| |
| |||||||
Log-Analyse und Auswertung: Wie werde ich "win32.downloader.gen" los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.02.2017, 13:25
| #1 |
 |  Wie werde ich "win32.downloader.gen" los? Hi, SpyBot Search&Destroy hat auf meinem PC "win32.downloader.gen" gefunden. Avira und TDSSKiller hatten nichts gefunden. Würde mich freuen wenn mir jemand hilft, das wieder loszuwerden! Scan mit FRST ergab Folgendes: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von horton (Administrator) auf HORTON-PC (02-02-2017 12:42:35)
Gestartet von C:\Users\horton\Desktop
Geladene Profile: horton (Verfügbare Profile: horton & Ameise & der Erfinder)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Windows\System32\atwtusb.exe
() C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\System32\WTMKM.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
() C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\USB Vibration\7906\USB Gamepad.exe
(Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MacroKeyManager] => C:\Windows\system32\WTMKM.exe [6446312 2010-06-14] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [225280 2009-08-25] (JME)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [171104 2010-03-16] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [264704 2010-07-08] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [281088 2010-07-16] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [TMCMonitor] => C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [53248 2009-11-09] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] ()
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_Plugin.exe -update plugin
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-05-16]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-09-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A6F2330F-3790-4172-B4B7-CE7317B8C6F6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DCDE01C2-B4BA-4B7A-BBDC-8B4FD2A8AAE7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000 -> DefaultScope {271EF175-8711-4D5F-A69D-5130D0D13442} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&q={searchTerms}&gu=5461d95f1c7a4557892446976248e913&tu=11Jiy00Ez1D13P0&sku=&tstsId=&ver=&&r=323
SearchScopes: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000 -> {271EF175-8711-4D5F-A69D-5130D0D13442} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&q={searchTerms}&gu=5461d95f1c7a4557892446976248e913&tu=11Jiy00Ez1D13P0&sku=&tstsId=&ver=&&r=323
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-08] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-04-22] (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoftTB DE Toolbar -> {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -> C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll [2011-05-09] (Conduit Ltd.)
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll => Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-31] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-31] (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-04-30] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll [2011-05-09] (Conduit Ltd.)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmTlbr.dll Keine Datei
Toolbar: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: fzwgi5ur.default
FF ProfilePath: C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default [2017-02-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fzwgi5ur.default -> DuckDuckGo
FF Extension: (YouTube mp3) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: (Save as PDF) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-28]
FF Extension: (UnMHT) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2016-11-28]
FF Extension: (Diagnostics) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\features\{f11a5f6e-61bd-4e13-8a98-44f23f361f4e}\diagnostics@mozilla.org.xpi [2017-02-02]
FF Extension: (Send HSTS Priming Requests) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\features\{f11a5f6e-61bd-4e13-8a98-44f23f361f4e}\hsts-priming@mozilla.org.xpi [2017-02-02]
FF HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: (Download videos and MP3s from YouTube) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-07-18] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-23] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-23] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-10-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3064065677-2226785740-1792966077-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\horton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-04-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3064065677-2226785740-1792966077-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=55&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=55&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=58&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default [2017-02-02]
CHR Extension: (YouTube) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Google-Suche) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Avira Browserschutz) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-27]
CHR Extension: (Amazon-Icon) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-03-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Google Mail) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-07-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\horton\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-15]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-05-16] (Adobe Systems) [Datei ist nicht signiert]
R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [915232 2010-07-15] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WTService; C:\Windows\System32\atwtusb.exe [907496 2010-06-14] () [Datei ist nicht signiert]
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2016-08-31] (Oak Technology Inc.) [Datei ist nicht signiert]
R3 ATIAVPCI; C:\Windows\System32\DRIVERS\atinavrr.sys [1557760 2010-03-26] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-06-02] (Avira Operations GmbH & Co. KG)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41096 2008-12-01] (Your Corporation)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [23152 2010-01-15] (JMicron )
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [26176 2010-08-06] ()
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [237568 2010-07-17] (Vimicro Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-02 12:42 - 2017-02-02 12:43 - 00030068 _____ C:\Users\horton\Desktop\FRST.txt
2017-02-02 12:42 - 2017-02-02 12:42 - 00000000 ____D C:\FRST
2017-02-02 12:22 - 2017-02-02 12:33 - 02420736 _____ (Farbar) C:\Users\horton\Desktop\FRST64.exe
2017-02-02 12:00 - 2017-02-02 12:08 - 00414016 _____ C:\TDSSKiller.3.1.0.12_02.02.2017_12.00.46_log.txt
2017-02-02 11:55 - 2017-02-02 11:57 - 00414150 _____ C:\TDSSKiller.3.1.0.12_02.02.2017_11.55.10_log.txt
2017-02-02 11:54 - 2017-02-02 11:54 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-02 11:18 - 2017-02-02 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-02 08:47 - 2017-02-02 08:47 - 00000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2017-02-02 08:47 - 2017-02-02 08:47 - 00000000 ____D C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2017-02-02 07:24 - 2017-02-02 07:24 - 00010473 _____ C:\Users\horton\Desktop\TJP e.V.*-*Bundesfreiwilligendienst.htm
2017-02-02 07:24 - 2017-02-02 07:24 - 00000000 ____D C:\Users\horton\Desktop\TJP e.V.*-*Bundesfreiwilligendienst-Dateien
2017-01-31 10:24 - 2017-01-31 10:24 - 00000000 ____D C:\Windows\pss
2017-01-26 14:31 - 2017-02-01 17:36 - 00000000 ____D C:\Users\horton\Desktop\umgang
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-02 12:39 - 2012-10-04 19:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-02 12:14 - 2016-12-03 11:42 - 00000000 ____D C:\Users\horton\AppData\LocalLow\Mozilla
2017-02-02 11:54 - 2012-11-20 21:55 - 00000000 ____D C:\Users\horton\AppData\Local\Downloaded Installations
2017-02-02 11:38 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-02 11:38 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-02 11:28 - 2009-07-14 03:34 - 00000742 _____ C:\Windows\win.ini
2017-02-02 11:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-02 11:20 - 2013-10-17 13:42 - 00007638 _____ C:\Users\horton\AppData\Local\Resmon.ResmonCfg
2017-02-02 11:18 - 2014-08-17 21:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-02 10:59 - 2012-11-14 14:55 - 00000000 ____D C:\Program Files (x86)\Conduit
2017-02-02 08:39 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-02 08:04 - 2013-12-18 20:34 - 00000000 ____D C:\ProgramData\SecTaskMan
2017-02-01 14:13 - 2013-05-06 14:07 - 00000000 ____D C:\Users\horton\Desktop\WORK2DO
2017-02-01 14:11 - 2015-01-30 20:08 - 00000000 ____D C:\Users\horton\Desktop\Desktop aufräumen!
2017-02-01 10:57 - 2016-11-30 23:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-01 10:57 - 2016-01-21 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-31 10:13 - 2016-05-04 13:14 - 00000000 ____D C:\Users\horton\Desktop\SoSe2016
2017-01-31 10:11 - 2016-05-04 09:08 - 00000000 ____D C:\Users\horton\Desktop\Beppo
2017-01-31 10:07 - 2014-07-15 18:50 - 00000000 ____D C:\Users\horton\Desktop\uni
2017-01-31 09:28 - 2012-02-23 11:59 - 00000000 ____D C:\Users\horton\AppData\Roaming\vlc
2017-01-25 17:32 - 2016-11-18 16:02 - 00000000 ____D C:\Users\Ameise\AppData\LocalLow\Mozilla
2017-01-23 16:14 - 2015-11-29 18:58 - 00004090 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1448819900
2017-01-23 15:39 - 2012-10-04 19:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-23 15:39 - 2012-06-08 10:22 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-23 15:39 - 2012-03-18 04:26 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-23 15:39 - 2011-06-30 13:45 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-23 15:39 - 2010-09-20 13:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-23 15:05 - 2016-03-10 20:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-23 15:04 - 2016-01-21 09:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-18 16:33 - 2016-01-21 11:08 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-18 16:31 - 2016-01-21 11:05 - 00000000 ____D C:\Program Files\Microsoft Office 15
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-05-22 12:03 - 2013-05-22 12:03 - 0000050 _____ () C:\Users\horton\AppData\Roaming\AcroIEHelpe.txt
2013-05-22 11:27 - 2013-05-22 11:27 - 0552126 _____ () C:\Users\horton\AppData\Roaming\dict.txt
2013-05-22 11:27 - 2013-05-22 11:27 - 0001466 _____ () C:\Users\horton\AppData\Roaming\jserv.txt
2013-05-22 11:58 - 2013-05-22 11:58 - 0000505 _____ () C:\Users\horton\AppData\Roaming\rost.dat
2013-05-22 11:27 - 2013-05-22 11:27 - 0000260 _____ () C:\Users\horton\AppData\Roaming\srvblck5.tmp
2016-05-12 07:12 - 2016-05-12 07:12 - 0002112 _____ () C:\Users\horton\AppData\Local\recently-used.xbel
2013-10-17 13:42 - 2017-02-02 11:20 - 0007638 _____ () C:\Users\horton\AppData\Local\Resmon.ResmonCfg
2011-11-10 10:40 - 2012-03-06 11:07 - 0000125 ___SH () C:\ProgramData\.zreglib
2010-09-20 13:39 - 2010-09-20 13:39 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2016-07-21 18:00 - 2016-08-03 12:31 - 0000848 ___SH () C:\ProgramData\KGyGaAvL.sys
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
Einige Dateien in TEMP:
====================
2015-05-30 09:31 - 2015-05-30 09:31 - 0000000 ____D () C:\Users\Ameise\AppData\Local\Temp\avgnt.exe
2016-09-13 14:12 - 2016-09-13 14:12 - 0000000 ____D () C:\Users\der Erfinder\AppData\Local\Temp\avgnt.exe
2016-08-10 15:20 - 2016-07-04 01:08 - 0049544 _____ (HP Inc.) C:\Users\horton\AppData\Local\Temp\ACLMInstaller.exe
2013-12-02 12:11 - 2014-08-17 21:45 - 0000000 ____D () C:\Users\horton\AppData\Local\Temp\avgnt.exe
2016-07-21 17:29 - 2016-07-21 17:35 - 0008480 _____ (Corel Corporation) C:\Users\horton\AppData\Local\Temp\DRPCUNLR.dll
2012-09-20 02:15 - 2012-09-20 02:15 - 50352408 _____ (Microsoft Corporation) C:\Users\horton\AppData\Local\Temp\NetFramework45.exe
2016-07-10 07:14 - 2016-07-10 07:14 - 7424678 _____ () C:\Users\horton\AppData\Local\Temp\tmpA44A.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-20 01:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von horton (02-02-2017 12:43:49)
Gestartet von C:\Users\horton\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-18 20:21:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3064065677-2226785740-1792966077-500 - Administrator - Disabled)
Ameise (S-1-5-21-3064065677-2226785740-1792966077-1001 - Limited - Enabled) => C:\Users\Ameise
der Erfinder (S-1-5-21-3064065677-2226785740-1792966077-1002 - Limited - Enabled) => C:\Users\der Erfinder
Gast (S-1-5-21-3064065677-2226785740-1792966077-501 - Limited - Disabled)
horton (S-1-5-21-3064065677-2226785740-1792966077-1000 - Administrator - Enabled) => C:\Users\horton
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1x1-Trainer 4 (HKLM-x32\...\1x1-Trainer) (Version: 4 - Hans-Jürgen Stoffels, Köln.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft PhotoStudio Paint (HKLM-x32\...\{EC252D0D-C690-4CE7-BA07-23F4E00505BE}) (Version: 1.0.1.25 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{D6D18877-4A64-CE9E-1980-C1F414AC7F27}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
Bluetooth Notice (HKLM-x32\...\{4CC5AE2D-492D-4A21-9E99-1F46A7D4158B}) (Version: 2.0.00.07050 - Lenovo)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Corel PDF Fusion - Creator (Version: 4.0.0 - Corel Corporation) Hidden
Corel PDF Fusion - ICA (x32 Version: 1.12 - Corel Corporation) Hidden
Corel PDF Fusion - Program (x32 Version: 1.14.0000 - Corel Corporation) Hidden
Corel PDF Fusion - Setup (x32 Version: 1.12 - Corel Corporation) Hidden
Corel PDF Fusion (HKLM-x32\...\_{5D62567F-38BA-4713-B87E-CF06C465E33B}) (Version: 1.14 - Corel Corporation)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Extra Content (HKLM-x32\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Extra Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
Curling (HKLM-x32\...\{369AAC15-34EF-4A1E-9090-29BEE38956F4}) (Version: 1.16.063010 - NTTC)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2716 - CyberLink Corp.)
Dialang V1 Beta (HKLM-x32\...\{97DF4674-AB43-11D5-91C9-005004F84FA1}) (Version: - )
DriverInstall (x32 Version: 1.00.0000 - Genaitech) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Firework (HKLM-x32\...\{736DB9B0-D2BA-41DC-AACD-384A599B7D24}) (Version: 1.14.063010 - NTTC)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - )
Funny Cube (HKLM-x32\...\{791708C1-0D84-4D05-88DC-A29EE9808270}) (Version: 1.17.063010 - NTTC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Happy Hit (HKLM-x32\...\{A8BE86A1-7E0E-4814-80E5-6F4073B744F7}) (Version: 1.33.063010 - NTTC)
HP Foto und Bildbearbeitung 1.0 - HP PSC - HP OfficeJet (HKLM-x32\...\PSC 2000 Series) (Version: - )
Idea Touch 3.0 (HKLM-x32\...\{70D6A420-AAC3-4213-9EF7-CDD6C16CCF2D}) (Version: 3.00.010.0816 - Lenovo)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.197 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.0.20.197 - InterVideo Inc.) Hidden
Janosch Tigerschule (HKLM-x32\...\{DB7DEBC2-8031-4186-A5C2-DAD6C823853C}) (Version: 1.00.0000 - Terzio Verlag)
Janoschs neue Tigerschule (HKLM-x32\...\Janoschs neue Tigerschule) (Version: - )
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.09.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2600 - Broadcom Corporation)
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.19161 - Lenovo)
Lenovo EBook&QuickNotes (HKLM-x32\...\InstallShield_{63EA246F-3C4F-4809-B0DE-3738F99B34DD}) (Version: 1.0.3.9 - ArcSoft)
Lenovo EBook&QuickNotes (x32 Version: 1.0.3.9 - ArcSoft) Hidden
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.19080 - Lenovo)
Lenovo Fun Zone (HKLM-x32\...\motiongame) (Version: 0.7.8.51 - Tose(Shanghai) Ltd.)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3720 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.3720 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo VeriTouch 2.0 (HKLM-x32\...\InstallShield_{6A7F7465-284F-4299-8663-CDB496CEFA7D}) (Version: 2.0.1.9 - ArcSoft)
Lenovo VeriTouch2.0 (x32 Version: 2.0.1.9 - ArcSoft) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LenovoModifyWindowStyle (HKLM-x32\...\{EBC41B09-E56D-421C-B3D0-84AC1103541B}) (Version: 1.00.0408 - Lenovo)
LIMBO (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Limbo) (Version: - )
Link Up (HKLM-x32\...\{3DEDB107-2FCB-4544-844D-EC2878A9F22C}) (Version: 1.17.063010 - NTTC)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0423 - Lenovo)
LXH-JME8002B Hotkey Driver (HKLM-x32\...\{29EA755D-404B-4310-872C-EB1B8513F9D6}) (Version: 5.0.0825 - Lenovo)
Machinarium (HKLM-x32\...\Machinarium) (Version: - Daedalic Entertainment)
MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
MacroKey Manager (Version: 1.00.0000 - Ihr Firmenname) Hidden
Mat5070Win7x64Drv (HKLM-x32\...\InstallShield_{884D18CB-F012-4F9D-9498-25D1E004DB87}) (Version: 6.14.10.396 - Geniatech)
Mat5070Win7x64Drv (x32 Version: 6.14.10.396 - Geniatech) Hidden
Media Go (HKLM-x32\...\{7A6C3344-5CF9-4B83-959C-6576C5B27D09}) (Version: 2.3.255 - Sony)
Media Go Video Playback Engine 1.96.115.08260 (HKLM-x32\...\{065DBB54-6E55-A609-2E1E-F0617E827D53}) (Version: 1.96.115.08260 - Sony)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Research AutoCollage Touch 2009 (HKLM-x32\...\{1F8DA253-3C27-4B01-A63A-BA3533120833}) (Version: 2.00.2009 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MuseScore 1.2 MuseScore score typesetter (HKLM-x32\...\MuseScore) (Version: 1.2.0 - Werner Schweer and Others)
Music Star (HKLM-x32\...\{E4FB9C8E-E965-4885-A4F8-8D2991AD4A36}) (Version: 1.35.063010 - NTTC)
Music Star (x32 Version: 1.35.063010 - NTTC) Hidden
NextWindow Drivers (HKLM\...\{0D765C2F-D317-4C25-9582-F669974FADA4}) (Version: 1.4.144 - NextWindow)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 37.0.2178.32 (HKLM-x32\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
pCon.planner 6.7 (HKLM-x32\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
pCon.planner 6.7 (x32 Version: 6.7.0.102 - EasternGraphics) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.12.6.14870 - Sony Computer Entertainment Inc.)
PowerCinema (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.0.4308 - CyberLink Corp.)
PowerCinema (x32 Version: 7.0.4308 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Readiris 7.5 (HKLM-x32\...\{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}) (Version: - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Scrabble3D (HKLM-x32\...\{FF7B2746-9028-4784-B4E7-CC8CA67CF98D}) (Version: 3.1.4 - Heiko Tietze)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.2.0.100706 - Lenovo)
Tiny and Big - Grandpa's Leftovers (remove only) (HKLM-x32\...\Tiny and Big - Grandpas Leftovers) (Version: - )
tipptapp (HKLM-x32\...\tipptapp) (Version: 1.1 - UNKNOWN)
tipptapp (x32 Version: 1.1 - UNKNOWN) Hidden
Unity Web Player (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V3.70a - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04C5F25C-AAFA-492D-81D3-F2A3C7F99DC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {06FE0C75-095D-4538-9652-1459AD205388} - System32\Tasks\{68C54E11-A282-461B-95D6-06C9D1E2DA94} => pcalua.exe -a C:\Users\horton\Desktop\dialang.exe -d C:\Users\horton\Desktop
Task: {0B2FB6FB-5A3B-4553-91CA-5D4A0F147735} - System32\Tasks\{D6E62EA7-E2F5-4CA8-BF54-4E460763B5E2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {184B24B0-6EEB-4954-99E5-36D978467C30} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1CF293F8-1AEA-4197-946C-92687175403F} - System32\Tasks\{736C63F3-D2A7-419C-8F26-4F75DB5FA8EE} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS2_RetNon_Ger_3.exe -d C:\Users\horton\Desktop\cs2
Task: {3B09AC67-7BFE-49D7-AD47-3AD780BF497F} - System32\Tasks\Opera scheduled Autoupdate 1448819900 => C:\Users\Ameise\AppData\Local\Programs\Opera\launcher.exe [2017-01-16] (Opera Software)
Task: {3B289925-D629-4DFE-AE42-D9D95D4B4410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3EAB639C-2FC8-4064-98DD-4C85415019E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-23] (Adobe Systems Incorporated)
Task: {448A37AB-EE09-4022-B1B2-E40C21C38283} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {54200FB5-0D44-4CAA-98C9-708949FA1F09} - System32\Tasks\Opera scheduled Autoupdate 1418639019 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-28] (Opera Software)
Task: {65219F8A-790B-47DF-A54B-CEE1F484C54D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {661D22D4-FB9D-4D29-8177-BBA903971A83} - System32\Tasks\{9A441C31-2AC8-449A-98AD-3A8894ED1EB5} => pcalua.exe -a C:\Users\horton\Desktop\Beppo\cs2\CS_2.0_GR_Extras_1.exe -d C:\Users\horton\Desktop\Beppo\cs2
Task: {7BCEE2BE-4536-465C-9685-42B1C8CB5079} - System32\Tasks\{9F891BA6-C1FD-4436-8635-17892C96B09F} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS_2.0_GR_Extras_1.exe -d C:\Users\horton\Desktop\cs2
Task: {A6155A92-7CDC-49EE-BF19-BC640597705A} - System32\Tasks\{11BC33C9-6703-4868-A206-CC3820EC52EF} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS2_RetNon_Ger_2.exe -d C:\Users\horton\Desktop\cs2
Task: {AA7AF7A0-6DFC-429F-9B01-3F6FE6409F23} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {C85FD0DE-8A35-454D-A55E-9C4A0DF07642} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {CE94750F-6DB9-4D3E-8104-F4408AB635C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {F7FB24F9-0C03-4DF3-9AD9-48BF1D996598} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-01-21 11:05 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-06-14 13:27 - 2010-06-14 13:27 - 00907496 _____ () C:\Windows\System32\atwtusb.exe
2005-04-06 15:53 - 2005-04-06 15:53 - 03502080 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2010-06-14 13:27 - 2010-06-14 13:27 - 00907496 _____ () C:\Windows\system32\atwtusb.exe
2010-07-15 14:37 - 2010-07-15 14:37 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2012-02-09 14:01 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-06-14 15:50 - 2010-06-14 15:50 - 06446312 _____ () C:\Windows\System32\WTMKM.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2009-11-09 15:38 - 2009-11-09 15:38 - 00053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
2015-12-25 01:18 - 2008-12-10 11:10 - 00796784 _____ () C:\Windows\USB Vibration\7906\USB Gamepad.exe
2010-04-23 14:29 - 2010-04-23 14:29 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-20 13:27 - 2010-09-20 13:27 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2005-04-06 15:52 - 2005-04-06 15:52 - 00028791 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00057453 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00102515 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00053364 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00057455 _____ () C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00032880 _____ () C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00434255 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 01019904 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2014-07-18 11:12 - 2016-07-22 07:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2010-09-20 13:31 - 2009-08-21 07:35 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-09-20 13:31 - 2009-08-21 08:27 - 00028672 _____ () C:\Program Files (x86)\jmesoft\hidhook.dll
2010-09-20 13:38 - 2010-07-08 13:52 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
2010-09-20 13:38 - 2010-07-08 13:52 - 00211456 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll
2010-09-20 13:39 - 2010-07-16 14:55 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
2010-09-20 13:39 - 2010-07-16 14:55 - 00182272 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\DDCHelperWraper.dll
2009-12-04 15:59 - 2009-12-04 15:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 16:04 - 2009-12-04 16:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\horton\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
bfe => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 2000 Series.lnk => C:\Windows\pss\hp psc 2000 Series.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^officejet 6100.lnk => C:\Windows\pss\officejet 6100.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Version Cue CS2 => "c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Share-to-Web Namespace Daemon => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A4FB27FC-023D-4129-B1DE-FDF2B09061D5}] => C:\Program Files (x86)\Lenovo\PowerCinema\PowerCinema.exe
FirewallRules: [{8A3B9C82-477B-497B-875D-47FB8BA0C12E}] => C:\Program Files (x86)\Lenovo\PowerCinema\PCMService.exe
FirewallRules: [{9C02D370-9C54-4245-8D97-C3EF1807BD7B}] => C:\Program Files (x86)\Lenovo\PowerCinema\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{C31DDC86-21AB-47E0-888F-8DEF4FD5BE47}] => C:\Program Files (x86)\Lenovo\PowerCinema\Kernel\DMS\CLMSService.exe
FirewallRules: [{C8468554-4EA9-4C9F-8262-671D36E9E99F}] => C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{0516DDB6-8361-4C3B-91AD-478A20CF035E}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{034FFB5D-CBD4-4AC3-AE1F-6F182A2C1083}] => svchost.exe
FirewallRules: [{6CA96BF6-9B90-44A9-AFD3-29CC3CB428E6}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{BD3F27AF-F479-44D9-81F7-343CA3100C7D}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{590DF1F9-59A1-408A-A742-150E8DE4BC62}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{97B50266-2462-4C09-817D-46088F510B3D}C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe] => C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe
FirewallRules: [UDP Query User{4D447EA7-4625-409F-B49C-29DA7B9C90C7}C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe] => C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe
==================== Wiederherstellungspunkte =========================
20-11-2016 01:55:47 Geplanter Prüfpunkt
22-11-2016 14:10:20 Windows Update
02-02-2017 08:36:22 Removed BlueStacks Notification Center
02-02-2017 08:38:17 Removed BlueStacks Notification Center
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Realtek PCIe GBE Family Controller #2
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/02/2017 08:11:43 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/02/2017 08:00:01 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={5089AFC7-E689-4661-9467-5683F945F9F1}: Der Benutzer "horton-PC\horton" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/02/2017 07:07:26 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/01/2017 02:37:52 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/01/2017 10:59:25 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/30/2017 08:13:04 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/28/2017 11:50:58 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/26/2017 08:56:10 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/25/2017 04:24:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/24/2017 02:59:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Systemfehler:
=============
Error: (02/02/2017 11:54:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (02/02/2017 11:54:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (02/02/2017 11:30:27 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar..
