51.0033 0x187c [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:40:51.0072 0x187c gpsvc - ok
20:40:51.0180 0x187c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:51.0184 0x187c gupdate - ok
20:40:51.0191 0x187c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:40:51.0194 0x187c gupdatem - ok
20:40:51.0237 0x187c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:40:51.0252 0x187c HdAudAddService - ok
20:40:51.0289 0x187c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:40:51.0293 0x187c HDAudBus - ok
20:40:51.0311 0x187c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:40:51.0312 0x187c HidBatt - ok
20:40:51.0361 0x187c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:40:51.0365 0x187c HidBth - ok
20:40:51.0380 0x187c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:40:51.0382 0x187c hidi2c - ok
20:40:51.0395 0x187c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:40:51.0397 0x187c HidIr - ok
20:40:51.0425 0x187c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:40:51.0427 0x187c hidserv - ok
20:40:51.0485 0x187c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:40:51.0486 0x187c HidUsb - ok
20:40:51.0522 0x187c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:40:51.0526 0x187c hkmsvc - ok
20:40:51.0567 0x187c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:40:51.0577 0x187c HomeGroupListener - ok
20:40:51.0621 0x187c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:40:51.0633 0x187c HomeGroupProvider - ok
20:40:51.0663 0x187c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:40:51.0665 0x187c HpSAMD - ok
20:40:51.0745 0x187c [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:40:51.0773 0x187c HTTP - ok
20:40:51.0812 0x187c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:40:51.0813 0x187c hwpolicy - ok
20:40:51.0835 0x187c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:40:51.0836 0x187c hyperkbd - ok
20:40:51.0851 0x187c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:40:51.0852 0x187c HyperVideo - ok
20:40:51.0908 0x187c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:40:51.0911 0x187c i8042prt - ok
20:40:51.0932 0x187c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:40:51.0934 0x187c iaLPSSi_GPIO - ok
20:40:51.0953 0x187c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:40:51.0956 0x187c iaLPSSi_I2C - ok
20:40:51.0997 0x187c [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
20:40:52.0013 0x187c iaStorA - ok
20:40:52.0068 0x187c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:40:52.0086 0x187c iaStorAV - ok
20:40:52.0160 0x187c [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:40:52.0161 0x187c IAStorDataMgrSvc - ok
20:40:52.0193 0x187c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:40:52.0203 0x187c iaStorV - ok
20:40:52.0294 0x187c [ 351282A1CA1D8921028C3F653746FA20, F0C256880C6B638AF8F0EBC5D281C432090FC1DCA98E0A8F908C98EF446EF627 ] ibtsiva.exe C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
20:40:52.0297 0x187c ibtsiva.exe - ok
20:40:52.0332 0x187c [ 9C8AB34D88A61878D4A72FD55ED65674, CC109CDA60A0CE5E31509B02D4BB8F8906C405089D84D4A8570C42E0D6DC8E49 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
20:40:52.0338 0x187c ibtusb - ok
20:40:52.0342 0x187c IEEtwCollectorService - ok
20:40:52.0480 0x187c [ 540E8D8F386F38F9609572FE92997DA1, DF8DACC88437B6A97FD184C8813784FB6710461623242F45D1E6B5C23DB34D2D ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:40:52.0580 0x187c igfx - ok
20:40:52.0623 0x187c [ 2C1A1DB9ED1BEEC1CE6632225A7CDFA9, 93553F5FBDF88046E44FBADD2732ABC10C19098C9E338450FD69D1D216504562 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:40:52.0631 0x187c igfxCUIService1.0.0.0 - ok
20:40:52.0714 0x187c [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:40:52.0742 0x187c IKEEXT - ok
20:40:52.0771 0x187c [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:40:52.0773 0x187c intaud_WaveExtensible - ok
20:40:52.0819 0x187c [ 5F6F8E55DDB25BC41497DD11A85FC257, 45EF15064644729A776BBF35A790E23246309939A1614369553371EC82786890 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:40:52.0832 0x187c IntcDAud - ok
20:40:52.0887 0x187c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:40:52.0907 0x187c Intel(R) Capability Licensing Service Interface - ok
20:40:52.0961 0x187c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:40:52.0983 0x187c Intel(R) Capability Licensing Service TCP IP Interface - ok
20:40:53.0005 0x187c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:40:53.0006 0x187c intelide - ok
20:40:53.0030 0x187c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:40:53.0032 0x187c intelpep - ok
20:40:53.0048 0x187c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:40:53.0052 0x187c intelppm - ok
20:40:53.0081 0x187c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:40:53.0084 0x187c IpFilterDriver - ok
20:40:53.0159 0x187c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:40:53.0182 0x187c iphlpsvc - ok
20:40:53.0232 0x187c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:40:53.0235 0x187c IPMIDRV - ok
20:40:53.0257 0x187c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:40:53.0261 0x187c IPNAT - ok
20:40:53.0274 0x187c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:40:53.0275 0x187c IRENUM - ok
20:40:53.0294 0x187c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:40:53.0296 0x187c isapnp - ok
20:40:53.0334 0x187c [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:40:53.0344 0x187c iScsiPrt - ok
20:40:53.0365 0x187c [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
20:40:53.0367 0x187c iwdbus - ok
20:40:53.0418 0x187c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:40:53.0422 0x187c jhi_service - ok
20:40:53.0446 0x187c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:40:53.0448 0x187c kbdclass - ok
20:40:53.0490 0x187c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:40:53.0492 0x187c kbdhid - ok
20:40:53.0506 0x187c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:40:53.0507 0x187c kdnic - ok
20:40:53.0526 0x187c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
20:40:53.0529 0x187c KeyIso - ok
20:40:53.0533 0x187c KMDFVirtualKbd - ok
20:40:53.0578 0x187c [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys
20:40:53.0579 0x187c KMDFVirtualMouse - ok
20:40:53.0639 0x187c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:40:53.0642 0x187c KSecDD - ok
20:40:53.0693 0x187c [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:40:53.0699 0x187c KSecPkg - ok
20:40:53.0724 0x187c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:40:53.0725 0x187c ksthunk - ok
20:40:53.0842 0x187c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:40:53.0865 0x187c KtmRm - ok
20:40:53.0912 0x187c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:40:53.0924 0x187c LanmanServer - ok
20:40:53.0961 0x187c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:40:53.0986 0x187c LanmanWorkstation - ok
20:40:54.0044 0x187c [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
20:40:54.0059 0x187c Lenovo EasyPlus Hotspot - ok
20:40:54.0153 0x187c [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
20:40:54.0176 0x187c Lenovo System Agent Service - ok
20:40:54.0234 0x187c [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
20:40:54.0246 0x187c LenovoWiFiHotspotSvr - ok
20:40:54.0316 0x187c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:40:54.0332 0x187c lfsvc - ok
20:40:54.0355 0x187c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:40:54.0357 0x187c lltdio - ok
20:40:54.0394 0x187c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:40:54.0403 0x187c lltdsvc - ok
20:40:54.0432 0x187c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:40:54.0434 0x187c lmhosts - ok
20:40:54.0486 0x187c [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:40:54.0498 0x187c LMS - ok
20:40:54.0586 0x187c [ DB470EC2922A1DA3936CAFD2647B7C52, 2B973A2685031EDD1026B98070699384F11EF7AE574DC429A69B352B18047403 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
20:40:54.0601 0x187c LSCWinService - ok
20:40:54.0635 0x187c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:40:54.0639 0x187c LSI_SAS - ok
20:40:54.0658 0x187c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:40:54.0662 0x187c LSI_SAS2 - ok
20:40:54.0677 0x187c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:40:54.0680 0x187c LSI_SAS3 - ok
20:40:54.0707 0x187c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:40:54.0711 0x187c LSI_SSS - ok
20:40:54.0800 0x187c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
20:40:54.0826 0x187c LSM - ok
20:40:54.0846 0x187c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:40:54.0850 0x187c luafv - ok
20:40:54.0906 0x187c [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
20:40:54.0907 0x187c LUService - ok
20:40:54.0937 0x187c [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
20:40:54.0939 0x187c ManyCam - ok
20:40:55.0038 0x187c [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe
20:40:55.0056 0x187c ManyCam Service - ok
20:40:55.0113 0x187c [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
20:40:55.0114 0x187c MBAMProtector - ok
20:40:55.0216 0x187c [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
20:40:55.0252 0x187c MBAMScheduler - ok
20:40:55.0308 0x187c [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:40:55.0336 0x187c MBAMService - ok
20:40:55.0420 0x187c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:40:55.0425 0x187c MBAMSwissArmy - ok
20:40:55.0458 0x187c [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:40:55.0461 0x187c MBAMWebAccessControl - ok
20:40:55.0480 0x187c [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
20:40:55.0482 0x187c mcaudrv_simple - ok
20:40:55.0507 0x187c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:40:55.0509 0x187c megasas - ok
20:40:55.0544 0x187c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:40:55.0561 0x187c megasr - ok
20:40:55.0593 0x187c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:40:55.0596 0x187c MEIx64 - ok
20:40:55.0623 0x187c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:40:55.0626 0x187c MMCSS - ok
20:40:55.0642 0x187c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:40:55.0644 0x187c Modem - ok
20:40:55.0665 0x187c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:40:55.0666 0x187c monitor - ok
20:40:55.0687 0x187c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:40:55.0690 0x187c mouclass - ok
20:40:55.0697 0x187c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:40:55.0699 0x187c mouhid - ok
20:40:55.0752 0x187c [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:40:55.0755 0x187c mountmgr - ok
20:40:55.0802 0x187c [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:40:55.0808 0x187c MozillaMaintenance - ok
20:40:55.0839 0x187c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:40:55.0842 0x187c mpsdrv - ok
20:40:55.0884 0x187c [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:40:55.0907 0x187c MpsSvc - ok
20:40:55.0961 0x187c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:40:55.0966 0x187c MRxDAV - ok
20:40:56.0017 0x187c [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:40:56.0028 0x187c mrxsmb - ok
20:40:56.0087 0x187c [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:40:56.0095 0x187c mrxsmb10 - ok
20:40:56.0119 0x187c [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:40:56.0124 0x187c mrxsmb20 - ok
20:40:56.0156 0x187c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:40:56.0159 0x187c MsBridge - ok
20:40:56.0183 0x187c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:40:56.0188 0x187c MSDTC - ok