Error: (02/02/2017 11:30:24 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.
Error: (02/02/2017 11:29:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: Unzulässige Funktion.
.
Error: (02/02/2017 11:29:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet:
In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
Error: (02/02/2017 11:29:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error: (02/02/2017 11:29:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde nicht richtig gestartet.
Error: (02/02/2017 11:27:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/02/2017 11:27:27 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "SBSD Security Center Service" ist von folgendem Dienst abhängig: wscsvc. Dieser Dienst ist eventuell nicht installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 4023.12 MB
Verfügbarer physikalischer RAM: 1571.37 MB
Summe virtueller Speicher: 8044.42 MB
Verfügbarer virtueller Speicher: 4969.82 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:906.34 GB) (Free:656.73 GB) NTFS
Drive d: (TippTapp) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8D385642)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
02.02.2017, 14:21
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Wie werde ich "win32.downloader.gen" los?Zitat:
__________________ |
|
02.02.2017, 16:24
| #3 |
| | Wie werde ich "win32.downloader.gen" los? Bericht erster Suchdurchlauf:
__________________Code:
ATTFilter 02.02.2017 08:48:24 - ##### check started #####
02.02.2017 08:48:24 - ### Version: 1.6.2
02.02.2017 08:48:24 - ### Date: 02.02.2017 08:48:24
02.02.2017 08:48:27 - ##### checking bots #####
02.02.2017 08:54:25 - found: Win32.Downloader.gen Bibliothek
02.02.2017 08:54:25 - found: Win32.Downloader.gen Daten
02.02.2017 08:54:47 - found: Conduit.CommunityAlerts Programm-Verzeichnis
02.02.2017 08:54:47 - found: Conduit.CommunityAlerts Einstellungen
02.02.2017 08:54:47 - found: Conduit.CommunityAlerts Einstellungen
02.02.2017 08:54:47 - found: Conduit.CommunityAlerts Class ID
02.02.2017 08:54:48 - found: Conduit.Shmoopy Einstellungen
02.02.2017 08:54:48 - found: DownloadSponsor Einstellungen
02.02.2017 08:54:48 - found: DownloadSponsor Einstellungen
02.02.2017 09:05:34 - found: DoubleClick Verfolgender Cookie (Internet Explorer: horton)
02.02.2017 09:05:34 - ##### check finished #####
Code:
ATTFilter --- Report generated: 2017-02-02 09:05 ---
Win32.Downloader.gen: [SBI $F65FFCFA] Bibliothek (Datei, nothing done)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
Properties.size=638560
Properties.md5=6796F6E449F90A543DC3345538ACC46F
Properties.filedate=1308838846
Properties.filedatetext=2011-06-23 15:20:46
Win32.Downloader.gen: [SBI $82F4FAFD] Daten (Datei, nothing done)
C:\END
Properties.size=9
Properties.md5=A103FDF7348130EF3F3FEF56B1700A27
Properties.filedate=1352901327
Properties.filedatetext=2012-11-14 14:55:26
Conduit.CommunityAlerts: [SBI $8BC58BD8] Programm-Verzeichnis (Verzeichnis, nothing done)
C:\Program Files (x86)\Conduit\Community Alerts\
Conduit.CommunityAlerts: [SBI $F17963C8] Einstellungen (Registrierungsdatenbank-Wert, nothing done)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\Conduit\RevertSettings\ConduitLatestHomePage=...hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848...
Conduit.CommunityAlerts: [SBI $59C51646] Einstellungen (Registrierungsdatenbank-Schlüssel, nothing done)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\Conduit\RevertSettings
Conduit.CommunityAlerts: [SBI $CD21D057] Class ID (Registrierungsdatenbank-Schlüssel, nothing done)
HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Conduit.Shmoopy: [SBI $EB085BCA] Einstellungen (Registrierungsdatenbank-Schlüssel, nothing done)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
DownloadSponsor: [SBI $CC437C6B] Einstellungen (Registrierungsdatenbank-Wert, nothing done)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\OCS\lastPID=...chipderedesign...
DownloadSponsor: [SBI $980DE8E4] Einstellungen (Registrierungsdatenbank-Wert, nothing done)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\OCS\PID=...chipde...
DoubleClick: Verfolgender Cookie (Internet Explorer: horton) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2012-07-05 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2015-07-31 Includes\Adware-000.sbi (*)
2015-11-10 Includes\Adware-001.sbi (*)
2017-02-01 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2016-11-16 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2016-08-26 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2015-11-23 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2016-11-09 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2017-02-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2016-06-22 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2016-06-14 Includes\Malware-004.sbi (*)
2016-06-22 Includes\Malware-005.sbi (*)
2016-01-18 Includes\Malware-006.sbi (*)
2015-10-29 Includes\Malware-007.sbi (*)
2017-02-01 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2016-12-28 Includes\PUPS-000.sbi (*)
2015-10-22 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2017-02-01 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-08 Includes\Security.sbi (*)
2014-01-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-13 Includes\Spyware.sbi (*)
2014-01-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2015-11-17 Includes\Trojans-000.sbi (*)
2015-11-19 Includes\Trojans-001.sbi (*)
2015-11-25 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2016-01-22 Includes\Trojans-004.sbi (*)
2015-11-25 Includes\Trojans-005.sbi (*)
2015-11-30 Includes\Trojans-006.sbi (*)
2016-01-27 Includes\Trojans-007.sbi (*)
2015-11-16 Includes\Trojans-008.sbi (*)
2015-04-21 Includes\Trojans-009.sbi (*)
2017-02-01 Includes\Trojans-C.sbi (*)
2016-02-02 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-13 Includes\Trojans-VM-025.sbi (*)
2014-01-13 Includes\Trojans-VM-026.sbi (*)
2015-11-09 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2010-03-10 Includes\TrojansC-01.sbi (*)
2014-01-09 Includes\TrojansC-02.sbi (*)
2014-01-09 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-09 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Hatte dann mit "markierte Probleme beheben" mein Glück versucht: Code:
ATTFilter --- Report generated: 2017-02-02 10:59 ---
Win32.Downloader.gen: [SBI $F65FFCFA] Bibliothek (Datei, fixed)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
Win32.Downloader.gen: [SBI $82F4FAFD] Daten (Datei, fixed)
C:\END
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
Conduit.CommunityAlerts: [SBI $8BC58BD8] Programm-Verzeichnis (Verzeichnis, fixed)
C:\Program Files (x86)\Conduit\Community Alerts\
Conduit.CommunityAlerts: [SBI $F17963C8] Einstellungen (Registrierungsdatenbank-Wert, fixed)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\Conduit\RevertSettings\ConduitLatestHomePage=...hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848...
Conduit.CommunityAlerts: [SBI $59C51646] Einstellungen (Registrierungsdatenbank-Schlüssel, fixed)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\Conduit\RevertSettings
Conduit.CommunityAlerts: [SBI $CD21D057] Class ID (Registrierungsdatenbank-Schlüssel, fixed)
HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Conduit.Shmoopy: [SBI $EB085BCA] Einstellungen (Registrierungsdatenbank-Schlüssel, fixed)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
DownloadSponsor: [SBI $CC437C6B] Einstellungen (Registrierungsdatenbank-Wert, fixed)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\OCS\lastPID=...chipderedesign...
DownloadSponsor: [SBI $980DE8E4] Einstellungen (Registrierungsdatenbank-Wert, fixed)
HKEY_USERS\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\OCS\PID=...chipde...
DoubleClick: Verfolgender Cookie (Internet Explorer: horton) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2012-07-05 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2015-07-31 Includes\Adware-000.sbi (*)
2015-11-10 Includes\Adware-001.sbi (*)
2017-02-01 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2016-11-16 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2016-08-26 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2015-11-23 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2016-11-09 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2017-02-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2016-06-22 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2016-06-14 Includes\Malware-004.sbi (*)
2016-06-22 Includes\Malware-005.sbi (*)
2016-01-18 Includes\Malware-006.sbi (*)
2015-10-29 Includes\Malware-007.sbi (*)
2017-02-01 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2016-12-28 Includes\PUPS-000.sbi (*)
2015-10-22 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2017-02-01 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-08 Includes\Security.sbi (*)
2014-01-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-13 Includes\Spyware.sbi (*)
2014-01-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2015-11-17 Includes\Trojans-000.sbi (*)
2015-11-19 Includes\Trojans-001.sbi (*)
2015-11-25 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2016-01-22 Includes\Trojans-004.sbi (*)
2015-11-25 Includes\Trojans-005.sbi (*)
2015-11-30 Includes\Trojans-006.sbi (*)
2016-01-27 Includes\Trojans-007.sbi (*)
2015-11-16 Includes\Trojans-008.sbi (*)
2015-04-21 Includes\Trojans-009.sbi (*)
2017-02-01 Includes\Trojans-C.sbi (*)
2016-02-02 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-13 Includes\Trojans-VM-025.sbi (*)
2014-01-13 Includes\Trojans-VM-026.sbi (*)
2015-11-09 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2010-03-10 Includes\TrojansC-01.sbi (*)
2014-01-09 Includes\TrojansC-02.sbi (*)
2014-01-09 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-09 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
|
|
02.02.2017, 16:31
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie werde ich "win32.downloader.gen" los? Conduit-Werbek*cke.... Bitte für die Bereinigung Spybot und Avira deinstallieren. Spybot ist weitgehend überflüssig, Avira empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.02.2017, 16:50
| #5 |
| | Wie werde ich "win32.downloader.gen" los? Ist beides runter. Es kann los gehen! |
|
02.02.2017, 16:53
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie werde ich "win32.downloader.gen" los? 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Wie werde ich "win32.downloader.gen" los? |
|
02.02.2017, 19:17
| #7 |
| | Wie werde ich "win32.downloader.gen" los? nichts gefunden.... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.02.05
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
horton :: HORTON-PC [administrator]
02.02.2017 17:54:40
mbar-log-2017-02-02 (17-54-40).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 437238
Time elapsed: 46 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 18:57:40.0299 0x0e04 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
18:57:44.0110 0x0e04 ============================================================
18:57:44.0110 0x0e04 Current date / time: 2017/02/02 18:57:44.0110
18:57:44.0110 0x0e04 SystemInfo:
18:57:44.0110 0x0e04
18:57:44.0110 0x0e04 OS Version: 6.1.7601 ServicePack: 1.0
18:57:44.0110 0x0e04 Product type: Workstation
18:57:44.0110 0x0e04 ComputerName: HORTON-PC
18:57:44.0110 0x0e04 UserName: horton
18:57:44.0110 0x0e04 Windows directory: C:\Windows
18:57:44.0110 0x0e04 System windows directory: C:\Windows
18:57:44.0110 0x0e04 Running under WOW64
18:57:44.0110 0x0e04 Processor architecture: Intel x64
18:57:44.0110 0x0e04 Number of processors: 4
18:57:44.0110 0x0e04 Page size: 0x1000
18:57:44.0110 0x0e04 Boot type: Normal boot
18:57:44.0110 0x0e04 CodeIntegrityOptions = 0x00000001
18:57:44.0110 0x0e04 ============================================================
18:57:45.0697 0x0e04 KLMD registered as C:\Windows\system32\drivers\14141331.sys
18:57:45.0697 0x0e04 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
18:57:46.0049 0x0e04 System UUID: {61CA5BEB-E098-32CA-DDDA-50C8CFA771D6}
18:57:46.0485 0x0e04 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:57:46.0489 0x0e04 ============================================================
18:57:46.0489 0x0e04 \Device\Harddisk0\DR0:
18:57:46.0489 0x0e04 MBR partitions:
18:57:46.0489 0x0e04 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:57:46.0489 0x0e04 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
18:57:46.0489 0x0e04 ============================================================
18:57:46.0510 0x0e04 C: <-> \Device\Harddisk0\DR0\Partition2
18:57:46.0510 0x0e04 ============================================================
18:57:46.0510 0x0e04 Initialize success
18:57:46.0510 0x0e04 ============================================================
18:58:59.0054 0x16bc ============================================================
18:58:59.0054 0x16bc Scan started
18:58:59.0054 0x16bc Mode: Manual; SigCheck; TDLFS;
18:58:59.0054 0x16bc ============================================================
18:58:59.0054 0x16bc KSN ping started
18:58:59.0304 0x16bc KSN ping finished: true
18:59:01.0393 0x16bc ================ Scan system memory ========================
18:59:01.0393 0x16bc System memory - ok
18:59:01.0393 0x16bc ================ Scan services =============================
18:59:01.0521 0x16bc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:59:01.0616 0x16bc 1394ohci - ok
18:59:01.0644 0x16bc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:59:01.0664 0x16bc ACPI - ok
18:59:01.0686 0x16bc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:59:01.0740 0x16bc AcpiPmi - ok
18:59:01.0794 0x16bc [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
18:59:01.0816 0x16bc acsock - ok
18:59:01.0935 0x16bc [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:59:02.0012 0x16bc Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
18:59:02.0178 0x16bc Detect skipped due to KSN trusted
18:59:02.0178 0x16bc Adobe LM Service - ok
18:59:02.0295 0x16bc [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe
18:59:02.0348 0x16bc Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
18:59:02.0510 0x16bc Detect skipped due to KSN trusted
18:59:02.0510 0x16bc Adobe Version Cue CS2 - ok
18:59:02.0581 0x16bc [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:59:02.0588 0x16bc AdobeARMservice - ok
18:59:02.0690 0x16bc [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:59:02.0718 0x16bc AdobeFlashPlayerUpdateSvc - ok
18:59:02.0761 0x16bc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:59:02.0795 0x16bc adp94xx - ok
18:59:02.0827 0x16bc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:59:02.0846 0x16bc adpahci - ok
18:59:02.0861 0x16bc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:59:02.0873 0x16bc adpu320 - ok
18:59:02.0911 0x16bc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:59:03.0008 0x16bc AeLookupSvc - ok
18:59:03.0063 0x16bc [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
18:59:03.0149 0x16bc AFD - ok
18:59:03.0179 0x16bc AFS - ok
18:59:03.0221 0x16bc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:59:03.0230 0x16bc agp440 - ok
18:59:03.0256 0x16bc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:59:03.0311 0x16bc ALG - ok
18:59:03.0331 0x16bc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:59:03.0339 0x16bc aliide - ok
18:59:03.0357 0x16bc [ B4143CB1DD16AE73C6177C72F33450A6, D675AEF56FF030314AB3B4F13A81D72272E67AE10E415058928182A3B8370FE1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:59:03.0401 0x16bc AMD External Events Utility - ok
18:59:03.0413 0x16bc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:59:03.0421 0x16bc amdide - ok
18:59:03.0449 0x16bc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:59:03.0485 0x16bc AmdK8 - ok
18:59:03.0660 0x16bc [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
18:59:03.0882 0x16bc amdkmdag - ok
18:59:03.0919 0x16bc [ 6BA71D6616B56816E57394D77DD1BB6F, 5250378D4CA31578D8E92DD4402E2AA34C2299EA2D9471AC5A9A7CEA46A54CB3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:59:03.0963 0x16bc amdkmdap - ok
18:59:03.0979 0x16bc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:59:04.0022 0x16bc AmdPPM - ok
18:59:04.0087 0x16bc [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:59:04.0105 0x16bc amdsata - ok
18:59:04.0119 0x16bc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:59:04.0147 0x16bc amdsbs - ok
18:59:04.0165 0x16bc [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:59:04.0176 0x16bc amdxata - ok
18:59:04.0214 0x16bc [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID C:\Windows\system32\drivers\appid.sys
18:59:04.0246 0x16bc AppID - ok
18:59:04.0261 0x16bc [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:59:04.0292 0x16bc AppIDSvc - ok
18:59:04.0313 0x16bc [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
18:59:04.0352 0x16bc Appinfo - ok
18:59:04.0380 0x16bc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:59:04.0406 0x16bc arc - ok
18:59:04.0428 0x16bc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:59:04.0438 0x16bc arcsas - ok
18:59:04.0552 0x16bc [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:59:04.0586 0x16bc aspnet_state - ok
18:59:04.0605 0x16bc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:04.0652 0x16bc AsyncMac - ok
18:59:04.0683 0x16bc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:59:04.0690 0x16bc atapi - ok
18:59:04.0750 0x16bc [ F8633CDD09647A64EE8DB550630427FF, 565F32E6B1E8451B2DD866E4997336A47B8DC6669392BDAAF252C35C0383E8A3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:59:04.0820 0x16bc athr - ok
18:59:04.0883 0x16bc [ BCD131E1FF612F0F82FD8DEC39F97C9F, 90519368467CF4BFAFAA7C8DBD439DBABE0673713D39EEE37045170C2BEAB46D ] ATIAVPCI C:\Windows\system32\DRIVERS\atinavrr.sys
18:59:05.0050 0x16bc ATIAVPCI - ok
18:59:05.0115 0x16bc [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:59:05.0154 0x16bc AudioEndpointBuilder - ok
18:59:05.0173 0x16bc [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:59:05.0194 0x16bc AudioSrv - ok
18:59:05.0243 0x16bc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:59:05.0328 0x16bc AxInstSV - ok
18:59:05.0370 0x16bc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:59:05.0428 0x16bc b06bdrv - ok
18:59:05.0455 0x16bc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:05.0482 0x16bc b57nd60a - ok
18:59:05.0517 0x16bc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:59:05.0543 0x16bc BDESVC - ok
18:59:05.0631 0x16bc [ CB7CE2E47139B620D2B87078165F1AD0, 2859F85C463FD34D659EAFDDFE4DE472D04D3D2D639BE4876E19F5DC775D0BA1 ] becldr3Service C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe
18:59:05.0648 0x16bc becldr3Service - detected UnsignedFile.Multi.Generic ( 1 )
18:59:06.0025 0x16bc Detect skipped due to KSN trusted
18:59:06.0025 0x16bc becldr3Service - ok
18:59:06.0050 0x16bc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:59:06.0105 0x16bc Beep - ok
18:59:06.0175 0x16bc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:59:06.0331 0x16bc BITS - ok
18:59:06.0365 0x16bc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:06.0388 0x16bc blbdrive - ok
18:59:06.0430 0x16bc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:59:06.0471 0x16bc bowser - ok
18:59:06.0485 0x16bc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:59:06.0542 0x16bc BrFiltLo - ok
18:59:06.0550 0x16bc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:59:06.0573 0x16bc BrFiltUp - ok
18:59:06.0628 0x16bc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:59:06.0686 0x16bc Browser - ok
18:59:06.0715 0x16bc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:59:06.0751 0x16bc Brserid - ok
18:59:06.0766 0x16bc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:06.0811 0x16bc BrSerWdm - ok
18:59:06.0825 0x16bc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:06.0854 0x16bc BrUsbMdm - ok
18:59:06.0884 0x16bc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:06.0911 0x16bc BrUsbSer - ok
18:59:06.0960 0x16bc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:59:07.0011 0x16bc BthEnum - ok
18:59:07.0030 0x16bc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:59:07.0067 0x16bc BTHMODEM - ok
18:59:07.0088 0x16bc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:59:07.0126 0x16bc BthPan - ok
18:59:07.0167 0x16bc [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:59:07.0212 0x16bc BTHPORT - ok
18:59:07.0235 0x16bc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:59:07.0266 0x16bc bthserv - ok
18:59:07.0275 0x16bc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:59:07.0304 0x16bc BTHUSB - ok
18:59:07.0326 0x16bc [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
18:59:07.0333 0x16bc btusbflt - ok
18:59:07.0357 0x16bc [ A72A9101F9730DB7332714E566614E4D, 7C75772EA40EAEDDE2565E5FF901B17EA9B748563B8CE40062D86D4B0F1DBF0C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:59:07.0365 0x16bc btwaudio - ok
18:59:07.0379 0x16bc [ 5CEEC634B617525F2B6AD29F871033F7, 0A48E08FB3C3384860783F72C85022F6AD11D8F7023580D007478AA94F6F41C5 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:59:07.0394 0x16bc btwavdt - ok
18:59:07.0466 0x16bc [ A5CCE445E343E370589D054AF569B6E1, 54118E06EF7F26408C30017BA852995304DD50563867221F4EF3B7AD2AD5ABD2 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
18:59:07.0491 0x16bc btwdins - ok
18:59:07.0504 0x16bc [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:59:07.0509 0x16bc btwl2cap - ok
18:59:07.0519 0x16bc [ 2AF5604D28BEF77B7CF4B9D232FE7CD3, 758524012FE284EDFC27DF095A2DD5853A0F084999F14DA66784103176E938E4 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:59:07.0524 0x16bc btwrchid - ok
18:59:07.0542 0x16bc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:59:07.0603 0x16bc cdfs - ok
18:59:07.0660 0x16bc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:59:07.0680 0x16bc cdrom - ok
18:59:07.0727 0x16bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:59:07.0773 0x16bc CertPropSvc - ok
18:59:07.0853 0x16bc [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
18:59:07.0862 0x16bc chip1click - detected UnsignedFile.Multi.Generic ( 1 )
18:59:08.0112 0x16bc Detect skipped due to KSN trusted