20:40:56.0220 0x187c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:40:56.0221 0x187c Msfs - ok
20:40:56.0228 0x187c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:40:56.0230 0x187c msgpiowin32 - ok
20:40:56.0250 0x187c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:40:56.0251 0x187c mshidkmdf - ok
20:40:56.0268 0x187c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:40:56.0269 0x187c mshidumdf - ok
20:40:56.0284 0x187c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:40:56.0286 0x187c msisadrv - ok
20:40:56.0316 0x187c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:40:56.0321 0x187c MSiSCSI - ok
20:40:56.0326 0x187c msiserver - ok
20:40:56.0342 0x187c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:40:56.0343 0x187c MSKSSRV - ok
20:40:56.0372 0x187c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:40:56.0375 0x187c MsLldp - ok
20:40:56.0392 0x187c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:40:56.0393 0x187c MSPCLOCK - ok
20:40:56.0406 0x187c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:40:56.0407 0x187c MSPQM - ok
20:40:56.0452 0x187c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:40:56.0462 0x187c MsRPC - ok
20:40:56.0472 0x187c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:40:56.0474 0x187c mssmbios - ok
20:40:56.0485 0x187c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:40:56.0486 0x187c MSTEE - ok
20:40:56.0503 0x187c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:40:56.0504 0x187c MTConfig - ok
20:40:56.0559 0x187c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:40:56.0562 0x187c Mup - ok
20:40:56.0588 0x187c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:40:56.0590 0x187c mvumis - ok
20:40:56.0638 0x187c [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:40:56.0645 0x187c MyWiFiDHCPDNS - ok
20:40:56.0687 0x187c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:40:56.0699 0x187c napagent - ok
20:40:56.0741 0x187c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:40:56.0754 0x187c NativeWifiP - ok
20:40:56.0862 0x187c [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:40:56.0881 0x187c NAUpdate - ok
20:40:56.0938 0x187c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:40:56.0950 0x187c NcaSvc - ok
20:40:56.0972 0x187c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:40:56.0978 0x187c NcbService - ok
20:40:57.0004 0x187c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:40:57.0008 0x187c NcdAutoSetup - ok
20:40:57.0076 0x187c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:40:57.0106 0x187c NDIS - ok
20:40:57.0128 0x187c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:40:57.0130 0x187c NdisCap - ok
20:40:57.0164 0x187c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:40:57.0168 0x187c NdisImPlatform - ok
20:40:57.0199 0x187c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:40:57.0200 0x187c NdisTapi - ok
20:40:57.0222 0x187c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:40:57.0225 0x187c Ndisuio - ok
20:40:57.0235 0x187c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:40:57.0236 0x187c NdisVirtualBus - ok
20:40:57.0292 0x187c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:40:57.0298 0x187c NdisWan - ok
20:40:57.0307 0x187c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:40:57.0313 0x187c NdisWanLegacy - ok
20:40:57.0346 0x187c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:40:57.0349 0x187c NDProxy - ok
20:40:57.0379 0x187c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:40:57.0383 0x187c Ndu - ok
20:40:57.0412 0x187c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:40:57.0414 0x187c NetBIOS - ok
20:40:57.0462 0x187c [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:40:57.0471 0x187c NetBT - ok
20:40:57.0487 0x187c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
20:40:57.0490 0x187c Netlogon - ok
20:40:57.0529 0x187c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
20:40:57.0537 0x187c Netman - ok
20:40:57.0585 0x187c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:40:57.0600 0x187c netprofm - ok
20:40:57.0660 0x187c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:57.0666 0x187c NetTcpPortSharing - ok
20:40:57.0703 0x187c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
20:40:57.0706 0x187c netvsc - ok
20:40:57.0848 0x187c [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\Netwbw02.sys
20:40:57.0937 0x187c NETwNb64 - ok
20:40:58.0141 0x187c [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys
20:40:58.0260 0x187c NETwNe64 - ok
20:40:58.0381 0x187c [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
20:40:58.0393 0x187c NitroDriverReadSpool9 - ok
20:40:58.0445 0x187c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:40:58.0464 0x187c NlaSvc - ok
20:40:58.0539 0x187c [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
20:40:58.0542 0x187c nlsX86cc - ok
20:40:58.0576 0x187c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:40:58.0578 0x187c Npfs - ok
20:40:58.0592 0x187c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:40:58.0594 0x187c npsvctrig - ok
20:40:58.0627 0x187c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:40:58.0630 0x187c nsi - ok
20:40:58.0655 0x187c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:40:58.0657 0x187c nsiproxy - ok
20:40:58.0794 0x187c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:40:58.0847 0x187c Ntfs - ok
20:40:58.0871 0x187c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
20:40:58.0872 0x187c Null - ok
20:40:58.0897 0x187c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:40:58.0902 0x187c nvraid - ok
20:40:58.0921 0x187c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:40:58.0926 0x187c nvstor - ok
20:40:58.0941 0x187c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:40:58.0945 0x187c nv_agp - ok
20:40:59.0032 0x187c [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:59.0039 0x187c ose - ok
20:40:59.0087 0x187c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:40:59.0098 0x187c p2pimsvc - ok
20:40:59.0129 0x187c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:40:59.0143 0x187c p2psvc - ok
20:40:59.0208 0x187c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:40:59.0212 0x187c Parport - ok
20:40:59.0244 0x187c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:40:59.0248 0x187c partmgr - ok
20:40:59.0324 0x187c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:40:59.0340 0x187c PcaSvc - ok
20:40:59.0410 0x187c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
20:40:59.0424 0x187c pci - ok
20:40:59.0449 0x187c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:40:59.0450 0x187c pciide - ok
20:40:59.0465 0x187c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:40:59.0470 0x187c pcmcia - ok
20:40:59.0485 0x187c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:40:59.0488 0x187c pcw - ok
20:40:59.0515 0x187c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:40:59.0518 0x187c pdc - ok
20:40:59.0542 0x187c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:40:59.0560 0x187c PEAUTH - ok
20:40:59.0597 0x187c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:40:59.0599 0x187c PerfHost - ok
20:40:59.0683 0x187c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
20:40:59.0724 0x187c pla - ok
20:40:59.0759 0x187c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:40:59.0764 0x187c PlugPlay - ok
20:40:59.0797 0x187c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:40:59.0800 0x187c PNRPAutoReg - ok
20:40:59.0831 0x187c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:40:59.0841 0x187c PNRPsvc - ok
20:40:59.0896 0x187c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:40:59.0906 0x187c PolicyAgent - ok
20:40:59.0937 0x187c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
20:40:59.0941 0x187c Power - ok
20:40:59.0961 0x187c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:40:59.0964 0x187c PptpMiniport - ok
20:41:00.0131 0x187c [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:41:00.0208 0x187c PrintNotify - ok
20:41:00.0230 0x187c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:41:00.0234 0x187c Processor - ok
20:41:00.0264 0x187c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:41:00.0272 0x187c ProfSvc - ok
20:41:00.0301 0x187c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:41:00.0305 0x187c Psched - ok
20:41:00.0344 0x187c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:41:00.0354 0x187c QWAVE - ok
20:41:00.0388 0x187c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:41:00.0390 0x187c QWAVEdrv - ok
20:41:00.0415 0x187c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:41:00.0416 0x187c RasAcd - ok
20:41:00.0468 0x187c [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
20:41:00.0471 0x187c RasAgileVpn - ok
20:41:00.0511 0x187c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:41:00.0515 0x187c RasAuto - ok
20:41:00.0566 0x187c [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:41:00.0570 0x187c Rasl2tp - ok
20:41:00.0603 0x187c [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:41:00.0620 0x187c RasMan - ok
20:41:00.0694 0x187c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:41:00.0697 0x187c RasPppoe - ok
20:41:00.0729 0x187c [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
20:41:00.0732 0x187c RasSstp - ok
20:41:00.0806 0x187c [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:41:00.0828 0x187c rdbss - ok
20:41:00.0846 0x187c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:41:00.0848 0x187c rdpbus - ok
20:41:00.0872 0x187c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:41:00.0879 0x187c RDPDR - ok
20:41:00.0951 0x187c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:41:00.0953 0x187c RdpVideoMiniport - ok
20:41:00.0966 0x187c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:41:00.0975 0x187c rdyboost - ok
20:41:01.0050 0x187c [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
20:41:01.0076 0x187c ReFS - ok
20:41:01.0165 0x187c [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:41:01.0174 0x187c RegSrvc - ok
20:41:01.0228 0x187c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:41:01.0236 0x187c RemoteAccess - ok
20:41:01.0275 0x187c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:41:01.0282 0x187c RemoteRegistry - ok
20:41:01.0339 0x187c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
20:41:01.0345 0x187c RFCOMM - ok
20:41:01.0457 0x187c [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:41:01.0468 0x187c RichVideo64 - ok
20:41:01.0499 0x187c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:41:01.0504 0x187c RpcEptMapper - ok
20:41:01.0535 0x187c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
20:41:01.0537 0x187c RpcLocator - ok
20:41:01.0610 0x187c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:41:01.0631 0x187c RpcSs - ok
20:41:01.0659 0x187c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:41:01.0662 0x187c rspndr - ok
20:41:01.0702 0x187c [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
20:41:01.0711 0x187c RSUSBVSTOR - ok
20:41:01.0754 0x187c [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:41:01.0777 0x187c RTL8168 - ok
20:41:02.0126 0x187c [ 6EA6AC66600E01E55FFB69AE53EE1553, 81ADE4CA618C5229DC241F10711578633093E1E43739AA6726923D9E6D27A0BE ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
20:41:02.0459 0x187c rtsuvc - ok
20:41:02.0507 0x187c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:41:02.0509 0x187c s3cap - ok
20:41:02.0547 0x187c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
20:41:02.0552 0x187c SamSs - ok
20:41:02.0559 0x187c SAService - ok
20:41:02.0587 0x187c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:41:02.0593 0x187c sbp2port - ok