18:59:08.0112 0x16bc chip1click - ok
18:59:08.0138 0x16bc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:59:08.0157 0x16bc circlass - ok
18:59:08.0192 0x16bc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:59:08.0209 0x16bc CLFS - ok
18:59:08.0797 0x16bc [ 45AF5F89D707C3F64AC59B627AE34A30, 3E0D50463133FD7D57419258C88D80FF47F2729636D7836EE2567F94B0BA0358 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:59:08.0880 0x16bc ClickToRunSvc - ok
18:59:08.0996 0x16bc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:09.0016 0x16bc clr_optimization_v2.0.50727_32 - ok
18:59:09.0032 0x16bc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:09.0050 0x16bc clr_optimization_v2.0.50727_64 - ok
18:59:09.0150 0x16bc [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:09.0162 0x16bc clr_optimization_v4.0.30319_32 - ok
18:59:09.0173 0x16bc [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:09.0230 0x16bc clr_optimization_v4.0.30319_64 - ok
18:59:09.0262 0x16bc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:09.0281 0x16bc CmBatt - ok
18:59:09.0311 0x16bc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:59:09.0318 0x16bc cmdide - ok
18:59:09.0366 0x16bc [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
18:59:09.0387 0x16bc CNG - ok
18:59:09.0409 0x16bc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:59:09.0423 0x16bc Compbatt - ok
18:59:09.0442 0x16bc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:59:09.0464 0x16bc CompositeBus - ok
18:59:09.0471 0x16bc COMSysApp - ok
18:59:09.0488 0x16bc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:59:09.0496 0x16bc crcdisk - ok
18:59:09.0539 0x16bc [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:59:09.0607 0x16bc CryptSvc - ok
18:59:09.0690 0x16bc [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:59:09.0718 0x16bc cvhsvc - ok
18:59:09.0769 0x16bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:59:09.0827 0x16bc DcomLaunch - ok
18:59:09.0851 0x16bc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:59:09.0905 0x16bc defragsvc - ok
18:59:09.0961 0x16bc [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:59:09.0984 0x16bc DfsC - ok
18:59:10.0058 0x16bc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:59:10.0137 0x16bc Dhcp - ok
18:59:10.0265 0x16bc [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
18:59:10.0288 0x16bc DigitalWave.Update.Service - ok
18:59:10.0317 0x16bc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:59:10.0362 0x16bc discache - ok
18:59:10.0381 0x16bc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:59:10.0390 0x16bc Disk - ok
18:59:10.0423 0x16bc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:59:10.0469 0x16bc Dnscache - ok
18:59:10.0509 0x16bc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:59:10.0575 0x16bc dot3svc - ok
18:59:10.0632 0x16bc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:59:10.0667 0x16bc DPS - ok
18:59:10.0696 0x16bc [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:59:10.0716 0x16bc drmkaud - ok
18:59:10.0770 0x16bc [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:59:10.0811 0x16bc DXGKrnl - ok
18:59:10.0839 0x16bc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:59:10.0891 0x16bc EapHost - ok
18:59:11.0003 0x16bc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:59:11.0136 0x16bc ebdrv - ok
18:59:11.0180 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS C:\Windows\System32\lsass.exe
18:59:11.0199 0x16bc EFS - ok
18:59:11.0264 0x16bc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:59:11.0321 0x16bc ehRecvr - ok
18:59:11.0351 0x16bc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:59:11.0412 0x16bc ehSched - ok
18:59:11.0447 0x16bc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:59:11.0467 0x16bc elxstor - ok
18:59:11.0499 0x16bc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:59:11.0515 0x16bc ErrDev - ok
18:59:11.0554 0x16bc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:59:11.0599 0x16bc EventSystem - ok
18:59:11.0612 0x16bc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:59:11.0671 0x16bc exfat - ok
18:59:11.0691 0x16bc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:59:11.0734 0x16bc fastfat - ok
18:59:11.0790 0x16bc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:59:11.0849 0x16bc Fax - ok
18:59:11.0871 0x16bc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:59:11.0907 0x16bc fdc - ok
18:59:11.0946 0x16bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:59:11.0995 0x16bc fdPHost - ok
18:59:12.0032 0x16bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:59:12.0108 0x16bc FDResPub - ok
18:59:12.0131 0x16bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:59:12.0139 0x16bc FileInfo - ok
18:59:12.0148 0x16bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:59:12.0192 0x16bc Filetrace - ok
18:59:12.0213 0x16bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:12.0222 0x16bc flpydisk - ok
18:59:12.0265 0x16bc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:59:12.0280 0x16bc FltMgr - ok
18:59:12.0338 0x16bc [ A3B63B22B761804C7B916F5FBC5763C2, 4F62413BD70E135C142376ACBE9CD46F7F06303B49B6AE0B9FF58FC4DF7BD86A ] FontCache C:\Windows\system32\FntCache.dll
18:59:12.0380 0x16bc FontCache - ok
18:59:12.0438 0x16bc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:12.0458 0x16bc FontCache3.0.0.0 - ok
18:59:12.0483 0x16bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:59:12.0491 0x16bc FsDepends - ok
18:59:12.0532 0x16bc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:59:12.0540 0x16bc Fs_Rec - ok
18:59:12.0588 0x16bc [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:59:12.0602 0x16bc fvevol - ok
18:59:12.0619 0x16bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:59:12.0628 0x16bc gagp30kx - ok
18:59:12.0674 0x16bc [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
18:59:12.0721 0x16bc gpsvc - ok
18:59:12.0822 0x16bc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:12.0839 0x16bc gupdate - ok
18:59:12.0856 0x16bc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:12.0865 0x16bc gupdatem - ok
18:59:12.0916 0x16bc [ 537FDB12109E944A4425E92F3985CC14, 8197911307CF98CA2B22C5B85458918673BDB8F101B426DC50EAB8E84077B91A ] h647906 C:\Windows\system32\drivers\h647906.sys
18:59:12.0924 0x16bc h647906 - ok
18:59:12.0946 0x16bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:59:12.0959 0x16bc hcw85cir - ok
18:59:13.0014 0x16bc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:59:13.0045 0x16bc HdAudAddService - ok
18:59:13.0073 0x16bc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:59:13.0104 0x16bc HDAudBus - ok
18:59:13.0130 0x16bc hid7906 - ok
18:59:13.0140 0x16bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:59:13.0157 0x16bc HidBatt - ok
18:59:13.0170 0x16bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:59:13.0187 0x16bc HidBth - ok
18:59:13.0208 0x16bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:59:13.0244 0x16bc HidIr - ok
18:59:13.0265 0x16bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:59:13.0303 0x16bc hidserv - ok
18:59:13.0344 0x16bc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:59:13.0397 0x16bc HidUsb - ok
18:59:13.0438 0x16bc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:59:13.0495 0x16bc hkmsvc - ok
18:59:13.0534 0x16bc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:59:13.0578 0x16bc HomeGroupListener - ok
18:59:13.0610 0x16bc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:59:13.0632 0x16bc HomeGroupProvider - ok
18:59:13.0651 0x16bc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:59:13.0660 0x16bc HpSAMD - ok
18:59:13.0718 0x16bc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:59:13.0783 0x16bc HTTP - ok
18:59:13.0815 0x16bc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:59:13.0824 0x16bc hwpolicy - ok
18:59:13.0856 0x16bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:59:13.0867 0x16bc i8042prt - ok
18:59:13.0905 0x16bc [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:59:13.0923 0x16bc iaStorV - ok
18:59:14.0032 0x16bc [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:59:14.0051 0x16bc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:59:14.0550 0x16bc Detect skipped due to KSN trusted
18:59:14.0550 0x16bc IDriverT - ok
18:59:14.0629 0x16bc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:14.0669 0x16bc idsvc - ok
18:59:14.0688 0x16bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:59:14.0696 0x16bc iirsp - ok
18:59:14.0765 0x16bc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:59:14.0824 0x16bc IKEEXT - ok
18:59:14.0923 0x16bc [ F5872A11EB4F6DB170D636CD4E53CA9F, 6FCD488E56816AE4203D989CD22E3FB266F1DB6598EA52A526D6A35712610EDE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:59:14.0990 0x16bc IntcAzAudAddService - ok
18:59:15.0002 0x16bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:59:15.0032 0x16bc intelide - ok
18:59:15.0075 0x16bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:59:15.0105 0x16bc intelppm - ok
18:59:15.0137 0x16bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:59:15.0186 0x16bc IPBusEnum - ok
18:59:15.0253 0x16bc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:15.0306 0x16bc IpFilterDriver - ok
18:59:15.0340 0x16bc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:59:15.0357 0x16bc IPMIDRV - ok
18:59:15.0375 0x16bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:59:15.0424 0x16bc IPNAT - ok
18:59:15.0456 0x16bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:59:15.0497 0x16bc IRENUM - ok
18:59:15.0514 0x16bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:59:15.0521 0x16bc isapnp - ok
18:59:15.0538 0x16bc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:59:15.0552 0x16bc iScsiPrt - ok
18:59:15.0581 0x16bc [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:59:15.0588 0x16bc IviRegMgr - ok
18:59:15.0617 0x16bc [ 19496FE93696C929392F1595ED1F8BB3, 374503566D19D69CAB93BC60F6A9E1D9E177DD98FFEBD450AC1C01F8705818C6 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
18:59:15.0634 0x16bc JMCR - ok
18:59:15.0638 0x16bc [ 429AE448057A868C89813FCEEF702BAB, A271F045FA8CD76556767F02DDC89A21CD720748C76EDADC5FC79F4D4D19DD84 ] johci C:\Windows\system32\DRIVERS\johci.sys
18:59:15.0643 0x16bc johci - ok
18:59:15.0662 0x16bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:15.0672 0x16bc kbdclass - ok
18:59:15.0707 0x16bc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:59:15.0717 0x16bc kbdhid - ok
18:59:15.0721 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso C:\Windows\system32\lsass.exe
18:59:15.0740 0x16bc KeyIso - ok
18:59:15.0776 0x16bc [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:59:15.0785 0x16bc KSecDD - ok
18:59:15.0802 0x16bc [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:59:15.0813 0x16bc KSecPkg - ok
18:59:15.0823 0x16bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:59:15.0873 0x16bc ksthunk - ok
18:59:15.0898 0x16bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:59:15.0950 0x16bc KtmRm - ok
18:59:16.0001 0x16bc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:59:16.0053 0x16bc LanmanServer - ok
18:59:16.0099 0x16bc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:59:16.0150 0x16bc LanmanWorkstation - ok
18:59:16.0191 0x16bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:59:16.0230 0x16bc lltdio - ok
18:59:16.0253 0x16bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:59:16.0301 0x16bc lltdsvc - ok
18:59:16.0310 0x16bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:59:16.0389 0x16bc lmhosts - ok
18:59:16.0423 0x16bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:59:16.0433 0x16bc LSI_FC - ok
18:59:16.0445 0x16bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:59:16.0455 0x16bc LSI_SAS - ok
18:59:16.0467 0x16bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:59:16.0476 0x16bc LSI_SAS2 - ok
18:59:16.0482 0x16bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:59:16.0500 0x16bc LSI_SCSI - ok
18:59:16.0519 0x16bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:59:16.0580 0x16bc luafv - ok
18:59:16.0634 0x16bc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:59:16.0645 0x16bc Mcx2Svc - ok
18:59:16.0669 0x16bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:59:16.0686 0x16bc megasas - ok
18:59:16.0708 0x16bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:59:16.0722 0x16bc MegaSR - ok
18:59:16.0749 0x16bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:59:16.0804 0x16bc MMCSS - ok
18:59:16.0821 0x16bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:59:16.0861 0x16bc Modem - ok
18:59:16.0879 0x16bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:59:16.0911 0x16bc monitor - ok
18:59:16.0950 0x16bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:59:16.0958 0x16bc mouclass - ok
18:59:16.0997 0x16bc [ 21B7ACEA1BB49C3371DD5427BF309D6A, 39055A4D9BC293BD5DE5519FC6B95E7345089B32027E1799FA642606E6298856 ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
18:59:17.0036 0x16bc moufiltr - ok
18:59:17.0057 0x16bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:59:17.0066 0x16bc mouhid - ok
18:59:17.0105 0x16bc [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:59:17.0114 0x16bc mountmgr - ok
18:59:17.0191 0x16bc [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:59:17.0202 0x16bc MozillaMaintenance - ok
18:59:17.0239 0x16bc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:59:17.0250 0x16bc mpio - ok
18:59:17.0270 0x16bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:59:17.0308 0x16bc mpsdrv - ok
18:59:17.0325 0x16bc [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:59:17.0362 0x16bc MRxDAV - ok
18:59:17.0380 0x16bc [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:17.0411 0x16bc mrxsmb - ok
18:59:17.0436 0x16bc [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:17.0465 0x16bc mrxsmb10 - ok
18:59:17.0494 0x16bc [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:17.0515 0x16bc mrxsmb20 - ok
18:59:17.0556 0x16bc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:59:17.0572 0x16bc msahci - ok
18:59:17.0590 0x16bc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:59:17.0603 0x16bc msdsm - ok
18:59:17.0626 0x16bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:59:17.0652 0x16bc MSDTC - ok
18:59:17.0682 0x16bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:59:17.0722 0x16bc Msfs - ok
18:59:17.0733 0x16bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:59:17.0779 0x16bc mshidkmdf - ok
18:59:17.0786 0x16bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:59:17.0794 0x16bc msisadrv - ok
18:59:17.0812 0x16bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:59:17.0850 0x16bc MSiSCSI - ok
18:59:17.0854 0x16bc msiserver - ok
18:59:17.0869 0x16bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:59:17.0912 0x16bc MSKSSRV - ok
18:59:17.0926 0x16bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:17.0980 0x16bc MSPCLOCK - ok
18:59:17.0987 0x16bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:59:18.0016 0x16bc MSPQM - ok
18:59:18.0062 0x16bc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:59:18.0077 0x16bc MsRPC - ok
18:59:18.0087 0x16bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:59:18.0095 0x16bc mssmbios - ok
18:59:18.0108 0x16bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:59:18.0136 0x16bc MSTEE - ok
18:59:18.0156 0x16bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:59:18.0171 0x16bc MTConfig - ok
18:59:18.0181 0x16bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:59:18.0190 0x16bc Mup - ok
18:59:18.0213 0x16bc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:59:18.0275 0x16bc napagent - ok
18:59:18.0316 0x16bc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:59:18.0340 0x16bc NativeWifiP - ok
18:59:18.0398 0x16bc [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:59:18.0438 0x16bc NDIS - ok
18:59:18.0450 0x16bc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:18.0505 0x16bc NdisCap - ok
18:59:18.0527 0x16bc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:18.0558 0x16bc NdisTapi - ok
18:59:18.0591 0x16bc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:18.0623 0x16bc Ndisuio - ok
18:59:18.0657 0x16bc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:18.0692 0x16bc NdisWan - ok
18:59:18.0734 0x16bc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:59:18.0778 0x16bc NDProxy - ok
18:59:18.0795 0x16bc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:59:18.0841 0x16bc NetBIOS - ok
18:59:18.0876 0x16bc [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:59:18.0896 0x16bc NetBT - ok
18:59:18.0913 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon C:\Windows\system32\lsass.exe
18:59:18.0933 0x16bc Netlogon - ok
18:59:18.0964 0x16bc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:59:19.0011 0x16bc Netman - ok
18:59:19.0065 0x16bc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:19.0079 0x16bc NetMsmqActivator - ok
18:59:19.0085 0x16bc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:19.0097 0x16bc NetPipeActivator - ok
18:59:19.0121 0x16bc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:59:19.0182 0x16bc netprofm - ok
18:59:19.0189 0x16bc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:19.0213 0x16bc NetTcpActivator - ok
18:59:19.0219 0x16bc [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:19.0236 0x16bc NetTcpPortSharing - ok
18:59:19.0256 0x16bc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:59:19.0265 0x16bc nfrd960 - ok
18:59:19.0309 0x16bc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:59:19.0367 0x16bc NlaSvc - ok
18:59:19.0380 0x16bc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:59:19.0412 0x16bc Npfs - ok
18:59:19.0428 0x16bc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:59:19.0458 0x16bc nsi - ok
18:59:19.0468 0x16bc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:59:19.0525 0x16bc nsiproxy - ok
18:59:19.0592 0x16bc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:59:19.0641 0x16bc Ntfs - ok
18:59:19.0658 0x16bc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:59:19.0690 0x16bc Null - ok
18:59:19.0724 0x16bc [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:59:19.0736 0x16bc nvraid - ok
18:59:19.0747 0x16bc [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:59:19.0759 0x16bc nvstor - ok
18:59:19.0772 0x16bc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:59:19.0785 0x16bc nv_agp - ok
18:59:19.0814 0x16bc [ 5C0A30851FCE1B73BD92CD13C73F2C0A, EBEABCAD40A1FB66BCE7685169F78322C845C089B49770411F28A6AE677E71A5 ] NW1950 C:\Windows\system32\DRIVERS\NW1950.sys
18:59:19.0821 0x16bc NW1950 - ok
18:59:19.0833 0x16bc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:59:19.0851 0x16bc ohci1394 - ok
18:59:19.0904 0x16bc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:19.0915 0x16bc ose - ok
18:59:20.0108 0x16bc [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:59:20.0251 0x16bc osppsvc - ok
18:59:20.0279 0x16bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:59:20.0311 0x16bc p2pimsvc - ok
18:59:20.0335 0x16bc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:59:20.0355 0x16bc p2psvc - ok
18:59:20.0378 0x16bc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:59:20.0406 0x16bc Parport - ok
18:59:20.0440 0x16bc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:59:20.0472 0x16bc partmgr - ok
18:59:20.0515 0x16bc [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
18:59:20.0533 0x16bc PcaSvc - ok
18:59:20.0569 0x16bc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:59:20.0584 0x16bc pci - ok
18:59:20.0593 0x16bc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:59:20.0601 0x16bc pciide - ok
18:59:20.0618 0x16bc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:59:20.0638 0x16bc pcmcia - ok
18:59:20.0658 0x16bc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:59:20.0667 0x16bc pcw - ok
18:59:20.0688 0x16bc [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:59:20.0729 0x16bc PEAUTH - ok
18:59:20.0775 0x16bc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:59:20.0791 0x16bc PerfHost - ok
18:59:20.0866 0x16bc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:59:20.0946 0x16bc pla - ok
18:59:21.0005 0x16bc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:59:21.0031 0x16bc PlugPlay - ok
18:59:21.0044 0x16bc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:59:21.0069 0x16bc PNRPAutoReg - ok
18:59:21.0087 0x16bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:59:21.0101 0x16bc PNRPsvc - ok
18:59:21.0145 0x16bc [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:59:21.0181 0x16bc PolicyAgent - ok
18:59:21.0205 0x16bc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:59:21.0242 0x16bc Power - ok
18:59:21.0281 0x16bc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:59:21.0322 0x16bc PptpMiniport - ok
18:59:21.0344 0x16bc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:59:21.0367 0x16bc Processor - ok
18:59:21.0400 0x16bc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:59:21.0450 0x16bc ProfSvc - ok
18:59:21.0463 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:59:21.0482 0x16bc ProtectedStorage - ok
18:59:21.0538 0x16bc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:59:21.0567 0x16bc Psched - ok
18:59:21.0616 0x16bc [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:59:21.0625 0x16bc PSI_SVC_2 - ok
18:59:21.0670 0x16bc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:59:21.0717 0x16bc ql2300 - ok
18:59:21.0744 0x16bc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:59:21.0754 0x16bc ql40xx - ok
18:59:21.0781 0x16bc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:59:21.0810 0x16bc QWAVE - ok
18:59:21.0826 0x16bc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:59:21.0852 0x16bc QWAVEdrv - ok
18:59:21.0868 0x16bc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:59:21.0913 0x16bc RasAcd - ok
18:59:21.0946 0x16bc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:21.0996 0x16bc RasAgileVpn - ok
18:59:22.0024 0x16bc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:59:22.0082 0x16bc RasAuto - ok
18:59:22.0130 0x16bc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:22.0186 0x16bc Rasl2tp - ok