20:41:02.0626 0x187c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:41:02.0635 0x187c SCardSvr - ok
20:41:02.0671 0x187c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
20:41:02.0677 0x187c ScDeviceEnum - ok
20:41:02.0708 0x187c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:41:02.0710 0x187c scfilter - ok
20:41:02.0777 0x187c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:41:02.0808 0x187c Schedule - ok
20:41:02.0826 0x187c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:41:02.0831 0x187c SCPolicySvc - ok
20:41:02.0860 0x187c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:41:02.0869 0x187c sdbus - ok
20:41:02.0901 0x187c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:41:02.0904 0x187c sdstor - ok
20:41:02.0921 0x187c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
20:41:02.0922 0x187c secdrv - ok
20:41:02.0960 0x187c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
20:41:02.0963 0x187c seclogon - ok
20:41:02.0995 0x187c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
20:41:02.0999 0x187c SENS - ok
20:41:03.0109 0x187c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:41:03.0124 0x187c SensrSvc - ok
20:41:03.0161 0x187c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:41:03.0213 0x187c SerCx - ok
20:41:03.0292 0x187c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
20:41:03.0298 0x187c SerCx2 - ok
20:41:03.0343 0x187c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:41:03.0345 0x187c Serenum - ok
20:41:03.0371 0x187c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:41:03.0375 0x187c Serial - ok
20:41:03.0425 0x187c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:41:03.0428 0x187c sermouse - ok
20:41:03.0476 0x187c [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:41:03.0487 0x187c SessionEnv - ok
20:41:03.0506 0x187c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:41:03.0507 0x187c sfloppy - ok
20:41:03.0559 0x187c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:41:03.0573 0x187c SharedAccess - ok
20:41:03.0624 0x187c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:41:03.0641 0x187c ShellHWDetection - ok
20:41:03.0669 0x187c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:41:03.0671 0x187c SiSRaid2 - ok
20:41:03.0691 0x187c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:41:03.0695 0x187c SiSRaid4 - ok
20:41:03.0805 0x187c [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:41:03.0823 0x187c SkypeUpdate - ok
20:41:03.0855 0x187c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
20:41:03.0883 0x187c smphost - ok
20:41:03.0919 0x187c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:41:03.0921 0x187c SNMPTRAP - ok
20:41:03.0982 0x187c [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:41:03.0997 0x187c spaceport - ok
20:41:04.0019 0x187c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:41:04.0020 0x187c SpbCx - ok
20:41:04.0096 0x187c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:41:04.0124 0x187c Spooler - ok
20:41:04.0411 0x187c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:41:04.0564 0x187c sppsvc - ok
20:41:04.0626 0x187c [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:41:04.0638 0x187c srv - ok
20:41:04.0911 0x187c [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:41:04.0934 0x187c srv2 - ok
20:41:04.0983 0x187c [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:41:04.0990 0x187c srvnet - ok
20:41:05.0022 0x187c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:41:05.0031 0x187c SSDPSRV - ok
20:41:05.0064 0x187c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:41:05.0070 0x187c SstpSvc - ok
20:41:05.0106 0x187c [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:41:05.0113 0x187c ssudmdm - ok
20:41:05.0143 0x187c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:41:05.0145 0x187c stexstor - ok
20:41:05.0196 0x187c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:41:05.0215 0x187c stisvc - ok
20:41:05.0251 0x187c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:41:05.0254 0x187c storahci - ok
20:41:05.0291 0x187c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
20:41:05.0293 0x187c storflt - ok
20:41:05.0343 0x187c [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
20:41:05.0348 0x187c stornvme - ok
20:41:05.0377 0x187c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:41:05.0382 0x187c StorSvc - ok
20:41:05.0407 0x187c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:41:05.0411 0x187c storvsc - ok
20:41:05.0445 0x187c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:41:05.0452 0x187c svsvc - ok
20:41:05.0474 0x187c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:41:05.0476 0x187c swenum - ok
20:41:05.0549 0x187c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
20:41:05.0572 0x187c swprv - ok
20:41:05.0650 0x187c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
20:41:05.0680 0x187c SysMain - ok
20:41:05.0732 0x187c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:41:05.0740 0x187c SystemEventsBroker - ok
20:41:05.0770 0x187c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:41:05.0777 0x187c TabletInputService - ok
20:41:05.0818 0x187c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:41:05.0828 0x187c TapiSrv - ok
20:41:05.0956 0x187c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:41:06.0019 0x187c Tcpip - ok
20:41:06.0092 0x187c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:41:06.0149 0x187c TCPIP6 - ok
20:41:06.0196 0x187c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:41:06.0199 0x187c tcpipreg - ok
20:41:06.0254 0x187c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:41:06.0258 0x187c tdx - ok
20:41:06.0607 0x187c [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:41:06.0782 0x187c TeamViewer - ok
20:41:06.0841 0x187c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:41:06.0844 0x187c terminpt - ok