18:59:22.0237 0x16bc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ]
|
|
02.02.2017, 19:36
| #8 |
| | Wie werde ich "win32.downloader.gen" los? TDSS 2von3 Code:
ATTFilter RasMan C:\Windows\System32\rasmans.dll
18:59:22.0294 0x16bc RasMan - ok
18:59:22.0316 0x16bc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:22.0361 0x16bc RasPppoe - ok
18:59:22.0386 0x16bc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:59:22.0441 0x16bc RasSstp - ok
18:59:22.0484 0x16bc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:59:22.0535 0x16bc rdbss - ok
18:59:22.0549 0x16bc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:22.0560 0x16bc rdpbus - ok
18:59:22.0575 0x16bc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:22.0623 0x16bc RDPCDD - ok
18:59:22.0650 0x16bc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:59:22.0700 0x16bc RDPENCDD - ok
18:59:22.0706 0x16bc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:59:22.0740 0x16bc RDPREFMP - ok
18:59:22.0781 0x16bc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:59:22.0808 0x16bc RDPWD - ok
18:59:22.0844 0x16bc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:59:22.0864 0x16bc rdyboost - ok
18:59:22.0886 0x16bc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:59:22.0927 0x16bc RemoteAccess - ok
18:59:22.0946 0x16bc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:59:22.0989 0x16bc RemoteRegistry - ok
18:59:23.0013 0x16bc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:59:23.0048 0x16bc RFCOMM - ok
18:59:23.0063 0x16bc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:59:23.0108 0x16bc RpcEptMapper - ok
18:59:23.0127 0x16bc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:59:23.0136 0x16bc RpcLocator - ok
18:59:23.0185 0x16bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:59:23.0223 0x16bc RpcSs - ok
18:59:23.0236 0x16bc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:59:23.0295 0x16bc rspndr - ok
18:59:23.0330 0x16bc [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:23.0344 0x16bc RTL8167 - ok
18:59:23.0355 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs C:\Windows\system32\lsass.exe
18:59:23.0374 0x16bc SamSs - ok
18:59:23.0410 0x16bc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:59:23.0420 0x16bc sbp2port - ok
18:59:23.0445 0x16bc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:59:23.0477 0x16bc SCardSvr - ok
18:59:23.0514 0x16bc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:59:23.0548 0x16bc scfilter - ok
18:59:23.0609 0x16bc [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
18:59:23.0658 0x16bc Schedule - ok
18:59:23.0702 0x16bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:59:23.0733 0x16bc SCPolicySvc - ok
18:59:23.0784 0x16bc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
18:59:23.0808 0x16bc sdbus - ok
18:59:23.0823 0x16bc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:59:23.0864 0x16bc SDRSVC - ok
18:59:23.0904 0x16bc [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
18:59:23.0915 0x16bc SeaPort - ok
18:59:23.0939 0x16bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:59:23.0970 0x16bc secdrv - ok
18:59:24.0011 0x16bc [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
18:59:24.0061 0x16bc seclogon - ok
18:59:24.0076 0x16bc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:59:24.0109 0x16bc SENS - ok
18:59:24.0115 0x16bc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:59:24.0151 0x16bc SensrSvc - ok
18:59:24.0159 0x16bc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:59:24.0169 0x16bc Serenum - ok
18:59:24.0179 0x16bc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:59:24.0199 0x16bc Serial - ok
18:59:24.0207 0x16bc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:59:24.0242 0x16bc sermouse - ok
18:59:24.0283 0x16bc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:59:24.0319 0x16bc SessionEnv - ok
18:59:24.0352 0x16bc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:59:24.0372 0x16bc sffdisk - ok
18:59:24.0383 0x16bc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:59:24.0391 0x16bc sffp_mmc - ok
18:59:24.0394 0x16bc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:59:24.0428 0x16bc sffp_sd - ok
18:59:24.0472 0x16bc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:59:24.0481 0x16bc sfloppy - ok
18:59:24.0547 0x16bc [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:59:24.0572 0x16bc Sftfs - ok
18:59:24.0634 0x16bc [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:59:24.0655 0x16bc sftlist - ok
18:59:24.0690 0x16bc [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:59:24.0706 0x16bc Sftplay - ok
18:59:24.0719 0x16bc [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:59:24.0739 0x16bc Sftredir - ok
18:59:24.0777 0x16bc [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:59:24.0785 0x16bc Sftvol - ok
18:59:24.0807 0x16bc [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:59:24.0818 0x16bc sftvsa - ok
18:59:24.0840 0x16bc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:59:24.0897 0x16bc SharedAccess - ok
18:59:24.0937 0x16bc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:59:24.0973 0x16bc ShellHWDetection - ok
18:59:24.0990 0x16bc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:59:24.0998 0x16bc SiSRaid2 - ok
18:59:25.0013 0x16bc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:59:25.0023 0x16bc SiSRaid4 - ok
18:59:25.0051 0x16bc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:59:25.0088 0x16bc Smb - ok
18:59:25.0109 0x16bc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:59:25.0134 0x16bc SNMPTRAP - ok
18:59:25.0151 0x16bc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:59:25.0161 0x16bc spldr - ok
18:59:25.0186 0x16bc [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
18:59:25.0244 0x16bc Spooler - ok
18:59:25.0356 0x16bc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:59:25.0494 0x16bc sppsvc - ok
18:59:25.0517 0x16bc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:59:25.0566 0x16bc sppuinotify - ok
18:59:25.0608 0x16bc [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:59:25.0650 0x16bc srv - ok
18:59:25.0671 0x16bc [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:59:25.0697 0x16bc srv2 - ok
18:59:25.0711 0x16bc [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:59:25.0750 0x16bc srvnet - ok
18:59:25.0783 0x16bc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:59:25.0826 0x16bc SSDPSRV - ok
18:59:25.0844 0x16bc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:59:25.0874 0x16bc SstpSvc - ok
18:59:25.0890 0x16bc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:59:25.0898 0x16bc stexstor - ok
18:59:25.0941 0x16bc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:59:25.0973 0x16bc stisvc - ok
18:59:26.0008 0x16bc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:59:26.0016 0x16bc swenum - ok
18:59:26.0036 0x16bc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:59:26.0105 0x16bc swprv - ok
18:59:26.0179 0x16bc [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:59:26.0242 0x16bc SysMain - ok
18:59:26.0286 0x16bc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:59:26.0309 0x16bc TabletInputService - ok
18:59:26.0326 0x16bc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:59:26.0361 0x16bc TapiSrv - ok
18:59:26.0378 0x16bc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:59:26.0409 0x16bc TBS - ok
18:59:26.0494 0x16bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:59:26.0551 0x16bc Tcpip - ok
18:59:26.0596 0x16bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:59:26.0639 0x16bc TCPIP6 - ok
18:59:26.0676 0x16bc [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:59:26.0720 0x16bc tcpipreg - ok
18:59:26.0758 0x16bc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:59:26.0802 0x16bc TDPIPE - ok
18:59:26.0833 0x16bc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:59:26.0847 0x16bc TDTCP - ok
18:59:26.0889 0x16bc [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:59:26.0899 0x16bc tdx - ok
18:59:26.0910 0x16bc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:59:26.0919 0x16bc TermDD - ok
18:59:26.0976 0x16bc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:59:27.0028 0x16bc TermService - ok
18:59:27.0045 0x16bc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:59:27.0058 0x16bc Themes - ok
18:59:27.0074 0x16bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:59:27.0103 0x16bc THREADORDER - ok
18:59:27.0111 0x16bc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:59:27.0155 0x16bc TrkWks - ok
18:59:27.0238 0x16bc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:59:27.0294 0x16bc TrustedInstaller - ok
18:59:27.0331 0x16bc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:27.0339 0x16bc tssecsrv - ok
18:59:27.0379 0x16bc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:59:27.0396 0x16bc TsUsbFlt - ok
18:59:27.0455 0x16bc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:59:27.0485 0x16bc tunnel - ok
18:59:27.0505 0x16bc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:59:27.0514 0x16bc uagp35 - ok
18:59:27.0533 0x16bc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:59:27.0586 0x16bc udfs - ok
18:59:27.0616 0x16bc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:59:27.0627 0x16bc UI0Detect - ok
18:59:27.0640 0x16bc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:59:27.0649 0x16bc uliagpkx - ok
18:59:27.0678 0x16bc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
18:59:27.0698 0x16bc umbus - ok
18:59:27.0705 0x16bc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:59:27.0723 0x16bc UmPass - ok
18:59:27.0740 0x16bc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:59:27.0796 0x16bc upnphost - ok
18:59:27.0849 0x16bc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:59:27.0871 0x16bc usbaudio - ok
18:59:27.0912 0x16bc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:27.0960 0x16bc usbccgp - ok
18:59:27.0978 0x16bc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:59:28.0030 0x16bc usbcir - ok
18:59:28.0059 0x16bc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:59:28.0080 0x16bc usbehci - ok
18:59:28.0113 0x16bc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:59:28.0127 0x16bc usbhub - ok
18:59:28.0160 0x16bc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:59:28.0172 0x16bc usbohci - ok
18:59:28.0190 0x16bc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:59:28.0202 0x16bc usbprint - ok
18:59:28.0241 0x16bc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:59:28.0267 0x16bc usbscan - ok
18:59:28.0301 0x16bc [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:28.0345 0x16bc USBSTOR - ok
18:59:28.0383 0x16bc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:59:28.0404 0x16bc usbuhci - ok
18:59:28.0458 0x16bc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:59:28.0476 0x16bc usbvideo - ok
18:59:28.0498 0x16bc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:59:28.0539 0x16bc UxSms - ok
18:59:28.0546 0x16bc [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc C:\Windows\system32\lsass.exe
18:59:28.0565 0x16bc VaultSvc - ok
18:59:28.0600 0x16bc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:59:28.0608 0x16bc vdrvroot - ok
18:59:28.0653 0x16bc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:59:28.0693 0x16bc vds - ok
18:59:28.0720 0x16bc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:28.0742 0x16bc vga - ok
18:59:28.0764 0x16bc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:59:28.0802 0x16bc VgaSave - ok
18:59:28.0843 0x16bc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:59:28.0856 0x16bc vhdmp - ok
18:59:28.0905 0x16bc [ C2C95D62C90CA809240112B41C1765F2, FAFBA11CE7D273D28D1C27D01BEB4E62AB4ADA7517183F46E505D335E1117CA0 ] vhidmini C:\Windows\system32\DRIVERS\walvhid.sys
18:59:28.0928 0x16bc vhidmini - ok
18:59:28.0937 0x16bc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:59:28.0945 0x16bc viaide - ok
18:59:28.0976 0x16bc [ 9FE401877C4C6A8DB129B55BE9F2BA01, 6DA12180D6E3C8ED7676E9298C5AFDF7CFAA5A41AE6B5188134D0A010E56912D ] VMC412 C:\Windows\system32\Drivers\VMC412.sys
18:59:28.0995 0x16bc VMC412 - ok
18:59:29.0009 0x16bc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:59:29.0018 0x16bc volmgr - ok
18:59:29.0056 0x16bc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:59:29.0072 0x16bc volmgrx - ok
18:59:29.0092 0x16bc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:59:29.0106 0x16bc volsnap - ok
18:59:29.0133 0x16bc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:59:29.0146 0x16bc vsmraid - ok
18:59:29.0218 0x16bc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:59:29.0296 0x16bc VSS - ok
18:59:29.0314 0x16bc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:29.0325 0x16bc vwifibus - ok
18:59:29.0342 0x16bc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:29.0370 0x16bc vwififlt - ok
18:59:29.0407 0x16bc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:59:29.0435 0x16bc vwifimp - ok
18:59:29.0467 0x16bc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:59:29.0504 0x16bc W32Time - ok
18:59:29.0522 0x16bc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:59:29.0541 0x16bc WacomPen - ok
18:59:29.0600 0x16bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:59:29.0637 0x16bc WANARP - ok
18:59:29.0650 0x16bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:59:29.0678 0x16bc Wanarpv6 - ok
18:59:29.0737 0x16bc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:29.0784 0x16bc WatAdminSvc - ok
18:59:29.0856 0x16bc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:59:29.0914 0x16bc wbengine - ok
18:59:29.0933 0x16bc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:59:29.0950 0x16bc WbioSrvc - ok
18:59:29.0987 0x16bc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:59:30.0021 0x16bc wcncsvc - ok
18:59:30.0041 0x16bc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:59:30.0085 0x16bc WcsPlugInService - ok
18:59:30.0101 0x16bc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:59:30.0109 0x16bc Wd - ok
18:59:30.0155 0x16bc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:59:30.0182 0x16bc Wdf01000 - ok
18:59:30.0193 0x16bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:59:30.0250 0x16bc WdiServiceHost - ok
18:59:30.0254 0x16bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:59:30.0272 0x16bc WdiSystemHost - ok
18:59:30.0313 0x16bc [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
18:59:30.0336 0x16bc WebClient - ok
18:59:30.0359 0x16bc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:59:30.0393 0x16bc Wecsvc - ok
18:59:30.0402 0x16bc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:59:30.0436 0x16bc wercplsupport - ok
18:59:30.0450 0x16bc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:59:30.0495 0x16bc WerSvc - ok
18:59:30.0519 0x16bc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:30.0547 0x16bc WfpLwf - ok
18:59:30.0563 0x16bc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:59:30.0571 0x16bc WIMMount - ok
18:59:30.0579 0x16bc WinHttpAutoProxySvc - ok
18:59:30.0607 0x16bc [ 66C365B542195C1F6E2FF4A7D8F3827C, FB43A64453283D1B236AFF73F010B8F6106B971047313B9B4EBE925C4DD325A2 ] WinI2C-DDC C:\Windows\system32\drivers\DDCDrv.sys
18:59:30.0615 0x16bc WinI2C-DDC - ok
18:59:30.0642 0x16bc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:59:30.0688 0x16bc Winmgmt - ok
18:59:30.0773 0x16bc [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
18:59:30.0844 0x16bc WinRM - ok
18:59:30.0911 0x16bc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:30.0922 0x16bc WinUsb - ok
18:59:30.0957 0x16bc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:59:30.0999 0x16bc Wlansvc - ok
18:59:31.0032 0x16bc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:59:31.0040 0x16bc WmiAcpi - ok
18:59:31.0062 0x16bc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:59:31.0099 0x16bc wmiApSrv - ok
18:59:31.0125 0x16bc WMPNetworkSvc - ok
18:59:31.0136 0x16bc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:59:31.0158 0x16bc WPCSvc - ok
18:59:31.0195 0x16bc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:59:31.0207 0x16bc WPDBusEnum - ok
18:59:31.0226 0x16bc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:59:31.0259 0x16bc ws2ifsl - ok
18:59:31.0262 0x16bc WSearch - ok
18:59:31.0289 0x16bc [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
18:59:31.0297 0x16bc wsvd - ok
18:59:31.0307 0x16bc WTService - ok
18:59:31.0407 0x16bc [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
18:59:31.0500 0x16bc wuauserv - ok
18:59:31.0519 0x16bc [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:59:31.0554 0x16bc WudfPf - ok
18:59:31.0597 0x16bc [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:31.0628 0x16bc WUDFRd - ok
18:59:31.0666 0x16bc [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:59:31.0697 0x16bc wudfsvc - ok
18:59:31.0718 0x16bc [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:59:31.0749 0x16bc WwanSvc - ok
18:59:31.0769 0x16bc ZAPrivacyService - ok
18:59:31.0784 0x16bc ================ Scan global ===============================
18:59:31.0816 0x16bc [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:59:31.0854 0x16bc [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
18:59:31.0866 0x16bc [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
18:59:31.0882 0x16bc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:59:31.0921 0x16bc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:59:31.0928 0x16bc [ Global ] - ok
18:59:31.0928 0x16bc ================ Scan MBR ==================================
18:59:31.0935 0x16bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:59:32.0212 0x16bc \Device\Harddisk0\DR0 - ok
18:59:32.0215 0x16bc ================ Scan VBR ==================================
18:59:32.0217 0x16bc [ E5D56CAB1763453FB51668D207C6C9F9 ] \Device\Harddisk0\DR0\Partition1
18:59:32.0218 0x16bc \Device\Harddisk0\DR0\Partition1 - ok
18:59:32.0222 0x16bc [ 11447B1F7E61050B5A24E90FADE9F6E3 ] \Device\Harddisk0\DR0\Partition2
18:59:32.0223 0x16bc \Device\Harddisk0\DR0\Partition2 - ok
18:59:32.0225 0x16bc ================ Scan generic autorun ======================
18:59:32.0549 0x16bc [ 7EADC0C9225D6F802AB975475D71320C, 6F4C27F9832CECA921980D42AA1E0EC0021F2A7CD014A272FC2CE52A5AD111C2 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:59:32.0785 0x16bc RtHDVCpl - ok
18:59:32.0850 0x16bc [ 4EC4260D778FB923BA1AB697AFF6C0E3, 72372369153F675C26F938C5106BFD8704FC518348BC95961214B76DECB68689 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:59:32.0856 0x16bc StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
18:59:33.0340 0x16bc Detect skipped due to KSN trusted
18:59:33.0340 0x16bc StartCCC - ok
18:59:33.0368 0x16bc [ 5FFFF157D8139E2E6C34FEEA0BAF23D7, 5E57021DB60FD35985E73F327737E1E4D6F18FCD2055A5470DA820ADDCA20F3F ] C:\Program Files (x86)\jmesoft\hotkey.exe
18:59:33.0389 0x16bc jmekey - detected UnsignedFile.Multi.Generic ( 1 )
18:59:33.0801 0x16bc Detect skipped due to KSN trusted
18:59:33.0801 0x16bc jmekey - ok
18:59:33.0838 0x16bc [ 06565F9F4BFBBCED5769E5E871E03E69, ED2298CD56D37836B8CFC7743DD6BEACA1A6D51D2674846B0E7C7E7181276BC4 ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
18:59:33.0860 0x16bc YouCam Mirror Tray icon - detected UnsignedFile.Multi.Generic ( 1 )
18:59:34.0304 0x16bc Detect skipped due to KSN trusted
18:59:34.0304 0x16bc YouCam Mirror Tray icon - ok
18:59:34.0346 0x16bc [ D438F05740E6C8B26F3C4B21731003EC, 9807FED300B0AB9A65C1C0FF1EC70E92526465A4F098CE38F5F39BEE87961EF0 ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
18:59:34.0354 0x16bc Lenovo Eye Distance System - detected UnsignedFile.Multi.Generic ( 1 )
18:59:34.0795 0x16bc Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - warning
18:59:35.0028 0x16bc [ 7DAF13DF116BC84FA1034E728326C2D6, 8513875A7E367D68D38210126CD72423BDCC4B7C6C9DA21038D35FB35B0DE002 ] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
18:59:35.0042 0x16bc Lenovo Dynamic Brightness System - detected UnsignedFile.Multi.Generic ( 1 )
18:59:36.0881 0x16bc Detect skipped due to KSN trusted
18:59:36.0881 0x16bc Lenovo Dynamic Brightness System - ok
18:59:36.0923 0x16bc [ 0B427D9943C838620AFA30CBB24A6D77, 5A98B1405126F79846C810E739E964B11A4397F3DE597991308DB3C6AABB8F81 ] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
18:59:36.0930 0x16bc CLMLServer - ok
18:59:36.0948 0x16bc [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:59:36.0963 0x16bc UpdateP2GoShortCut - ok
18:59:36.0999 0x16bc [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe
18:59:37.0010 0x16bc UpdatePRCShortCut - ok
18:59:37.0030 0x16bc [ 150F7974EB0B03D4C35107BFC584DEA6, D3C538E14E61453C14885863DDE56B26412445F11E0B0ADA3BBC96021EFAA355 ] C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
18:59:37.0034 0x16bc TMCMonitor - detected UnsignedFile.Multi.Generic ( 1 )
18:59:37.0577 0x16bc Detect skipped due to KSN trusted
18:59:37.0577 0x16bc TMCMonitor - ok
18:59:37.0667 0x16bc [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:59:37.0675 0x16bc APSDaemon - ok
18:59:37.0734 0x16bc [ D4AD55A8145F94E63F60C3B8C3B2AB6E, AC3E4EE8EF27EFE790F7363CB80239D090CC4D3E73F838A612AB1B7D48EC8038 ] C:\Windows\USB Vibration\7906\USB Gamepad.exe
18:59:37.0756 0x16bc USB Gamepad - ok
18:59:37.0888 0x16bc [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
18:59:37.0912 0x16bc Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
18:59:39.0765 0x16bc Detect skipped due to KSN trusted
18:59:39.0765 0x16bc Adobe Version Cue CS2 - ok
18:59:39.0851 0x16bc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:59:39.0912 0x16bc Sidebar - ok
18:59:39.0933 0x16bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:59:39.0967 0x16bc mctadmin - ok
18:59:39.0992 0x16bc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:59:40.0025 0x16bc Sidebar - ok
18:59:40.0031 0x16bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:59:40.0044 0x16bc mctadmin - ok
18:59:40.0162 0x16bc [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
18:59:40.0387 0x16bc AmazonMP3DownloaderHelper - ok
18:59:40.0388 0x16bc Waiting for KSN requests completion. In queue: 10
18:59:41.0543 0x16bc AV detected via SS2: AntiVir Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( ), 0x41000 ( enabled : updated )