20:41:06.0925 0x187c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
20:41:06.0959 0x187c TermService - ok
20:41:06.0985 0x187c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
20:41:06.0989 0x187c Themes - ok
20:41:07.0016 0x187c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:41:07.0019 0x187c THREADORDER - ok
20:41:07.0047 0x187c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:41:07.0055 0x187c TimeBroker - ok
20:41:07.0109 0x187c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:41:07.0115 0x187c TPM - ok
20:41:07.0145 0x187c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:41:07.0150 0x187c TrkWks - ok
20:41:07.0215 0x187c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:41:07.0221 0x187c TrustedInstaller - ok
20:41:07.0247 0x187c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:41:07.0250 0x187c TsUsbFlt - ok
20:41:07.0288 0x187c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:41:07.0315 0x187c TsUsbGD - ok
20:41:07.0363 0x187c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:41:07.0368 0x187c tunnel - ok
20:41:07.0396 0x187c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:41:07.0400 0x187c uagp35 - ok
20:41:07.0424 0x187c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:41:07.0429 0x187c UASPStor - ok
20:41:07.0473 0x187c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:41:07.0482 0x187c UCX01000 - ok
20:41:07.0546 0x187c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:41:07.0564 0x187c udfs - ok
20:41:07.0602 0x187c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
20:41:07.0604 0x187c UEFI - ok
20:41:07.0629 0x187c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:41:07.0633 0x187c UI0Detect - ok
20:41:07.0654 0x187c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:41:07.0657 0x187c uliagpkx - ok
20:41:07.0671 0x187c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:41:07.0673 0x187c umbus - ok
20:41:07.0697 0x187c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:41:07.0698 0x187c UmPass - ok
20:41:07.0736 0x187c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:41:07.0747 0x187c UmRdpService - ok
20:41:07.0789 0x187c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:41:07.0805 0x187c upnphost - ok
20:41:07.0868 0x187c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:41:07.0873 0x187c usbaudio - ok
20:41:07.0912 0x187c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:41:07.0919 0x187c usbccgp - ok
20:41:07.0958 0x187c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:41:07.0963 0x187c usbcir - ok
20:41:08.0019 0x187c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:41:08.0026 0x187c usbehci - ok
20:41:08.0098 0x187c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:41:08.0119 0x187c usbhub - ok
20:41:08.0190 0x187c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:41:08.0210 0x187c USBHUB3 - ok
20:41:08.0267 0x187c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:41:08.0269 0x187c usbohci - ok
20:41:08.0293 0x187c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:41:08.0294 0x187c usbprint - ok
20:41:08.0342 0x187c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:41:08.0345 0x187c usbscan - ok
20:41:08.0414 0x187c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:41:08.0424 0x187c USBSTOR - ok
20:41:08.0445 0x187c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:41:08.0449 0x187c usbuhci - ok
20:41:08.0515 0x187c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
20:41:08.0530 0x187c usbvideo - ok
20:41:08.0590 0x187c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:41:08.0600 0x187c USBXHCI - ok
20:41:08.0615 0x187c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:41:08.0617 0x187c VaultSvc - ok
20:41:08.0647 0x187c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:41:08.0649 0x187c vdrvroot - ok
20:41:08.0716 0x187c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
20:41:08.0765 0x187c vds - ok
20:41:08.0846 0x187c [ E28127C422E5E0C91A0EC040C9838A0B, 1D881AE97138829E40847796972FE32F267DCD21B0BC83899AF9D6144FA0709B ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
20:41:08.0849 0x187c VeriFaceSrv - ok
20:41:08.0857 0x187c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:41:08.0863 0x187c VerifierExt - ok
20:41:08.0933 0x187c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:41:08.0953 0x187c vhdmp - ok
20:41:09.0004 0x187c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:41:09.0005 0x187c viaide - ok
20:41:09.0033 0x187c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:41:09.0037 0x187c vmbus - ok
20:41:09.0058 0x187c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:41:09.0060 0x187c VMBusHID - ok
20:41:09.0100 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:41:09.0115 0x187c vmicguestinterface - ok
20:41:09.0133 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:41:09.0146 0x187c vmicheartbeat - ok
20:41:09.0163 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:41:09.0177 0x187c vmickvpexchange - ok
20:41:09.0194 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:41:09.0208 0x187c vmicrdv - ok
20:41:09.0225 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:41:09.0239 0x187c vmicshutdown - ok
20:41:09.0256 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:41:09.0269 0x187c vmictimesync - ok
20:41:09.0286 0x187c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:41:09.0300 0x187c vmicvss - ok
20:41:09.0353 0x187c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:41:09.0360 0x187c volmgr - ok
20:41:09.0393 0x187c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:41:09.0404 0x187c volmgrx - ok
20:41:09.0472 0x187c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:41:09.0484 0x187c volsnap - ok
20:41:09.0511 0x187c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:41:09.0515 0x187c vpci - ok
20:41:09.0536 0x187c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:41:09.0542 0x187c vsmraid - ok
20:41:09.0626 0x187c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
20:41:09.0665 0x187c VSS - ok
20:41:09.0689 0x187c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:41:09.0699 0x187c VSTXRAID - ok
20:41:09.0742 0x187c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:41:09.0745 0x187c vwifibus - ok
20:41:09.0771 0x187c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:41:09.0776 0x187c vwififlt - ok
20:41:09.0791 0x187c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:41:09.0794 0x187c vwifimp - ok
20:41:09.0838 0x187c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
20:41:09.0853 0x187c W32Time - ok
20:41:09.0872 0x187c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:41:09.0873 0x187c WacomPen - ok
20:41:09.0909 0x187c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:09.0911 0x187c Wanarp - ok
20:41:09.0918 0x187c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:09.0921 0x187c Wanarpv6 - ok
20:41:10.0013 0x187c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\WINDOWS\system32\wbengine.exe
20:41:10.0056 0x187c wbengine - ok
20:41:10.0098 0x187c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:41:10.0111 0x187c WbioSrvc - ok
20:41:10.0151 0x187c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:41:10.0161 0x187c Wcmsvc - ok
20:41:10.0211 0x187c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:41:10.0226 0x187c wcncsvc - ok
20:41:10.0259 0x187c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:41:10.0262 0x187c WcsPlugInService - ok
20:41:10.0303 0x187c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:41:10.0304 0x187c WdBoot - ok
20:41:10.0357 0x187c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:41:10.0380 0x187c Wdf01000 - ok
20:41:10.0439 0x187c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:41:10.0447 0x187c WdFilter - ok
20:41:10.0480 0x187c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:41:10.0484 0x187c WdiServiceHost - ok
20:41:10.0490 0x187c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:41:10.0494 0x187c WdiSystemHost - ok
20:41:10.0518 0x187c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:41:10.0522 0x187c WdNisDrv - ok
20:41:10.0554 0x187c WdNisSvc - ok
20:41:10.0610 0x187c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\WINDOWS\System32\webclnt.dll
20:41:10.0618 0x187c WebClient - ok
20:41:10.0657 0x187c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:41:10.0665 0x187c Wecsvc - ok
20:41:10.0690 0x187c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
20:41:10.0693 0x187c WEPHOSTSVC - ok
20:41:10.0709 0x187c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:41:10.0713 0x187c wercplsupport - ok
20:41:10.0742 0x187c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:41:10.0747 0x187c WerSvc - ok
20:41:10.0781 0x187c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:41:10.0785 0x187c WFPLWFS - ok
20:41:10.0822 0x187c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:41:10.0826 0x187c WiaRpc - ok
20:41:10.0856 0x187c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:41:10.0857 0x187c WIMMount - ok
20:41:10.0860 0x187c WinDefend - ok
20:41:10.0937 0x187c [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:41:10.0958 0x187c WinHttpAutoProxySvc - ok
20:41:11.0021 0x187c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:41:11.0028 0x187c Winmgmt - ok
20:41:11.0138 0x187c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:41:11.0211 0x187c WinRM - ok
20:41:11.0236 0x187c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
20:41:11.0239 0x187c WinUsb - ok
20:41:11.0311 0x187c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:41:11.0349 0x187c WlanSvc - ok
20:41:11.0436 0x187c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:41:11.0476 0x187c wlidsvc - ok
20:41:11.0512 0x187c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:41:11.0513 0x187c WmiAcpi - ok
20:41:11.0539 0x187c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:41:11.0544 0x187c wmiApSrv - ok
20:41:11.0568 0x187c WMPNetworkSvc - ok
20:41:11.0586 0x187c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
20:41:11.0591 0x187c Wof - ok
20:41:11.0715 0x187c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
20:41:11.0761 0x187c workfolderssvc - ok
20:41:11.0793 0x187c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:41:11.0795 0x187c wpcfltr - ok
20:41:11.0818 0x187c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:41:11.0820 0x187c WPCSvc - ok
20:41:11.0839 0x187c [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:41:11.0843 0x187c WPDBusEnum - ok
20:41:11.0862 0x187c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:41:11.0864 0x187c WpdUpFltr - ok
20:41:11.0881 0x187c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:41:11.0882 0x187c ws2ifsl - ok
20:41:11.0938 0x187c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:41:11.0944 0x187c wscsvc - ok
20:41:11.0948 0x187c WSearch - ok
20:41:12.0084 0x187c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
20:41:12.0166 0x187c WSService - ok
20:41:12.0197 0x187c [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
20:41:12.0200 0x187c wsvd - ok
20:41:12.0366 0x187c [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:41:12.0453 0x187c wuauserv - ok
20:41:12.0487 0x187c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:41:12.0491 0x187c WudfPf - ok
20:41:12.0512 0x187c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:12.0519 0x187c WUDFRd - ok
20:41:12.0535 0x187c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:41:12.0541 0x187c WUDFSensorLP - ok
20:41:12.0575 0x187c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:41:12.0579 0x187c wudfsvc - ok
20:41:12.0590 0x187c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:12.0595 0x187c WUDFWpdFs - ok