18:59:41.0559 0x16bc Win FW state via NFP2: disabled ( not trusted )
18:59:44.0716 0x16bc ============================================================
18:59:44.0716 0x16bc Scan finished
18:59:44.0716 0x16bc ============================================================
18:59:44.0724 0x0bd4 Detected object count: 1
18:59:44.0724 0x0bd4 Actual detected object count: 1
19:00:32.0687 0x0bd4 Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - skipped by user
19:00:32.0687 0x0bd4 Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:00:49.0258 0x0b20 ============================================================
19:00:49.0258 0x0b20 Scan started
19:00:49.0258 0x0b20 Mode: Manual; SigCheck; TDLFS;
19:00:49.0258 0x0b20 ============================================================
19:00:49.0258 0x0b20 KSN ping started
19:00:49.0541 0x0b20 KSN ping finished: true
19:00:49.0972 0x0b20 ================ Scan system memory ========================
19:00:49.0972 0x0b20 System memory - ok
19:00:49.0972 0x0b20 ================ Scan services =============================
19:00:50.0096 0x0b20 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:00:50.0115 0x0b20 1394ohci - ok
19:00:50.0134 0x0b20 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:00:50.0147 0x0b20 ACPI - ok
19:00:50.0162 0x0b20 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:00:50.0173 0x0b20 AcpiPmi - ok
19:00:50.0211 0x0b20 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
19:00:50.0221 0x0b20 acsock - ok
19:00:50.0286 0x0b20 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:00:50.0289 0x0b20 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:00:50.0289 0x0b20 Detect skipped due to KSN trusted
19:00:50.0289 0x0b20 Adobe LM Service - ok
19:00:50.0412 0x0b20 [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe
19:00:50.0417 0x0b20 Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
19:00:50.0417 0x0b20 Detect skipped due to KSN trusted
19:00:50.0417 0x0b20 Adobe Version Cue CS2 - ok
19:00:50.0465 0x0b20 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:00:50.0471 0x0b20 AdobeARMservice - ok
19:00:50.0565 0x0b20 [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:00:50.0578 0x0b20 AdobeFlashPlayerUpdateSvc - ok
19:00:50.0620 0x0b20 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:00:50.0636 0x0b20 adp94xx - ok
19:00:50.0652 0x0b20 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:00:50.0665 0x0b20 adpahci - ok
19:00:50.0677 0x0b20 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:00:50.0687 0x0b20 adpu320 - ok
19:00:50.0712 0x0b20 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:00:50.0741 0x0b20 AeLookupSvc - ok
19:00:50.0788 0x0b20 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:00:50.0807 0x0b20 AFD - ok
19:00:50.0812 0x0b20 AFS - ok
19:00:50.0847 0x0b20 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:00:50.0855 0x0b20 agp440 - ok
19:00:50.0874 0x0b20 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:00:50.0885 0x0b20 ALG - ok
19:00:50.0897 0x0b20 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:00:50.0905 0x0b20 aliide - ok
19:00:50.0924 0x0b20 [ B4143CB1DD16AE73C6177C72F33450A6, D675AEF56FF030314AB3B4F13A81D72272E67AE10E415058928182A3B8370FE1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:00:50.0939 0x0b20 AMD External Events Utility - ok
19:00:50.0955 0x0b20 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:00:50.0963 0x0b20 amdide - ok
19:00:50.0983 0x0b20 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:00:50.0994 0x0b20 AmdK8 - ok
19:00:51.0150 0x0b20 [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:00:51.0298 0x0b20 amdkmdag - ok
19:00:51.0319 0x0b20 [ 6BA71D6616B56816E57394D77DD1BB6F, 5250378D4CA31578D8E92DD4402E2AA34C2299EA2D9471AC5A9A7CEA46A54CB3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:00:51.0332 0x0b20 amdkmdap - ok
19:00:51.0347 0x0b20 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:00:51.0356 0x0b20 AmdPPM - ok
19:00:51.0387 0x0b20 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:00:51.0397 0x0b20 amdsata - ok
19:00:51.0427 0x0b20 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:00:51.0438 0x0b20 amdsbs - ok
19:00:51.0449 0x0b20 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:00:51.0457 0x0b20 amdxata - ok
19:00:51.0490 0x0b20 [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID C:\Windows\system32\drivers\appid.sys
19:00:51.0499 0x0b20 AppID - ok
19:00:51.0520 0x0b20 [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:00:51.0529 0x0b20 AppIDSvc - ok
19:00:51.0564 0x0b20 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
19:00:51.0573 0x0b20 Appinfo - ok
19:00:51.0590 0x0b20 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:00:51.0599 0x0b20 arc - ok
19:00:51.0611 0x0b20 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:00:51.0620 0x0b20 arcsas - ok
19:00:51.0720 0x0b20 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:00:51.0731 0x0b20 aspnet_state - ok
19:00:51.0747 0x0b20 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:51.0776 0x0b20 AsyncMac - ok
19:00:51.0817 0x0b20 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:00:51.0825 0x0b20 atapi - ok
19:00:51.0873 0x0b20 [ F8633CDD09647A64EE8DB550630427FF, 565F32E6B1E8451B2DD866E4997336A47B8DC6669392BDAAF252C35C0383E8A3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:00:51.0910 0x0b20 athr - ok
19:00:51.0959 0x0b20 [ BCD131E1FF612F0F82FD8DEC39F97C9F, 90519368467CF4BFAFAA7C8DBD439DBABE0673713D39EEE37045170C2BEAB46D ] ATIAVPCI C:\Windows\system32\DRIVERS\atinavrr.sys
19:00:51.0996 0x0b20 ATIAVPCI - ok
19:00:52.0049 0x0b20 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:00:52.0072 0x0b20 AudioEndpointBuilder - ok
19:00:52.0088 0x0b20 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:00:52.0109 0x0b20 AudioSrv - ok
19:00:52.0143 0x0b20 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:00:52.0177 0x0b20 AxInstSV - ok
19:00:52.0220 0x0b20 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:00:52.0253 0x0b20 b06bdrv - ok
19:00:52.0271 0x0b20 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:00:52.0285 0x0b20 b57nd60a - ok
19:00:52.0308 0x0b20 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:00:52.0319 0x0b20 BDESVC - ok
19:00:52.0364 0x0b20 [ CB7CE2E47139B620D2B87078165F1AD0, 2859F85C463FD34D659EAFDDFE4DE472D04D3D2D639BE4876E19F5DC775D0BA1 ] becldr3Service C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe
19:00:52.0371 0x0b20 becldr3Service - detected UnsignedFile.Multi.Generic ( 1 )
19:00:52.0371 0x0b20 Detect skipped due to KSN trusted
19:00:52.0371 0x0b20 becldr3Service - ok
19:00:52.0391 0x0b20 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:00:52.0422 0x0b20 Beep - ok
19:00:52.0483 0x0b20 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:00:52.0557 0x0b20 BITS - ok
19:00:52.0565 0x0b20 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:00:52.0576 0x0b20 blbdrive - ok
19:00:52.0594 0x0b20 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:00:52.0621 0x0b20 bowser - ok
19:00:52.0635 0x0b20 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:00:52.0645 0x0b20 BrFiltLo - ok
19:00:52.0658 0x0b20 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:00:52.0668 0x0b20 BrFiltUp - ok
19:00:52.0711 0x0b20 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:00:52.0723 0x0b20 Browser - ok
19:00:52.0748 0x0b20 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:00:52.0763 0x0b20 Brserid - ok
19:00:52.0773 0x0b20 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:00:52.0785 0x0b20 BrSerWdm - ok
19:00:52.0799 0x0b20 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:00:52.0812 0x0b20 BrUsbMdm - ok
19:00:52.0817 0x0b20 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:00:52.0826 0x0b20 BrUsbSer - ok
19:00:52.0852 0x0b20 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:00:52.0869 0x0b20 BthEnum - ok
19:00:52.0880 0x0b20 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:00:52.0895 0x0b20 BTHMODEM - ok
19:00:52.0904 0x0b20 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:00:52.0917 0x0b20 BthPan - ok
19:00:52.0942 0x0b20 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:00:52.0970 0x0b20 BTHPORT - ok
19:00:52.0993 0x0b20 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:00:53.0023 0x0b20 bthserv - ok
19:00:53.0033 0x0b20 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:00:53.0043 0x0b20 BTHUSB - ok
19:00:53.0050 0x0b20 [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
19:00:53.0057 0x0b20 btusbflt - ok
19:00:53.0074 0x0b20 [ A72A9101F9730DB7332714E566614E4D, 7C75772EA40EAEDDE2565E5FF901B17EA9B748563B8CE40062D86D4B0F1DBF0C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:00:53.0082 0x0b20 btwaudio - ok
19:00:53.0095 0x0b20 [ 5CEEC634B617525F2B6AD29F871033F7, 0A48E08FB3C3384860783F72C85022F6AD11D8F7023580D007478AA94F6F41C5 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:00:53.0103 0x0b20 btwavdt - ok
19:00:53.0156 0x0b20 [ A5CCE445E343E370589D054AF569B6E1, 54118E06EF7F26408C30017BA852995304DD50563867221F4EF3B7AD2AD5ABD2 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
19:00:53.0182 0x0b20 btwdins - ok
19:00:53.0195 0x0b20 [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:00:53.0200 0x0b20 btwl2cap - ok
19:00:53.0210 0x0b20 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3, 758524012FE284EDFC27DF095A2DD5853A0F084999F14DA66784103176E938E4 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:00:53.0216 0x0b20 btwrchid - ok
19:00:53.0234 0x0b20 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:00:53.0265 0x0b20 cdfs - ok
19:00:53.0302 0x0b20 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:00:53.0313 0x0b20 cdrom - ok
19:00:53.0351 0x0b20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:00:53.0386 0x0b20 CertPropSvc - ok
19:00:53.0427 0x0b20 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
19:00:53.0431 0x0b20 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
19:00:53.0431 0x0b20 Detect skipped due to KSN trusted
19:00:53.0431 0x0b20 chip1click - ok
19:00:53.0446 0x0b20 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:00:53.0458 0x0b20 circlass - ok
19:00:53.0500 0x0b20 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
19:00:53.0519 0x0b20 CLFS - ok
19:00:54.0082 0x0b20 [ 45AF5F89D707C3F64AC59B627AE34A30, 3E0D50463133FD7D57419258C88D80FF47F2729636D7836EE2567F94B0BA0358 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
19:00:54.0426 0x0b20 ClickToRunSvc - ok
19:00:54.0495 0x0b20 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:00:54.0505 0x0b20 clr_optimization_v2.0.50727_32 - ok
19:00:54.0523 0x0b20 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:00:54.0532 0x0b20 clr_optimization_v2.0.50727_64 - ok
19:00:54.0609 0x0b20 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:00:54.0620 0x0b20 clr_optimization_v4.0.30319_32 - ok
19:00:54.0631 0x0b20 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:00:54.0643 0x0b20 clr_optimization_v4.0.30319_64 - ok
19:00:54.0654 0x0b20 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:00:54.0662 0x0b20 CmBatt - ok
19:00:54.0694 0x0b20 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:00:54.0701 0x0b20 cmdide - ok
19:00:54.0745 0x0b20 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
19:00:54.0766 0x0b20 CNG - ok
19:00:54.0784 0x0b20 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:00:54.0793 0x0b20 Compbatt - ok
19:00:54.0808 0x0b20 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:00:54.0824 0x0b20 CompositeBus - ok
19:00:54.0827 0x0b20 COMSysApp - ok
19:00:54.0832 0x0b20 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:00:54.0840 0x0b20 crcdisk - ok
19:00:54.0879 0x0b20 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:00:54.0891 0x0b20 CryptSvc - ok
19:00:54.0955 0x0b20 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:00:54.0982 0x0b20 cvhsvc - ok
19:00:55.0034 0x0b20 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:00:55.0077 0x0b20 DcomLaunch - ok
19:00:55.0100 0x0b20 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:00:55.0135 0x0b20 defragsvc - ok
19:00:55.0144 0x0b20 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:00:55.0154 0x0b20 DfsC - ok
19:00:55.0174 0x0b20 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:00:55.0209 0x0b20 Dhcp - ok
19:00:55.0280 0x0b20 [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:00:55.0301 0x0b20 DigitalWave.Update.Service - ok
19:00:55.0317 0x0b20 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:00:55.0346 0x0b20 discache - ok
19:00:55.0351 0x0b20 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:00:55.0361 0x0b20 Disk - ok
19:00:55.0382 0x0b20 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:00:55.0393 0x0b20 Dnscache - ok
19:00:55.0444 0x0b20 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:00:55.0478 0x0b20 dot3svc - ok
19:00:55.0515 0x0b20 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:00:55.0546 0x0b20 DPS - ok
19:00:55.0579 0x0b20 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:00:55.0587 0x0b20 drmkaud - ok
19:00:55.0644 0x0b20 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:00:55.0674 0x0b20 DXGKrnl - ok
19:00:55.0689 0x0b20 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:00:55.0723 0x0b20 EapHost - ok
19:00:55.0816 0x0b20 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:00:55.0901 0x0b20 ebdrv - ok
19:00:55.0946 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS C:\Windows\System32\lsass.exe
19:00:55.0955 0x0b20 EFS - ok
19:00:56.0005 0x0b20 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:00:56.0029 0x0b20 ehRecvr - ok
19:00:56.0050 0x0b20 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:00:56.0064 0x0b20 ehSched - ok
19:00:56.0086 0x0b20 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:00:56.0105 0x0b20 elxstor - ok
19:00:56.0140 0x0b20 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:00:56.0150 0x0b20 ErrDev - ok
19:00:56.0179 0x0b20 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:00:56.0217 0x0b20 EventSystem - ok
19:00:56.0228 0x0b20 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:00:56.0263 0x0b20 exfat - ok
19:00:56.0276 0x0b20 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:00:56.0310 0x0b20 fastfat - ok
19:00:56.0357 0x0b20 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:00:56.0381 0x0b20 Fax - ok
19:00:56.0404 0x0b20 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:00:56.0414 0x0b20 fdc - ok
19:00:56.0429 0x0b20 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:00:56.0458 0x0b20 fdPHost - ok
19:00:56.0466 0x0b20 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:00:56.0497 0x0b20 FDResPub - ok
19:00:56.0505 0x0b20 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:00:56.0516 0x0b20 FileInfo - ok
19:00:56.0523 0x0b20 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:00:56.0553 0x0b20 Filetrace - ok
19:00:56.0563 0x0b20 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:00:56.0571 0x0b20 flpydisk - ok
19:00:56.0615 0x0b20 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:00:56.0629 0x0b20 FltMgr - ok
19:00:56.0688 0x0b20 [ A3B63B22B761804C7B916F5FBC5763C2, 4F62413BD70E135C142376ACBE9CD46F7F06303B49B6AE0B9FF58FC4DF7BD86A ] FontCache C:\Windows\system32\FntCache.dll
19:00:56.0725 0x0b20 FontCache - ok
19:00:56.0779 0x0b20 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:00:56.0808 0x0b20 FontCache3.0.0.0 - ok
19:00:56.0841 0x0b20 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:00:56.0849 0x0b20 FsDepends - ok
19:00:56.0890 0x0b20 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:00:56.0898 0x0b20 Fs_Rec - ok
19:00:56.0938 0x0b20 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:00:56.0952 0x0b20 fvevol - ok
19:00:56.0969 0x0b20 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:00:56.0980 0x0b20 gagp30kx - ok
19:00:57.0031 0x0b20 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
19:00:57.0069 0x0b20 gpsvc - ok
19:00:57.0147 0x0b20 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:00:57.0155 0x0b20 gupdate - ok
19:00:57.0160 0x0b20 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:00:57.0168 0x0b20 gupdatem - ok
19:00:57.0199 0x0b20 [ 537FDB12109E944A4425E92F3985CC14, 8197911307CF98CA2B22C5B85458918673BDB8F101B426DC50EAB8E84077B91A ] h647906 C:\Windows\system32\drivers\h647906.sys
19:00:57.0207 0x0b20 h647906 - ok
19:00:57.0229 0x0b20 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:00:57.0237 0x0b20 hcw85cir - ok
19:00:57.0279 0x0b20 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:00:57.0297 0x0b20 HdAudAddService - ok
19:00:57.0315 0x0b20 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:00:57.0329 0x0b20 HDAudBus - ok
19:00:57.0333 0x0b20 hid7906 - ok
19:00:57.0348 0x0b20 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:00:57.0357 0x0b20 HidBatt - ok
19:00:57.0370 0x0b20 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:00:57.0384 0x0b20 HidBth - ok
19:00:57.0400 0x0b20 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:00:57.0412 0x0b20 HidIr - ok
19:00:57.0431 0x0b20 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:00:57.0462 0x0b20 hidserv - ok
19:00:57.0494 0x0b20 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:00:57.0513 0x0b20 HidUsb - ok
19:00:57.0555 0x0b20 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:00:57.0584 0x0b20 hkmsvc - ok
19:00:57.0625 0x0b20 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:00:57.0645 0x0b20 HomeGroupListener - ok
19:00:57.0685 0x0b20 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:00:57.0698 0x0b20 HomeGroupProvider - ok
19:00:57.0709 0x0b20 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:00:57.0719 0x0b20 HpSAMD - ok
19:00:57.0784 0x0b20 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:00:57.0818 0x0b20 HTTP - ok
19:00:57.0857 0x0b20 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:00:57.0864 0x0b20 hwpolicy - ok
19:00:57.0898 0x0b20 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:00:57.0908 0x0b20 i8042prt - ok
19:00:57.0930 0x0b20 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:00:57.0947 0x0b20 iaStorV - ok
19:00:58.0007 0x0b20 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:00:58.0011 0x0b20 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:00:58.0011 0x0b20 Detect skipped due to KSN trusted
19:00:58.0011 0x0b20 IDriverT - ok
19:00:58.0078 0x0b20 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:00:58.0105 0x0b20 idsvc - ok
19:00:58.0129 0x0b20 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:00:58.0138 0x0b20 iirsp - ok
19:00:58.0190 0x0b20 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:00:58.0217 0x0b20 IKEEXT - ok
19:00:58.0281 0x0b20 [ F5872A11EB4F6DB170D636CD4E53CA9F, 6FCD488E56816AE4203D989CD22E3FB266F1DB6598EA52A526D6A35712610EDE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:00:58.0346 0x0b20 IntcAzAudAddService - ok
19:00:58.0360 0x0b20 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:00:58.0368 0x0b20 intelide - ok
19:00:58.0383 0x0b20 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:00:58.0394 0x0b20 intelppm - ok
19:00:58.0412 0x0b20 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:00:58.0452 0x0b20 IPBusEnum - ok
19:00:58.0494 0x0b20 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:00:58.0523 0x0b20 IpFilterDriver - ok
19:00:58.0556 0x0b20 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:00:58.0566 0x0b20 IPMIDRV - ok
19:00:58.0584 0x0b20 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:00:58.0615 0x0b20 IPNAT - ok
19:00:58.0630 0x0b20 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:00:58.0648 0x0b20 IRENUM - ok
19:00:58.0655 0x0b20 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:00:58.0663 0x0b20 isapnp - ok
19:00:58.0680 0x0b20 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:00:58.0693 0x0b20 iScsiPrt - ok
19:00:58.0714 0x0b20 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:00:58.0722 0x0b20 IviRegMgr - ok
19:00:58.0733 0x0b20 [ 19496FE93696C929392F1595ED1F8BB3, 374503566D19D69CAB93BC60F6A9E1D9E177DD98FFEBD450AC1C01F8705818C6 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
19:00:58.0744 0x0b20 JMCR - ok
19:00:58.0747 0x0b20 [ 429AE448057A868C89813FCEEF702BAB, A271F045FA8CD76556767F02DDC89A21CD720748C76EDADC5FC79F4D4D19DD84 ] johci C:\Windows\system32\DRIVERS\johci.sys
19:00:58.0753 0x0b20 johci - ok
19:00:58.0762 0x0b20 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:00:58.0771 0x0b20 kbdclass - ok
19:00:58.0807 0x0b20 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:00:58.0816 0x0b20 kbdhid - ok
19:00:58.0819 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso C:\Windows\system32\lsass.exe
19:00:58.0827 0x0b20 KeyIso - ok
19:00:58.0858 0x0b20 [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:00:58.0867 0x0b20 KSecDD - ok
19:00:58.0885 0x0b20 [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:00:58.0898 0x0b20 KSecPkg - ok
19:00:58.0915 0x0b20 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:00:58.0945 0x0b20 ksthunk - ok
19:00:58.0971 0x0b20 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:00:59.0010 0x0b20 KtmRm - ok
19:00:59.0049 0x0b20 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:00:59.0082 0x0b20 LanmanServer - ok
19:00:59.0124 0x0b20 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:00:59.0154 0x0b20 LanmanWorkstation - ok
19:00:59.0166 0x0b20 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:00:59.0197 0x0b20 lltdio - ok
19:00:59.0219 0x0b20 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:00:59.0254 0x0b20 lltdsvc - ok
19:00:59.0268 0x0b20 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:00:59.0296 0x0b20 lmhosts - ok
19:00:59.0323 0x0b20 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:00:59.0333 0x0b20 LSI_FC - ok
19:00:59.0344 0x0b20 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:00:59.0354 0x0b20 LSI_SAS - ok
19:00:59.0367 0x0b20 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:00:59.0376 0x0b20 LSI_SAS2 - ok
19:00:59.0381 0x0b20 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:00:59.0403 0x0b20 LSI_SCSI - ok
19:00:59.0419 0x0b20 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:00:59.0454 0x0b20 luafv - ok
19:00:59.0492 0x0b20 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:00:59.0505 0x0b20 Mcx2Svc - ok
19:00:59.0519 0x0b20 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:00:59.0528 0x0b20 megasas - ok
19:00:59.0549 0x0b20 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:00:59.0563 0x0b20 MegaSR - ok
19:00:59.0590 0x0b20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:00:59.0621 0x0b20 MMCSS - ok
19:00:59.0637 0x0b20 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:00:59.0666 0x0b20 Modem - ok
19:00:59.0670 0x0b20 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:00:59.0682 0x0b20 monitor - ok
19:00:59.0716 0x0b20 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:00:59.0725 0x0b20 mouclass - ok
19:00:59.0763 0x0b20 [ 21B7ACEA1BB49C3371DD5427BF309D6A, 39055A4D9BC293BD5DE5519FC6B95E7345089B32027E1799FA642606E6298856 ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
19:00:59.0777 0x0b20 moufiltr - ok
19:00:59.0790 0x0b20 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:00:59.0799 0x0b20 mouhid - ok
19:00:59.0838 0x0b20 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:00:59.0847 0x0b20 mountmgr - ok
19:00:59.0899 0x0b20 [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:00:59.0910 0x0b20 MozillaMaintenance - ok
19:00:59.0929 0x0b20 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:00:59.0940 0x0b20 mpio - ok
19:00:59.0962 0x0b20 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:00:59.0992 0x0b20 mpsdrv - ok
|
|
02.02.2017, 19:38
| #9 |
| | Wie werde ich "win32.downloader.gen" los? TDSS 3von3: Code:
ATTFilter 19:01:00.0009 0x0b20 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:01:00.0022 0x0b20 MRxDAV - ok
19:01:00.0046 0x0b20 [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:00.0059 0x0b20 mrxsmb - ok
19:01:00.0078 0x0b20 [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:00.0094 0x0b20 mrxsmb10 - ok
19:01:00.0128 0x0b20 [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:00.0138 0x0b20 mrxsmb20 - ok
19:01:00.0173 0x0b20 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:01:00.0181 0x0b20 msahci - ok
19:01:00.0198 0x0b20 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:01:00.0208 0x0b20 msdsm - ok
19:01:00.0235 0x0b20 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:01:00.0249 0x0b20 MSDTC - ok
19:01:00.0274 0x0b20 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:01:00.0302 0x0b20 Msfs - ok
19:01:00.0308 0x0b20 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:01:00.0336 0x0b20 mshidkmdf - ok
19:01:00.0344 0x0b20 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:01:00.0352 0x0b20 msisadrv - ok
19:01:00.0370 0x0b20 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:01:00.0402 0x0b20 MSiSCSI - ok
19:01:00.0405 0x0b20 msiserver - ok
19:01:00.0419 0x0b20 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:01:00.0447 0x0b20 MSKSSRV - ok
19:01:00.0459 0x0b20 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:00.0488 0x0b20 MSPCLOCK - ok
19:01:00.0491 0x0b20 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:01:00.0522 0x0b20 MSPQM - ok
19:01:00.0570 0x0b20 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:01:00.0585 0x0b20 MsRPC - ok
19:01:00.0620 0x0b20 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:01:00.0628 0x0b20 mssmbios - ok
19:01:00.0641 0x0b20 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:01:00.0669 0x0b20 MSTEE - ok
19:01:00.0681 0x0b20 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:01:00.0690 0x0b20 MTConfig - ok
19:01:00.0705 0x0b20 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:01:00.0714 0x0b20 Mup - ok
19:01:00.0729 0x0b20 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:01:00.0769 0x0b20 napagent - ok
19:01:00.0782 0x0b20 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:01:00.0802 0x0b20 NativeWifiP - ok
19:01:00.0856 0x0b20 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:01:00.0885 0x0b20 NDIS - ok
19:01:00.0908 0x0b20 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:00.0943 0x0b20 NdisCap - ok
19:01:00.0961 0x0b20 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:00.0993 0x0b20 NdisTapi - ok
19:01:01.0024 0x0b20 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:01.0052 0x0b20 Ndisuio - ok
19:01:01.0090 0x0b20 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:01.0121 0x0b20 NdisWan - ok
19:01:01.0159 0x0b20 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:01:01.0192 0x0b20 NDProxy - ok
19:01:01.0203 0x0b20 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:01:01.0234 0x0b20 NetBIOS - ok
19:01:01.0276 0x0b20 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:01:01.0291 0x0b20 NetBT - ok
19:01:01.0304 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon C:\Windows\system32\lsass.exe
19:01:01.0314 0x0b20 Netlogon - ok
19:01:01.0339 0x0b20 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:01:01.0378 0x0b20 Netman - ok
19:01:01.0415 0x0b20 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:01.0427 0x0b20 NetMsmqActivator - ok
19:01:01.0432 0x0b20 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:01.0444 0x0b20 NetPipeActivator - ok
19:01:01.0463 0x0b20 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:01:01.0502 0x0b20 netprofm - ok
19:01:01.0508 0x0b20 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:01.0519 0x0b20 NetTcpActivator - ok
19:01:01.0525 0x0b20 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:01.0536 0x0b20 NetTcpPortSharing - ok
19:01:01.0548 0x0b20 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:01:01.0556 0x0b20 nfrd960 - ok
19:01:01.0598 0x0b20 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:01:01.0625 0x0b20 NlaSvc - ok
19:01:01.0638 0x0b20 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:01:01.0675 0x0b20 Npfs - ok
19:01:01.0687 0x0b20 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:01:01.0715 0x0b20 nsi - ok
19:01:01.0727 0x0b20 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:01:01.0756 0x0b20 nsiproxy - ok
19:01:01.0823 0x0b20 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:01:01.0868 0x0b20 Ntfs - ok
19:01:01.0891 0x0b20 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:01:01.0919 0x0b20 Null - ok
19:01:01.0957 0x0b20 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:01:01.0968 0x0b20 nvraid - ok
19:01:01.0980 0x0b20 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:01:01.0991 0x0b20 nvstor - ok
19:01:02.0005 0x0b20 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:01:02.0015 0x0b20 nv_agp - ok
19:01:02.0039 0x0b20 [ 5C0A30851FCE1B73BD92CD13C73F2C0A, EBEABCAD40A1FB66BCE7685169F78322C845C089B49770411F28A6AE677E71A5 ] NW1950 C:\Windows\system32\DRIVERS\NW1950.sys
19:01:02.0046 0x0b20 NW1950 - ok
19:01:02.0058 0x0b20 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:01:02.0078 0x0b20 ohci1394 - ok
19:01:02.0129 0x0b20 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:02.0140 0x0b20 ose - ok
19:01:02.0307 0x0b20 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:01:02.0436 0x0b20 osppsvc - ok
19:01:02.0462 0x0b20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:01:02.0485 0x0b20 p2pimsvc - ok
19:01:02.0507 0x0b20 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:01:02.0525 0x0b20 p2psvc - ok
19:01:02.0545 0x0b20 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:01:02.0555 0x0b20 Parport - ok
19:01:02.0590 0x0b20 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:01:02.0599 0x0b20 partmgr - ok
19:01:02.0640 0x0b20 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
19:01:02.0658 0x0b20 PcaSvc - ok
19:01:02.0703 0x0b20 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:01:02.0715 0x0b20 pci - ok
19:01:02.0726 0x0b20 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:01:02.0734 0x0b20 pciide - ok
19:01:02.0752 0x0b20 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:01:02.0764 0x0b20 pcmcia - ok
19:01:02.0783 0x0b20 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:01:02.0792 0x0b20 pcw - ok
19:01:02.0838 0x0b20 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:01:02.0862 0x0b20 PEAUTH - ok
19:01:02.0905 0x0b20 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:01:02.0914 0x0b20 PerfHost - ok
19:01:02.0991 0x0b20 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:01:03.0058 0x0b20 pla - ok
19:01:03.0105 0x0b20 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:01:03.0123 0x0b20 PlugPlay - ok
19:01:03.0135 0x0b20 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:01:03.0144 0x0b20 PNRPAutoReg - ok
19:01:03.0162 0x0b20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:01:03.0176 0x0b20 PNRPsvc - ok
19:01:03.0213 0x0b20 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:01:03.0248 0x0b20 PolicyAgent - ok
19:01:03.0270 0x0b20 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:01:03.0303 0x0b20 Power - ok
19:01:03.0339 0x0b20 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:01:03.0368 0x0b20 PptpMiniport - ok
19:01:03.0385 0x0b20 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:01:03.0395 0x0b20 Processor - ok
19:01:03.0434 0x0b20 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:01:03.0450 0x0b20 ProfSvc - ok
19:01:03.0462 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:01:03.0472 0x0b20 ProtectedStorage - ok
19:01:03.0513 0x0b20 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:01:03.0547 0x0b20 Psched - ok
19:01:03.0582 0x0b20 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:01:03.0591 0x0b20 PSI_SVC_2 - ok
19:01:03.0637 0x0b20 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:01:03.0679 0x0b20 ql2300 - ok
19:01:03.0702 0x0b20 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:01:03.0712 0x0b20 ql40xx - ok
19:01:03.0739 0x0b20 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:01:03.0756 0x0b20 QWAVE - ok
19:01:03.0767 0x0b20 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:01:03.0784 0x0b20 QWAVEdrv - ok
19:01:03.0801 0x0b20 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:01:03.0836 0x0b20 RasAcd - ok
19:01:03.0854 0x0b20 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:01:03.0886 0x0b20 RasAgileVpn - ok
19:01:03.0899 0x0b20 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:01:03.0930 0x0b20 RasAuto - ok
19:01:03.0971 0x0b20 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:04.0001 0x0b20 Rasl2tp - ok
19:01:04.0020 0x0b20 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:01:04.0059 0x0b20 RasMan - ok
19:01:04.0073 0x0b20 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:04.0108 0x0b20 RasPppoe - ok
19:01:04.0119 0x0b20 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:01:04.0153 0x0b20 RasSstp - ok
19:01:04.0200 0x0b20 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:01:04.0245 0x0b20 rdbss - ok
19:01:04.0265 0x0b20 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:01:04.0278 0x0b20 rdpbus - ok
19:01:04.0292 0x0b20 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:04.0320 0x0b20 RDPCDD - ok
19:01:04.0325 0x0b20 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:01:04.0354 0x0b20 RDPENCDD - ok
19:01:04.0359 0x0b20 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:01:04.0387 0x0b20 RDPREFMP - ok
19:01:04.0430 0x0b20 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:01:04.0455 0x0b20 RDPWD - ok
19:01:04.0493 0x0b20 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:01:04.0504 0x0b20 rdyboost - ok
19:01:04.0518 0x0b20 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:01:04.0551 0x0b20 RemoteAccess - ok
19:01:04.0569 0x0b20 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:01:04.0604 0x0b20 RemoteRegistry - ok
19:01:04.0620 0x0b20 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:01:04.0634 0x0b20 RFCOMM - ok
19:01:04.0645 0x0b20 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:01:04.0675 0x0b20 RpcEptMapper - ok
19:01:04.0684 0x0b20 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:01:04.0694 0x0b20 RpcLocator - ok
19:01:04.0742 0x0b20 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:01:04.0787 0x0b20 RpcSs - ok
19:01:04.0794 0x0b20 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:01:04.0824 0x0b20 rspndr - ok
19:01:04.0852 0x0b20 [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:01:04.0866 0x0b20 RTL8167 - ok
19:01:04.0879 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs C:\Windows\system32\lsass.exe
19:01:04.0887 0x0b20 SamSs - ok
19:01:04.0926 0x0b20 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:01:04.0935 0x0b20 sbp2port - ok
19:01:04.0960 0x0b20 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:01:04.0993 0x0b20 SCardSvr - ok
19:01:05.0029 0x0b20 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:01:05.0057 0x0b20 scfilter - ok
19:01:05.0114 0x0b20 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:01:05.0155 0x0b20 Schedule - ok
19:01:05.0201 0x0b20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:01:05.0232 0x0b20 SCPolicySvc - ok
19:01:05.0266 0x0b20 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:01:05.0279 0x0b20 sdbus - ok
19:01:05.0297 0x0b20 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:01:05.0309 0x0b20 SDRSVC - ok
19:01:05.0336 0x0b20 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:01:05.0347 0x0b20 SeaPort - ok
19:01:05.0363 0x0b20 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:01:05.0377 0x0b20 secdrv - ok
19:01:05.0410 0x0b20 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
19:01:05.0427 0x0b20 seclogon - ok
19:01:05.0442 0x0b20 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:01:05.0472 0x0b20 SENS - ok
19:01:05.0481 0x0b20 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:01:05.0490 0x0b20 SensrSvc - ok
19:01:05.0500 0x0b20 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:01:05.0509 0x0b20 Serenum - ok
19:01:05.0519 0x0b20 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:01:05.0530 0x0b20 Serial - ok
19:01:05.0540 0x0b20 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:01:05.0550 0x0b20 sermouse - ok
19:01:05.0598 0x0b20 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:01:05.0636 0x0b20 SessionEnv - ok
19:01:05.0668 0x0b20 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:01:05.0678 0x0b20 sffdisk - ok
19:01:05.0690 0x0b20 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:01:05.0699 0x0b20 sffp_mmc - ok
19:01:05.0702 0x0b20 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:01:05.0718 0x0b20 sffp_sd - ok
19:01:05.0746 0x0b20 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:01:05.0757 0x0b20 sfloppy - ok
19:01:05.0814 0x0b20 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:01:05.0839 0x0b20 Sftfs - ok
19:01:05.0899 0x0b20 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:01:05.0918 0x0b20 sftlist - ok
19:01:05.0955 0x0b20 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:01:05.0969 0x0b20 Sftplay - ok
19:01:05.0976 0x0b20 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:01:05.0984 0x0b20 Sftredir - ok
19:01:06.0018 0x0b20 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:01:06.0025 0x0b20 Sftvol - ok
19:01:06.0039 0x0b20 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:01:06.0050 0x0b20 sftvsa - ok
19:01:06.0081 0x0b20 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:01:06.0117 0x0b20 SharedAccess - ok
19:01:06.0161 0x0b20 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:01:06.0197 0x0b20 ShellHWDetection - ok
19:01:06.0214 0x0b20 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:01:06.0222 0x0b20 SiSRaid2 - ok
19:01:06.0237 0x0b20 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:01:06.0247 0x0b20 SiSRaid4 - ok
19:01:06.0259 0x0b20 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:01:06.0289 0x0b20 Smb - ok
19:01:06.0309 0x0b20 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:01:06.0330 0x0b20 SNMPTRAP - ok
19:01:06.0342 0x0b20 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:01:06.0350 0x0b20 spldr - ok
19:01:06.0368 0x0b20 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
19:01:06.0410 0x0b20 Spooler - ok
19:01:06.0529 0x0b20 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:01:06.0641 0x0b20 sppsvc - ok
19:01:06.0658 0x0b20 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:01:06.0688 0x0b20 sppuinotify - ok
19:01:06.0732 0x0b20 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:01:06.0756 0x0b20 srv - ok
19:01:06.0781 0x0b20 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:01:06.0797 0x0b20 srv2 - ok
19:01:06.0810 0x0b20 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:01:06.0822 0x0b20 srvnet - ok
19:01:06.0842 0x0b20 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:01:06.0876 0x0b20 SSDPSRV - ok
19:01:06.0893 0x0b20 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:01:06.0923 0x0b20 SstpSvc - ok
19:01:06.0939 0x0b20 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:01:06.0947 0x0b20 stexstor - ok
19:01:06.0990 0x0b20 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:01:07.0021 0x0b20 stisvc - ok
19:01:07.0057 0x0b20 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:01:07.0065 0x0b20 swenum - ok
19:01:07.0084 0x0b20 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:01:07.0124 0x0b20 swprv - ok
19:01:07.0203 0x0b20 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:01:07.0258 0x0b20 SysMain - ok
19:01:07.0302 0x0b20 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:01:07.0319 0x0b20 TabletInputService - ok
19:01:07.0334 0x0b20 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:01:07.0370 0x0b20 TapiSrv - ok
19:01:07.0386 0x0b20 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:01:07.0421 0x0b20 TBS - ok
19:01:07.0501 0x0b20 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:01:07.0552 0x0b20 Tcpip - ok
19:01:07.0594 0x0b20 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:01:07.0637 0x0b20 TCPIP6 - ok
19:01:07.0676 0x0b20 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:01:07.0705 0x0b20 tcpipreg - ok
19:01:07.0725 0x0b20 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:01:07.0744 0x0b20 TDPIPE - ok
19:01:07.0774 0x0b20 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:01:07.0783 0x0b20 TDTCP - ok
19:01:07.0822 0x0b20 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:01:07.0834 0x0b20 tdx - ok
19:01:07.0844 0x0b20 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:01:07.0852 0x0b20 TermDD - ok
19:01:07.0909 0x0b20 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:01:07.0933 0x0b20 TermService - ok
19:01:07.0954 0x0b20 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:01:07.0970 0x0b20 Themes - ok
19:01:07.0991 0x0b20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:01:08.0020 0x0b20 THREADORDER - ok
19:01:08.0053 0x0b20 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:01:08.0089 0x0b20 TrkWks - ok
19:01:08.0138 0x0b20 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:01:08.0170 0x0b20 TrustedInstaller - ok
19:01:08.0206 0x0b20 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:08.0215 0x0b20 tssecsrv - ok
19:01:08.0254 0x0b20 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:01:08.0269 0x0b20 TsUsbFlt - ok
19:01:08.0314 0x0b20 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:01:08.0344 0x0b20 tunnel - ok
19:01:08.0364 0x0b20 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:01:08.0372 0x0b20 uagp35 - ok
19:01:08.0391 0x0b20 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:01:08.0429 0x0b20 udfs - ok
19:01:08.0458 0x0b20 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:01:08.0468 0x0b20 UI0Detect - ok
19:01:08.0482 0x0b20 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:01:08.0491 0x0b20 uliagpkx - ok
19:01:08.0520 0x0b20 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
19:01:08.0529 0x0b20 umbus - ok
19:01:08.0539 0x0b20 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:01:08.0547 0x0b20 UmPass - ok
19:01:08.0565 0x0b20 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:01:08.0604 0x0b20 upnphost - ok
19:01:08.0641 0x0b20 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:01:08.0663 0x0b20 usbaudio - ok
19:01:08.0704 0x0b20 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:08.0726 0x0b20 usbccgp - ok
19:01:08.0745 0x0b20 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:01:08.0763 0x0b20 usbcir - ok
19:01:08.0793 0x0b20 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:01:08.0801 0x0b20 usbehci - ok
19:01:08.0846 0x0b20 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:01:08.0861 0x0b20 usbhub - ok
19:01:08.0893 0x0b20 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:01:08.0901 0x0b20 usbohci - ok
19:01:08.0915 0x0b20 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:01:08.0927 0x0b20 usbprint - ok
19:01:08.0965 0x0b20 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:01:08.0984 0x0b20 usbscan - ok
19:01:09.0018 0x0b20 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:09.0037 0x0b20 USBSTOR - ok
19:01:09.0075 0x0b20 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:01:09.0083 0x0b20 usbuhci - ok
19:01:09.0125 0x0b20 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:01:09.0136 0x0b20 usbvideo - ok
19:01:09.0156 0x0b20 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:01:09.0192 0x0b20 UxSms - ok
19:01:09.0205 0x0b20 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc C:\Windows\system32\lsass.exe
19:01:09.0215 0x0b20 VaultSvc - ok
19:01:09.0250 0x0b20 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:01:09.0258 0x0b20 vdrvroot - ok
19:01:09.0304 0x0b20 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:01:09.0345 0x0b20 vds - ok
19:01:09.0362 0x0b20 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:09.0373 0x0b20 vga - ok
19:01:09.0389 0x0b20 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:01:09.0419 0x0b20 VgaSave - ok
19:01:09.0435 0x0b20 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:01:09.0447 0x0b20 vhdmp - ok
19:01:09.0480 0x0b20 [ C2C95D62C90CA809240112B41C1765F2, FAFBA11CE7D273D28D1C27D01BEB4E62AB4ADA7517183F46E505D335E1117CA0 ] vhidmini C:\Windows\system32\DRIVERS\walvhid.sys
19:01:09.0494 0x0b20 vhidmini - ok
19:01:09.0529 0x0b20 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:01:09.0536 0x0b20 viaide - ok
19:01:09.0559 0x0b20 [ 9FE401877C4C6A8DB129B55BE9F2BA01, 6DA12180D6E3C8ED7676E9298C5AFDF7CFAA5A41AE6B5188134D0A010E56912D ] VMC412 C:\Windows\system32\Drivers\VMC412.sys