20:41:12.0604 0x187c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
20:41:12.0610 0x187c WUDFWpdMtp - ok
20:41:12.0656 0x187c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:41:12.0672 0x187c WwanSvc - ok
20:41:12.0883 0x187c [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:41:12.0976 0x187c ZeroConfigService - ok
20:41:12.0995 0x187c ================ Scan global ===============================
20:41:13.0076 0x187c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
20:41:13.0098 0x187c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
20:41:13.0138 0x187c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
20:41:13.0202 0x187c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
20:41:13.0213 0x187c [ Global ] - ok
20:41:13.0213 0x187c ================ Scan MBR ==================================
20:41:13.0230 0x187c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:41:13.0240 0x187c \Device\Harddisk0\DR0 - ok
20:41:13.0241 0x187c ================ Scan VBR ==================================
20:41:13.0243 0x187c [ C307F981B085B939E9144D2BA8D35BFB ] \Device\Harddisk0\DR0\Partition1
20:41:13.0245 0x187c \Device\Harddisk0\DR0\Partition1 - ok
20:41:13.0258 0x187c [ DBD7E31BB7C36769AF538F5940AB8FE5 ] \Device\Harddisk0\DR0\Partition2
20:41:13.0259 0x187c \Device\Harddisk0\DR0\Partition2 - ok
20:41:13.0272 0x187c [ 27CF5568853A0D8392A39E65E6EA7437 ] \Device\Harddisk0\DR0\Partition3
20:41:13.0273 0x187c \Device\Harddisk0\DR0\Partition3 - ok
20:41:13.0292 0x187c [ 84833E3E69F2AA95FF524F3C579ABBA8 ] \Device\Harddisk0\DR0\Partition4
20:41:13.0292 0x187c \Device\Harddisk0\DR0\Partition4 - ok
20:41:13.0298 0x187c [ ABD4AE5CC8E81AB7F1813CBBA8F6C8A5 ] \Device\Harddisk0\DR0\Partition5
20:41:13.0300 0x187c \Device\Harddisk0\DR0\Partition5 - ok
20:41:13.0326 0x187c [ E6B4D91E07A89FD54CAE04B996A8087E ] \Device\Harddisk0\DR0\Partition6
20:41:13.0327 0x187c \Device\Harddisk0\DR0\Partition6 - ok
20:41:13.0341 0x187c [ 5519F2C2D861C7E302FD2DCC21547517 ] \Device\Harddisk0\DR0\Partition7
20:41:13.0342 0x187c \Device\Harddisk0\DR0\Partition7 - ok
20:41:13.0343 0x187c ================ Scan generic autorun ======================
20:41:13.0413 0x187c [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:41:13.0415 0x187c IAStorIcon - ok
20:41:13.0453 0x187c [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
20:41:13.0455 0x187c ForteConfig - ok
20:41:13.0557 0x187c [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
20:41:13.0602 0x187c SmartAudio - ok
20:41:13.0668 0x187c [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
20:41:13.0693 0x187c cAudioFilterAgent - ok
20:41:13.0695 0x187c ETDCtrl - ok
20:41:13.0931 0x187c [ 0E2427CF7B8BFC002795159AB55564C1, F4DAEEC6CD7580621C3411ADC5EAA8BE1927924EC2FEDA05E223E6580D8FA9B7 ] C:\WINDOWS\RTFTrack.exe
20:41:14.0075 0x187c RtsFT - ok
20:41:14.0726 0x187c [ 6DB938E782F688C788441AB389B9FC78, 195875E58457FE5CD6E81AD48576186060D4B44FD415DAF881541199808C1BCE ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
20:41:15.0088 0x187c Energy Manager - ok
20:41:15.0540 0x187c [ E3D9352D2EE0A4343FE2A4A99FCBCB06, 886D243B569BF11118D19B27DE39DE1E42D471B3DA0C9A397E301E17519C6C42 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
20:41:15.0786 0x187c Lenovo Utility - ok
20:41:15.0892 0x187c [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
20:41:15.0897 0x187c UpdateP2GShortCut - ok
20:41:16.0008 0x187c [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:41:16.0023 0x187c SunJavaUpdateSched - ok
20:41:16.0058 0x187c [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
20:41:16.0061 0x187c Pokki - ok
20:41:16.0174 0x187c [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
20:41:16.0209 0x187c FreeAC - ok
20:41:16.0247 0x187c Skype - ok
20:41:16.0673 0x187c [ 1E53BE3B241C27D42F753EEE7E0751B7, 8237E8ECBB332AA0098024313F4452EFE66FECAC1878E07A46A6F817DC1AF453 ] C:\Program Files (x86)\ManyCam\ManyCam.exe
20:41:16.0908 0x187c ManyCam - ok
20:41:16.0966 0x187c Chromium - ok
20:41:17.0106 0x187c [ 0C2D8CBA28E12D170FC5343F03E6D20C, 73A66AEF5D89E69E6B19172328AC043542FD7628DD44A569B23625261A0B56FB ] C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:41:17.0140 0x187c Spotify Web Helper - ok
20:41:17.0259 0x187c [ 309A0390822194B835DBBF1374718354, BE1021B9D5EA4C4180E752F21191BD21010298BB2545F3D725E71E913DB14808 ] C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
20:41:17.0304 0x187c uTorrent - ok
20:41:17.0583 0x187c [ C654101E928F9C1EC19A3C3AA78D4482, 925C51A2B1DD082EA5F7035CDAD481F6017DD943B005042703CCE1D5F9572AF2 ] C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe
20:41:17.0760 0x187c Spotify - ok
20:41:17.0773 0x187c Waiting for KSN requests completion. In queue: 174
20:41:18.0611 0x1088 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
20:41:18.0774 0x187c Waiting for KSN requests completion. In queue: 150
20:41:18.0991 0x1088 Object send P2P result: true
20:41:19.0874 0x187c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
20:41:19.0888 0x187c Win FW state via NFP2: enabled ( trusted )
20:41:20.0037 0x187c ============================================================
20:41:20.0037 0x187c Scan finished
20:41:20.0037 0x187c ============================================================
20:41:20.0054 0x1960 Detected object count: 0
20:41:20.0055 0x1960 Actual detected object count: 0
20:41:39.0956 0x1874 Deinitialize success
|
|
27.01.2017, 09:27
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbarZitat:
 MBAR hatte alte Signaturen, tdsskiller wurde falsch eingestellt!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu nova.rambler.ru nicht entfernbar |
| entfernbar, entfernen, festgestellt, gestellt, malware / adware / spyware etc, nicht, nicht entfernbar, nicht mehr, nova.rambler.ru, problem, tagen, virus ? |
Linear-Darstellung