19:01:09.0571 0x0b20 VMC412 - ok
19:01:09.0584 0x0b20 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:01:09.0593 0x0b20 volmgr - ok
19:01:09.0631 0x0b20 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:01:09.0647 0x0b20 volmgrx - ok
19:01:09.0660 0x0b20 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:01:09.0675 0x0b20 volsnap - ok
19:01:09.0700 0x0b20 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:01:09.0710 0x0b20 vsmraid - ok
19:01:09.0785 0x0b20 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:01:09.0857 0x0b20 VSS - ok
19:01:09.0873 0x0b20 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:01:09.0884 0x0b20 vwifibus - ok
19:01:09.0892 0x0b20 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:01:09.0910 0x0b20 vwififlt - ok
19:01:09.0914 0x0b20 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:01:09.0930 0x0b20 vwifimp - ok
19:01:09.0951 0x0b20 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:01:09.0989 0x0b20 W32Time - ok
19:01:10.0014 0x0b20 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:01:10.0023 0x0b20 WacomPen - ok
19:01:10.0067 0x0b20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:01:10.0096 0x0b20 WANARP - ok
19:01:10.0100 0x0b20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:01:10.0129 0x0b20 Wanarpv6 - ok
19:01:10.0188 0x0b20 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:01:10.0226 0x0b20 WatAdminSvc - ok
19:01:10.0298 0x0b20 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:01:10.0340 0x0b20 wbengine - ok
19:01:10.0358 0x0b20 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:01:10.0376 0x0b20 WbioSrvc - ok
19:01:10.0421 0x0b20 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:01:10.0442 0x0b20 wcncsvc - ok
19:01:10.0450 0x0b20 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:01:10.0459 0x0b20 WcsPlugInService - ok
19:01:10.0476 0x0b20 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:01:10.0488 0x0b20 Wd - ok
19:01:10.0538 0x0b20 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:01:10.0565 0x0b20 Wdf01000 - ok
19:01:10.0576 0x0b20 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:01:10.0592 0x0b20 WdiServiceHost - ok
19:01:10.0595 0x0b20 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:01:10.0610 0x0b20 WdiSystemHost - ok
19:01:10.0647 0x0b20 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
19:01:10.0663 0x0b20 WebClient - ok
19:01:10.0684 0x0b20 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:01:10.0721 0x0b20 Wecsvc - ok
19:01:10.0735 0x0b20 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:01:10.0768 0x0b20 wercplsupport - ok
19:01:10.0776 0x0b20 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:01:10.0808 0x0b20 WerSvc - ok
19:01:10.0828 0x0b20 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:01:10.0859 0x0b20 WfpLwf - ok
19:01:10.0872 0x0b20 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:01:10.0880 0x0b20 WIMMount - ok
19:01:10.0888 0x0b20 WinHttpAutoProxySvc - ok
19:01:10.0898 0x0b20 [ 66C365B542195C1F6E2FF4A7D8F3827C, FB43A64453283D1B236AFF73F010B8F6106B971047313B9B4EBE925C4DD325A2 ] WinI2C-DDC C:\Windows\system32\drivers\DDCDrv.sys
19:01:10.0906 0x0b20 WinI2C-DDC - ok
19:01:10.0935 0x0b20 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:01:10.0973 0x0b20 Winmgmt - ok
19:01:11.0056 0x0b20 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
19:01:11.0115 0x0b20 WinRM - ok
19:01:11.0161 0x0b20 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:01:11.0177 0x0b20 WinUsb - ok
19:01:11.0216 0x0b20 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:01:11.0252 0x0b20 Wlansvc - ok
19:01:11.0290 0x0b20 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:01:11.0299 0x0b20 WmiAcpi - ok
19:01:11.0329 0x0b20 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:01:11.0346 0x0b20 wmiApSrv - ok
19:01:11.0359 0x0b20 WMPNetworkSvc - ok
19:01:11.0370 0x0b20 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:01:11.0379 0x0b20 WPCSvc - ok
19:01:11.0420 0x0b20 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:01:11.0432 0x0b20 WPDBusEnum - ok
19:01:11.0451 0x0b20 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:01:11.0480 0x0b20 ws2ifsl - ok
19:01:11.0483 0x0b20 WSearch - ok
19:01:11.0506 0x0b20 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
19:01:11.0514 0x0b20 wsvd - ok
19:01:11.0518 0x0b20 WTService - ok
19:01:11.0614 0x0b20 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
19:01:11.0693 0x0b20 wuauserv - ok
19:01:11.0711 0x0b20 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:01:11.0752 0x0b20 WudfPf - ok
19:01:11.0789 0x0b20 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:01:11.0821 0x0b20 WUDFRd - ok
19:01:11.0858 0x0b20 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:01:11.0888 0x0b20 wudfsvc - ok
19:01:11.0912 0x0b20 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:01:11.0930 0x0b20 WwanSvc - ok
19:01:11.0935 0x0b20 ZAPrivacyService - ok
19:01:11.0958 0x0b20 ================ Scan global ===============================
19:01:11.0991 0x0b20 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:01:12.0029 0x0b20 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
19:01:12.0039 0x0b20 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
19:01:12.0057 0x0b20 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:01:12.0096 0x0b20 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:01:12.0102 0x0b20 [ Global ] - ok
19:01:12.0103 0x0b20 ================ Scan MBR ==================================
19:01:12.0110 0x0b20 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:01:13.0112 0x0b20 \Device\Harddisk0\DR0 - ok
19:01:13.0115 0x0b20 ================ Scan VBR ==================================
19:01:13.0117 0x0b20 [ E5D56CAB1763453FB51668D207C6C9F9 ] \Device\Harddisk0\DR0\Partition1
19:01:13.0118 0x0b20 \Device\Harddisk0\DR0\Partition1 - ok
19:01:13.0153 0x0b20 [ 11447B1F7E61050B5A24E90FADE9F6E3 ] \Device\Harddisk0\DR0\Partition2
19:01:13.0154 0x0b20 \Device\Harddisk0\DR0\Partition2 - ok
19:01:13.0157 0x0b20 ================ Scan generic autorun ======================
19:01:13.0467 0x0b20 [ 7EADC0C9225D6F802AB975475D71320C, 6F4C27F9832CECA921980D42AA1E0EC0021F2A7CD014A272FC2CE52A5AD111C2 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:01:13.0724 0x0b20 RtHDVCpl - ok
19:01:13.0767 0x0b20 [ 4EC4260D778FB923BA1AB697AFF6C0E3, 72372369153F675C26F938C5106BFD8704FC518348BC95961214B76DECB68689 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:01:13.0772 0x0b20 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:01:13.0772 0x0b20 Detect skipped due to KSN trusted
19:01:13.0773 0x0b20 StartCCC - ok
19:01:13.0802 0x0b20 [ 5FFFF157D8139E2E6C34FEEA0BAF23D7, 5E57021DB60FD35985E73F327737E1E4D6F18FCD2055A5470DA820ADDCA20F3F ] C:\Program Files (x86)\jmesoft\hotkey.exe
19:01:13.0809 0x0b20 jmekey - detected UnsignedFile.Multi.Generic ( 1 )
19:01:13.0809 0x0b20 Detect skipped due to KSN trusted
19:01:13.0809 0x0b20 jmekey - ok
19:01:13.0838 0x0b20 [ 06565F9F4BFBBCED5769E5E871E03E69, ED2298CD56D37836B8CFC7743DD6BEACA1A6D51D2674846B0E7C7E7181276BC4 ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
19:01:13.0846 0x0b20 YouCam Mirror Tray icon - detected UnsignedFile.Multi.Generic ( 1 )
19:01:13.0847 0x0b20 Detect skipped due to KSN trusted
19:01:13.0847 0x0b20 YouCam Mirror Tray icon - ok
19:01:13.0887 0x0b20 [ D438F05740E6C8B26F3C4B21731003EC, 9807FED300B0AB9A65C1C0FF1EC70E92526465A4F098CE38F5F39BEE87961EF0 ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
19:01:13.0896 0x0b20 Lenovo Eye Distance System - detected UnsignedFile.Multi.Generic ( 1 )
19:01:13.0897 0x0b20 Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - warning
19:01:14.0078 0x0b20 [ 7DAF13DF116BC84FA1034E728326C2D6, 8513875A7E367D68D38210126CD72423BDCC4B7C6C9DA21038D35FB35B0DE002 ] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
19:01:14.0087 0x0b20 Lenovo Dynamic Brightness System - detected UnsignedFile.Multi.Generic ( 1 )
19:01:14.0087 0x0b20 Detect skipped due to KSN trusted
19:01:14.0087 0x0b20 Lenovo Dynamic Brightness System - ok
19:01:14.0115 0x0b20 [ 0B427D9943C838620AFA30CBB24A6D77, 5A98B1405126F79846C810E739E964B11A4397F3DE597991308DB3C6AABB8F81 ] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
19:01:14.0122 0x0b20 CLMLServer - ok
19:01:14.0148 0x0b20 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
19:01:14.0157 0x0b20 UpdateP2GoShortCut - ok
19:01:14.0175 0x0b20 [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe
19:01:14.0184 0x0b20 UpdatePRCShortCut - ok
19:01:14.0205 0x0b20 [ 150F7974EB0B03D4C35107BFC584DEA6, D3C538E14E61453C14885863DDE56B26412445F11E0B0ADA3BBC96021EFAA355 ] C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe
19:01:14.0209 0x0b20 TMCMonitor - detected UnsignedFile.Multi.Generic ( 1 )
19:01:14.0209 0x0b20 Detect skipped due to KSN trusted
19:01:14.0209 0x0b20 TMCMonitor - ok
19:01:14.0259 0x0b20 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:01:14.0265 0x0b20 APSDaemon - ok
19:01:14.0334 0x0b20 [ D4AD55A8145F94E63F60C3B8C3B2AB6E, AC3E4EE8EF27EFE790F7363CB80239D090CC4D3E73F838A612AB1B7D48EC8038 ] C:\Windows\USB Vibration\7906\USB Gamepad.exe
19:01:14.0357 0x0b20 USB Gamepad - ok
19:01:14.0471 0x0b20 [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
19:01:14.0494 0x0b20 Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
19:01:14.0494 0x0b20 Detect skipped due to KSN trusted
19:01:14.0494 0x0b20 Adobe Version Cue CS2 - ok
19:01:14.0559 0x0b20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:01:14.0594 0x0b20 Sidebar - ok
19:01:14.0625 0x0b20 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:01:14.0639 0x0b20 mctadmin - ok
19:01:14.0664 0x0b20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:01:14.0697 0x0b20 Sidebar - ok
19:01:14.0703 0x0b20 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:01:14.0727 0x0b20 mctadmin - ok
19:01:14.0836 0x0b20 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
19:01:14.0850 0x0b20 AmazonMP3DownloaderHelper - ok
19:01:14.0856 0x0b20 AV detected via SS2: AntiVir Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( ), 0x41000 ( enabled : updated )
19:01:14.0859 0x0b20 Win FW state via NFP2: disabled ( not trusted )
19:01:15.0020 0x0b20 ============================================================
19:01:15.0020 0x0b20 Scan finished
19:01:15.0020 0x0b20 ============================================================
19:01:15.0027 0x0f28 Detected object count: 1
19:01:15.0027 0x0f28 Actual detected object count: 1
19:01:21.0005 0x0f28 Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - skipped by user
19:01:21.0005 0x0f28 Lenovo Eye Distance System ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.02.2017, 10:34
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie werde ich "win32.downloader.gen" los? Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.02.2017, 11:25
| #11 |
| | Wie werde ich "win32.downloader.gen" los? Ergebnis von AdwCleaner: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 03/02/2017 um 11:00:00
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-02.4 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : horton - HORTON-PC
# Gestartet von : C:\Users\horton\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\horton\AppData\LocalLow\Conduit
[-] Ordner gelöscht: C:\Users\horton\AppData\LocalLow\DVDVideoSoftTB_DE
[-] Ordner gelöscht: C:\Users\horton\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner gelöscht: C:\Program Files (x86)\Conduit
[-] Ordner gelöscht: C:\Program Files (x86)\DVDVideoSoftTB_DE
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[-] Ordner gelöscht: C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar.CT2625848
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\Conduit
[-] Schlüssel gelöscht: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\AppDataLow\Software\ConduitSearchScopes
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Conduit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Schlüssel gelöscht: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\SearchScopes\{271EF175-8711-4D5F-A69D-5130D0D13442}
[-] Daten wiederhergestellt: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{271EF175-8711-4D5F-A69D-5130D0D13442}
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{271EF175-8711-4D5F-A69D-5130D0D13442}
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
[-] Schlüssel gelöscht: HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
***** [ Browser ] *****
[-] [C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: trovi.search
[-] [C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=55&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&SSPV=
[-] [C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: mkcedibhemacmilmkpndpkoidlnmgngg
[-] [C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://www.trovi.com/?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=55&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&SSPV=
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9622 Bytes] - [03/02/2017 11:00:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [8981 Bytes] - [03/02/2017 10:58:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [9768 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by horton (Administrator) on 03.02.2017 at 11:10:35,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 18
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\131MVRYU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B8EDIHJC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HABG4H7A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\horton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDZD05WZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\131MVRYU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B8EDIHJC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HABG4H7A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDZD05WZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\SysWOW64\sho71E4.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoD8B1.tmp (File)
Deleted the following from C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2017 at 11:16:30,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
03.02.2017, 12:16
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie werde ich "win32.downloader.gen" los? Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen: 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.02.2017, 12:25
| #13 |
| | Wie werde ich "win32.downloader.gen" los?Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 03/02/2017 um 12:19:27
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-02.4 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : horton - HORTON-PC
# Gestartet von : C:\Users\horton\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9899 Bytes] - [03/02/2017 11:00:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [8981 Bytes] - [03/02/2017 10:58:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [1356 Bytes] - [03/02/2017 12:19:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1429 Bytes] ##########
|
|
03.02.2017, 13:03
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie werde ich "win32.downloader.gen" los? Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.02.2017, 13:19
| #15 |
| | Wie werde ich "win32.downloader.gen" los?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von horton (Administrator) auf HORTON-PC (03-02-2017 13:12:15)
Gestartet von C:\Users\horton\Desktop
Geladene Profile: horton (Verfügbare Profile: horton & Ameise & der Erfinder)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MacroKeyManager] => C:\Windows\system32\WTMKM.exe [6446312 2010-06-14] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [225280 2009-08-25] (JME)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [171104 2010-03-16] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [264704 2010-07-08] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [281088 2010-07-16] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [TMCMonitor] => C:\Program Files (x86)\Lenovo\Lenovo EBook&QuickNotes\TMCMonitor.exe [53248 2009-11-09] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] ()
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-05-16]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-09-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A6F2330F-3790-4172-B4B7-CE7317B8C6F6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DCDE01C2-B4BA-4B7A-BBDC-8B4FD2A8AAE7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3064065677-2226785740-1792966077-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-08] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-04-22] (DVDVideoSoft Ltd.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-31] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-31] (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-22] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-04-22] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: fzwgi5ur.default
FF ProfilePath: C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default [2017-02-03]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fzwgi5ur.default -> DuckDuckGo
FF Extension: (YouTube mp3) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: (Save as PDF) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-04-28]
FF Extension: (UnMHT) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\Extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2016-11-28]
FF Extension: (Diagnostics) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\features\{f11a5f6e-61bd-4e13-8a98-44f23f361f4e}\diagnostics@mozilla.org.xpi [2017-02-02]
FF Extension: (Send HSTS Priming Requests) - C:\Users\horton\AppData\Roaming\Mozilla\Firefox\Profiles\fzwgi5ur.default\features\{f11a5f6e-61bd-4e13-8a98-44f23f361f4e}\hsts-priming@mozilla.org.xpi [2017-02-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-23] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-23] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-10-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3064065677-2226785740-1792966077-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\horton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-04-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3064065677-2226785740-1792966077-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\horton\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MCF6129E0-50C5-47DB-9195-25BD87B7A4AE&SearchSource=58&CUI=&UM=6&UP=SP484366AB-7A74-4877-98A7-BE92B29E4CCA&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default [2017-02-03]
CHR Extension: (YouTube) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Google-Suche) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Avira Browserschutz) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Google Mail) - C:\Users\horton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-05-16] (Adobe Systems) [Datei ist nicht signiert]
R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [915232 2010-07-15] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 WTService; C:\Windows\System32\atwtusb.exe [907496 2010-06-14] () [Datei ist nicht signiert]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2016-08-31] (Oak Technology Inc.) [Datei ist nicht signiert]
R3 ATIAVPCI; C:\Windows\System32\DRIVERS\atinavrr.sys [1557760 2010-03-26] (ATI Technologies Inc.)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41096 2008-12-01] (Your Corporation)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [23152 2010-01-15] (JMicron )
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [26176 2010-08-06] ()
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [237568 2010-07-17] (Vimicro Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-03 11:16 - 2017-02-03 11:16 - 00003802 _____ C:\Users\horton\Desktop\JRT.txt
2017-02-03 11:09 - 2017-02-03 11:09 - 01663040 _____ (Malwarebytes) C:\Users\horton\Desktop\JRT.exe
2017-02-03 11:05 - 2017-02-03 11:05 - 00009902 _____ C:\Users\horton\Desktop\AdwCleaner[C0].txt
2017-02-03 10:54 - 2017-02-03 12:19 - 00000000 ____D C:\AdwCleaner
2017-02-03 10:51 - 2017-02-03 10:51 - 04015056 _____ C:\Users\horton\Desktop\AdwCleaner_6.043.exe
2017-02-02 18:57 - 2017-02-03 04:57 - 00410058 _____ C:\TDSSKiller.3.1.0.12_02.02.2017_18.57.40_log.txt
2017-02-02 18:56 - 2017-02-02 18:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\horton\Desktop\tdsskiller.exe
2017-02-02 17:01 - 2017-02-02 18:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-02 17:01 - 2017-02-02 17:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-02 17:01 - 2017-02-02 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-02 16:58 - 2017-02-02 18:53 - 00000000 ____D C:\Users\horton\Desktop\mbar
2017-02-02 16:58 - 2017-02-02 17:53 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-02 16:55 - 2017-02-02 16:57 - 16563352 _____ (Malwarebytes Corp.) C:\Users\horton\Desktop\mbar-1.09.3.1001.exe
2017-02-02 15:42 - 2017-02-02 15:42 - 00222568 _____ C:\Users\horton\Desktop\SpybotSD.Results.txt
2017-02-02 12:43 - 2017-02-02 12:44 - 00042283 _____ C:\Users\horton\Desktop\Addition.txt
2017-02-02 12:42 - 2017-02-03 13:12 - 00022297 _____ C:\Users\horton\Desktop\FRST.txt
2017-02-02 12:42 - 2017-02-03 13:12 - 00000000 ____D C:\FRST
2017-02-02 12:22 - 2017-02-02 12:33 - 02420736 _____ (Farbar) C:\Users\horton\Desktop\FRST64.exe
2017-02-02 12:00 - 2017-02-02 12:08 - 00414016 _____ C:\TDSSKiller.3.1.0.12_02.02.2017_12.00.46_log.txt
2017-02-02 11:55 - 2017-02-02 11:57 - 00414150 _____ C:\TDSSKiller.3.1.0.12_02.02.2017_11.55.10_log.txt
2017-02-02 11:54 - 2017-02-02 11:54 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-02 08:47 - 2017-02-02 08:47 - 00000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2017-02-02 08:47 - 2017-02-02 08:47 - 00000000 ____D C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2017-01-31 10:24 - 2017-01-31 10:24 - 00000000 ____D C:\Windows\pss
2017-01-26 14:31 - 2017-02-01 17:36 - 00000000 ____D C:\Users\horton\Desktop\umgang
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-03 12:45 - 2015-01-30 20:08 - 00000000 ____D C:\Users\horton\Desktop\Desktop aufräumen!
2017-02-03 12:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-03 12:39 - 2012-10-04 19:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-03 12:19 - 2016-12-03 11:42 - 00000000 ____D C:\Users\horton\AppData\LocalLow\Mozilla
2017-02-03 11:32 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-03 11:32 - 2009-07-14 05:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-03 11:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 11:01 - 2009-07-14 03:34 - 00000742 _____ C:\Windows\win.ini
2017-02-03 10:59 - 2015-05-30 09:28 - 00000008 __RSH C:\Users\horton\ntuser.pol
2017-02-03 10:59 - 2011-06-18 21:21 - 00000000 ___HD C:\Users\horton
2017-02-03 07:44 - 2009-07-14 18:58 - 00699868 _____ C:\Windows\system32\perfh007.dat
2017-02-03 07:44 - 2009-07-14 18:58 - 00149750 _____ C:\Windows\system32\perfc007.dat
2017-02-03 07:44 - 2009-07-14 06:13 - 01622228 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-03 07:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-03 05:25 - 2013-10-17 13:42 - 00007634 _____ C:\Users\horton\AppData\Local\Resmon.ResmonCfg
2017-02-02 16:38 - 2013-08-12 19:09 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-02 16:35 - 2012-07-05 09:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-02 16:35 - 2012-07-05 09:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2017-02-02 16:32 - 2014-08-17 21:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-02 16:32 - 2013-08-12 19:09 - 00000000 ____D C:\ProgramData\Avira
2017-02-02 16:31 - 2013-08-12 19:10 - 00000000 ____D C:\Users\horton\AppData\Roaming\Avira
2017-02-02 11:54 - 2012-11-20 21:55 - 00000000 ____D C:\Users\horton\AppData\Local\Downloaded Installations
2017-02-02 08:39 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-02 08:04 - 2013-12-18 20:34 - 00000000 ____D C:\ProgramData\SecTaskMan
2017-02-01 14:13 - 2013-05-06 14:07 - 00000000 ____D C:\Users\horton\Desktop\WORK2DO
2017-02-01 10:57 - 2016-11-30 23:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-01 10:57 - 2016-01-21 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-31 10:13 - 2016-05-04 13:14 - 00000000 ____D C:\Users\horton\Desktop\SoSe2016
2017-01-31 10:11 - 2016-05-04 09:08 - 00000000 ____D C:\Users\horton\Desktop\Beppo
2017-01-31 10:07 - 2014-07-15 18:50 - 00000000 ____D C:\Users\horton\Desktop\uni
2017-01-31 09:28 - 2012-02-23 11:59 - 00000000 ____D C:\Users\horton\AppData\Roaming\vlc
2017-01-25 17:32 - 2016-11-18 16:02 - 00000000 ____D C:\Users\Ameise\AppData\LocalLow\Mozilla
2017-01-23 16:14 - 2015-11-29 18:58 - 00004090 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1448819900
2017-01-23 15:39 - 2012-10-04 19:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-23 15:39 - 2012-06-08 10:22 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-23 15:39 - 2012-03-18 04:26 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-23 15:39 - 2011-06-30 13:45 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-23 15:39 - 2010-09-20 13:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-23 15:05 - 2016-03-10 20:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-23 15:04 - 2016-01-21 09:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-18 16:33 - 2016-01-21 11:08 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-18 16:31 - 2016-01-21 11:05 - 00000000 ____D C:\Program Files\Microsoft Office 15
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-05-22 12:03 - 2013-05-22 12:03 - 0000050 _____ () C:\Users\horton\AppData\Roaming\AcroIEHelpe.txt
2013-05-22 11:27 - 2013-05-22 11:27 - 0552126 _____ () C:\Users\horton\AppData\Roaming\dict.txt
2013-05-22 11:27 - 2013-05-22 11:27 - 0001466 _____ () C:\Users\horton\AppData\Roaming\jserv.txt
2013-05-22 11:58 - 2013-05-22 11:58 - 0000505 _____ () C:\Users\horton\AppData\Roaming\rost.dat
2013-05-22 11:27 - 2013-05-22 11:27 - 0000260 _____ () C:\Users\horton\AppData\Roaming\srvblck5.tmp
2016-05-12 07:12 - 2016-05-12 07:12 - 0002112 _____ () C:\Users\horton\AppData\Local\recently-used.xbel
2013-10-17 13:42 - 2017-02-03 05:25 - 0007634 _____ () C:\Users\horton\AppData\Local\Resmon.ResmonCfg
2011-11-10 10:40 - 2012-03-06 11:07 - 0000125 ___SH () C:\ProgramData\.zreglib
2010-09-20 13:39 - 2010-09-20 13:39 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2016-07-21 18:00 - 2016-08-03 12:31 - 0000848 ___SH () C:\ProgramData\KGyGaAvL.sys
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
Einige Dateien in TEMP:
====================
2015-05-30 09:31 - 2015-05-30 09:31 - 0000000 ____D () C:\Users\Ameise\AppData\Local\Temp\avgnt.exe
2016-09-13 14:12 - 2016-09-13 14:12 - 0000000 ____D () C:\Users\der Erfinder\AppData\Local\Temp\avgnt.exe
2016-08-10 15:20 - 2016-07-04 01:08 - 0049544 _____ (HP Inc.) C:\Users\horton\AppData\Local\Temp\ACLMInstaller.exe
2013-12-02 12:11 - 2014-08-17 21:45 - 0000000 ____D () C:\Users\horton\AppData\Local\Temp\avgnt.exe
2016-07-21 17:29 - 2016-07-21 17:35 - 0008480 _____ (Corel Corporation) C:\Users\horton\AppData\Local\Temp\DRPCUNLR.dll
2012-09-20 02:15 - 2012-09-20 02:15 - 50352408 _____ (Microsoft Corporation) C:\Users\horton\AppData\Local\Temp\NetFramework45.exe
2016-07-10 07:14 - 2016-07-10 07:14 - 7424678 _____ () C:\Users\horton\AppData\Local\Temp\tmpA44A.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-20 01:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von horton (03-02-2017 13:12:48)
Gestartet von C:\Users\horton\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-18 20:21:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3064065677-2226785740-1792966077-500 - Administrator - Disabled)
Ameise (S-1-5-21-3064065677-2226785740-1792966077-1001 - Limited - Enabled) => C:\Users\Ameise
der Erfinder (S-1-5-21-3064065677-2226785740-1792966077-1002 - Limited - Enabled) => C:\Users\der Erfinder
Gast (S-1-5-21-3064065677-2226785740-1792966077-501 - Limited - Disabled)
horton (S-1-5-21-3064065677-2226785740-1792966077-1000 - Administrator - Enabled) => C:\Users\horton
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1x1-Trainer 4 (HKLM-x32\...\1x1-Trainer) (Version: 4 - Hans-Jürgen Stoffels, Köln.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft PhotoStudio Paint (HKLM-x32\...\{EC252D0D-C690-4CE7-BA07-23F4E00505BE}) (Version: 1.0.1.25 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{D6D18877-4A64-CE9E-1980-C1F414AC7F27}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
Bluetooth Notice (HKLM-x32\...\{4CC5AE2D-492D-4A21-9E99-1F46A7D4158B}) (Version: 2.0.00.07050 - Lenovo)
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Corel PDF Fusion - Creator (Version: 4.0.0 - Corel Corporation) Hidden
Corel PDF Fusion - ICA (x32 Version: 1.12 - Corel Corporation) Hidden
Corel PDF Fusion - Program (x32 Version: 1.14.0000 - Corel Corporation) Hidden
Corel PDF Fusion - Setup (x32 Version: 1.12 - Corel Corporation) Hidden
Corel PDF Fusion (HKLM-x32\...\_{5D62567F-38BA-4713-B87E-CF06C465E33B}) (Version: 1.14 - Corel Corporation)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Extra Content (HKLM-x32\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Extra Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
Curling (HKLM-x32\...\{369AAC15-34EF-4A1E-9090-29BEE38956F4}) (Version: 1.16.063010 - NTTC)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2716 - CyberLink Corp.)
Dialang V1 Beta (HKLM-x32\...\{97DF4674-AB43-11D5-91C9-005004F84FA1}) (Version: - )
DriverInstall (x32 Version: 1.00.0000 - Genaitech) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
Firework (HKLM-x32\...\{736DB9B0-D2BA-41DC-AACD-384A599B7D24}) (Version: 1.14.063010 - NTTC)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - )
Funny Cube (HKLM-x32\...\{791708C1-0D84-4D05-88DC-A29EE9808270}) (Version: 1.17.063010 - NTTC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Happy Hit (HKLM-x32\...\{A8BE86A1-7E0E-4814-80E5-6F4073B744F7}) (Version: 1.33.063010 - NTTC)
HP Foto und Bildbearbeitung 1.0 - HP PSC - HP OfficeJet (HKLM-x32\...\PSC 2000 Series) (Version: - )
Idea Touch 3.0 (HKLM-x32\...\{70D6A420-AAC3-4213-9EF7-CDD6C16CCF2D}) (Version: 3.00.010.0816 - Lenovo)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.197 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.0.20.197 - InterVideo Inc.) Hidden
Janosch Tigerschule (HKLM-x32\...\{DB7DEBC2-8031-4186-A5C2-DAD6C823853C}) (Version: 1.00.0000 - Terzio Verlag)
Janoschs neue Tigerschule (HKLM-x32\...\Janoschs neue Tigerschule) (Version: - )
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.09.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2600 - Broadcom Corporation)
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.19161 - Lenovo)
Lenovo EBook&QuickNotes (HKLM-x32\...\InstallShield_{63EA246F-3C4F-4809-B0DE-3738F99B34DD}) (Version: 1.0.3.9 - ArcSoft)
Lenovo EBook&QuickNotes (x32 Version: 1.0.3.9 - ArcSoft) Hidden
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.19080 - Lenovo)
Lenovo Fun Zone (HKLM-x32\...\motiongame) (Version: 0.7.8.51 - Tose(Shanghai) Ltd.)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3720 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.3720 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo VeriTouch 2.0 (HKLM-x32\...\InstallShield_{6A7F7465-284F-4299-8663-CDB496CEFA7D}) (Version: 2.0.1.9 - ArcSoft)
Lenovo VeriTouch2.0 (x32 Version: 2.0.1.9 - ArcSoft) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LenovoModifyWindowStyle (HKLM-x32\...\{EBC41B09-E56D-421C-B3D0-84AC1103541B}) (Version: 1.00.0408 - Lenovo)
LIMBO (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\Limbo) (Version: - )
Link Up (HKLM-x32\...\{3DEDB107-2FCB-4544-844D-EC2878A9F22C}) (Version: 1.17.063010 - NTTC)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0423 - Lenovo)
LXH-JME8002B Hotkey Driver (HKLM-x32\...\{29EA755D-404B-4310-872C-EB1B8513F9D6}) (Version: 5.0.0825 - Lenovo)
Machinarium (HKLM-x32\...\Machinarium) (Version: - Daedalic Entertainment)
MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
MacroKey Manager (Version: 1.00.0000 - Ihr Firmenname) Hidden
Mat5070Win7x64Drv (HKLM-x32\...\InstallShield_{884D18CB-F012-4F9D-9498-25D1E004DB87}) (Version: 6.14.10.396 - Geniatech)
Mat5070Win7x64Drv (x32 Version: 6.14.10.396 - Geniatech) Hidden
Media Go (HKLM-x32\...\{7A6C3344-5CF9-4B83-959C-6576C5B27D09}) (Version: 2.3.255 - Sony)
Media Go Video Playback Engine 1.96.115.08260 (HKLM-x32\...\{065DBB54-6E55-A609-2E1E-F0617E827D53}) (Version: 1.96.115.08260 - Sony)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Research AutoCollage Touch 2009 (HKLM-x32\...\{1F8DA253-3C27-4B01-A63A-BA3533120833}) (Version: 2.00.2009 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MuseScore 1.2 MuseScore score typesetter (HKLM-x32\...\MuseScore) (Version: 1.2.0 - Werner Schweer and Others)
Music Star (HKLM-x32\...\{E4FB9C8E-E965-4885-A4F8-8D2991AD4A36}) (Version: 1.35.063010 - NTTC)
Music Star (x32 Version: 1.35.063010 - NTTC) Hidden
NextWindow Drivers (HKLM\...\{0D765C2F-D317-4C25-9582-F669974FADA4}) (Version: 1.4.144 - NextWindow)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 37.0.2178.32 (HKLM-x32\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software)
pCon.planner 6.7 (HKLM-x32\...\pCon.planner 6.7) (Version: 6.7.0.102 - EasternGraphics)
pCon.planner 6.7 (x32 Version: 6.7.0.102 - EasternGraphics) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.12.6.14870 - Sony Computer Entertainment Inc.)
PowerCinema (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.0.4308 - CyberLink Corp.)
PowerCinema (x32 Version: 7.0.4308 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Readiris 7.5 (HKLM-x32\...\{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}) (Version: - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Scrabble3D (HKLM-x32\...\{FF7B2746-9028-4784-B4E7-CC8CA67CF98D}) (Version: 3.1.4 - Heiko Tietze)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.2.0.100706 - Lenovo)
Tiny and Big - Grandpa's Leftovers (remove only) (HKLM-x32\...\Tiny and Big - Grandpas Leftovers) (Version: - )
tipptapp (HKLM-x32\...\tipptapp) (Version: 1.1 - UNKNOWN)
tipptapp (x32 Version: 1.1 - UNKNOWN) Hidden
Unity Web Player (HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V3.70a - )
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04C5F25C-AAFA-492D-81D3-F2A3C7F99DC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {06FE0C75-095D-4538-9652-1459AD205388} - System32\Tasks\{68C54E11-A282-461B-95D6-06C9D1E2DA94} => pcalua.exe -a C:\Users\horton\Desktop\dialang.exe -d C:\Users\horton\Desktop
Task: {0B2FB6FB-5A3B-4553-91CA-5D4A0F147735} - System32\Tasks\{D6E62EA7-E2F5-4CA8-BF54-4E460763B5E2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {184B24B0-6EEB-4954-99E5-36D978467C30} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1CF293F8-1AEA-4197-946C-92687175403F} - System32\Tasks\{736C63F3-D2A7-419C-8F26-4F75DB5FA8EE} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS2_RetNon_Ger_3.exe -d C:\Users\horton\Desktop\cs2
Task: {3B09AC67-7BFE-49D7-AD47-3AD780BF497F} - System32\Tasks\Opera scheduled Autoupdate 1448819900 => C:\Users\Ameise\AppData\Local\Programs\Opera\launcher.exe [2017-01-16] (Opera Software)
Task: {3B289925-D629-4DFE-AE42-D9D95D4B4410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3EAB639C-2FC8-4064-98DD-4C85415019E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-23] (Adobe Systems Incorporated)
Task: {448A37AB-EE09-4022-B1B2-E40C21C38283} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {54200FB5-0D44-4CAA-98C9-708949FA1F09} - System32\Tasks\Opera scheduled Autoupdate 1418639019 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-28] (Opera Software)
Task: {65219F8A-790B-47DF-A54B-CEE1F484C54D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {661D22D4-FB9D-4D29-8177-BBA903971A83} - System32\Tasks\{9A441C31-2AC8-449A-98AD-3A8894ED1EB5} => pcalua.exe -a C:\Users\horton\Desktop\Beppo\cs2\CS_2.0_GR_Extras_1.exe -d C:\Users\horton\Desktop\Beppo\cs2
Task: {7BCEE2BE-4536-465C-9685-42B1C8CB5079} - System32\Tasks\{9F891BA6-C1FD-4436-8635-17892C96B09F} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS_2.0_GR_Extras_1.exe -d C:\Users\horton\Desktop\cs2
Task: {A6155A92-7CDC-49EE-BF19-BC640597705A} - System32\Tasks\{11BC33C9-6703-4868-A206-CC3820EC52EF} => pcalua.exe -a C:\Users\horton\Desktop\cs2\CS2_RetNon_Ger_2.exe -d C:\Users\horton\Desktop\cs2
Task: {AA7AF7A0-6DFC-429F-9B01-3F6FE6409F23} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {C85FD0DE-8A35-454D-A55E-9C4A0DF07642} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {CE94750F-6DB9-4D3E-8104-F4408AB635C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {F7FB24F9-0C03-4DF3-9AD9-48BF1D996598} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-01-21 11:05 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 03502080 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2012-02-09 14:01 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-06-14 13:27 - 2010-06-14 13:27 - 00907496 _____ () C:\Windows\system32\atwtusb.exe
2002-04-11 03:19 - 2002-04-11 03:19 - 00077824 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
2005-04-06 15:52 - 2005-04-06 15:52 - 00028791 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00057453 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00102515 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00053364 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00057455 _____ () C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00032880 _____ () C:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 00434255 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 15:53 - 2005-04-06 15:53 - 01019904 _____ () c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2014-07-18 11:12 - 2016-07-22 07:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-08-08 15:12 - 2016-07-22 07:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2002-04-11 03:19 - 2002-04-11 03:19 - 00024576 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3064065677-2226785740-1792966077-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\horton\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
bfe => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 2000 Series.lnk => C:\Windows\pss\hp psc 2000 Series.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^officejet 6100.lnk => C:\Windows\pss\officejet 6100.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Version Cue CS2 => "c:\Creative Suite CS2\Adobe Creative Suite 2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Share-to-Web Namespace Daemon => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A4FB27FC-023D-4129-B1DE-FDF2B09061D5}] => C:\Program Files (x86)\Lenovo\PowerCinema\PowerCinema.exe
FirewallRules: [{8A3B9C82-477B-497B-875D-47FB8BA0C12E}] => C:\Program Files (x86)\Lenovo\PowerCinema\PCMService.exe
FirewallRules: [{9C02D370-9C54-4245-8D97-C3EF1807BD7B}] => C:\Program Files (x86)\Lenovo\PowerCinema\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{C31DDC86-21AB-47E0-888F-8DEF4FD5BE47}] => C:\Program Files (x86)\Lenovo\PowerCinema\Kernel\DMS\CLMSService.exe
FirewallRules: [{C8468554-4EA9-4C9F-8262-671D36E9E99F}] => C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{0516DDB6-8361-4C3B-91AD-478A20CF035E}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{034FFB5D-CBD4-4AC3-AE1F-6F182A2C1083}] => svchost.exe
FirewallRules: [{6CA96BF6-9B90-44A9-AFD3-29CC3CB428E6}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{BD3F27AF-F479-44D9-81F7-343CA3100C7D}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{590DF1F9-59A1-408A-A742-150E8DE4BC62}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{97B50266-2462-4C09-817D-46088F510B3D}C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe] => C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe
FirewallRules: [UDP Query User{4D447EA7-4625-409F-B49C-29DA7B9C90C7}C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe] => C:\users\horton\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe
==================== Wiederherstellungspunkte =========================
20-11-2016 01:55:47 Geplanter Prüfpunkt
22-11-2016 14:10:20 Windows Update
02-02-2017 08:36:22 Removed BlueStacks Notification Center
02-02-2017 08:38:17 Removed BlueStacks Notification Center
03-02-2017 11:10:39 JRT Pre-Junkware Removal
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Realtek PCIe GBE Family Controller #2
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/02/2017 08:11:43 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/02/2017 08:00:01 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={5089AFC7-E689-4661-9467-5683F945F9F1}: Der Benutzer "horton-PC\horton" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (02/02/2017 07:07:26 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/01/2017 02:37:52 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/01/2017 10:59:25 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/30/2017 08:13:04 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/28/2017 11:50:58 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/26/2017 08:56:10 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/25/2017 04:24:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/24/2017 02:59:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Systemfehler:
=============
Error: (02/03/2017 11:11:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WTService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/03/2017 11:05:10 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar..
Error: (02/03/2017 11:01:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error: (02/03/2017 11:01:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/03/2017 11:01:33 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (02/03/2017 11:01:33 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (02/03/2017 10:59:58 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (02/03/2017 10:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/03/2017 10:59:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/03/2017 10:59:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 4023.12 MB
Verfügbarer physikalischer RAM: 1927.5 MB
Summe virtueller Speicher: 8044.42 MB
Verfügbarer virtueller Speicher: 5619.2 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:906.34 GB) (Free:659.28 GB) NTFS
Drive d: (TippTapp) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8D385642)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=906.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
| Themen zu Wie werde ich "win32.downloader.gen" los? |
| adobe, antivir, antivirus, computer, cpu, defender, firefox, flash player, home, homepage, mozilla, mp3, object, office 365, prozesse, realtek, registry, rundll, safer networking, security, services.exe, software, svchost.exe, system, temp, udp, windows |
Linear-Darstellung
