|
Log-Analyse und Auswertung: Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.11.2019, 10:41 | #1 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Trojaner-Board-Team! Ich habe folgendes Problem: Ich bekomme Emails, dass die Zugangspasswörter von z.B. Ebay oder Ebay-Kleinanzeigen geändert wurden. Nach dem Aufruf der Programme kann ich mich nicht mehr mit dem mir bekannten Passwort einloggen. Es ist mir möglich (über die "Passwort vergessen"-Funktion) neue Passwörter festzulegen und dann kann ich mich auch wieder einloggen. Ich vermute daher, dass jemand über meinen Recchner z.B. meine Tastatureingaben mitschreibt oder ähnliches... Bereits vorab vielen Dank für eure Unterstützung!!! Nachfolgend nun die aktuellen LOG-Files von Farbar: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2019 durchgeführt von Michael (Administrator) auf MICHAEL (Medion Akoya E7416T) (24-11-2019 00:28:32) Gestartet von C:\Users\Michael\Desktop\FARBAR Geladene Profile: Michael (Verfügbare Profile: Michael & Sicheres Internet) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Standard-Browser: IE Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files (x86)\PHotkey\GPMTray.exe () [Datei ist nicht signiert] C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe () [Datei ist nicht signiert] C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe () [Datei ist nicht signiert] C:\Program Files (x86)\PHotkey\PHotkey.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Anwendungen\Adobe Acrobat\Acrobat\acrotray.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Greenshot) [Datei ist nicht signiert] C:\Anwendungen\Video-Audio\Greenshot\Greenshot.exe (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Macrovision Europe Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\Atouch64.exe (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\MsgTranAgt.exe (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3278088 2014-07-01] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7822136 2014-06-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Greenshot] => C:\Anwendungen\Video-Audio\Greenshot\Greenshot.exe [540672 2015-04-19] (Greenshot) [Datei ist nicht signiert] HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2014-03-12] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [PowerDVD12Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Anwendungen\Adobe Acrobat\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\AVMAutoStart.exe [139264 2016-08-15] (AVM Berlin) [Datei ist nicht signiert] HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\Run: [Steam] => C:\Anwendungen\Spiele\Steam.exe [3288016 2019-11-20] (Valve -> Valve Corporation) HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\RunOnce: [Adobe Speed Launcher] => 1574541602 HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {051947a3-8d96-11e8-8330-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {0a96715c-0796-11ea-835e-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {0e9f0e28-8334-11e7-830b-34de1a0b3253} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {365375e1-e712-11e7-831b-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {437a0f44-81d3-11e8-832e-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {4f7d227e-ad36-11e9-8355-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {4f7d22ef-ad36-11e9-8355-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {52f75884-0007-11ea-835e-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {52f75fe6-0007-11ea-835e-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {5ba4f94e-dc0b-11e5-82ba-34de1a0b3253} - "G:\autorun.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {5e6e61b6-7e1b-11e7-8309-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {5e85ea9a-31fc-11e9-834a-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {6dc2dbd6-3357-11e8-8323-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {7a9ac547-e1c2-11e7-8319-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {7a9ac5bd-e1c2-11e7-8319-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {7c69a84a-383b-11e9-834a-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {7c69a855-383b-11e9-834a-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {7c69aa50-383b-11e9-834a-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {9f8aa38b-de48-11e9-835a-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {9ffdf94f-119a-11e7-8300-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {ba0df8ea-0686-11e7-82fb-34de1a0b3253} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {d646f09d-d458-11e8-833a-34de1a0b3253} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {e000796f-af8b-11e9-8356-34de1a0b3253} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {e6c90924-9b80-11e9-8351-34de1a0b3253} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\MountPoints2: {f1dc177b-6f94-11e6-82d8-34de1a0b3253} - "F:\SETUP.EXE" HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2017-12-22] ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () [Datei ist nicht signiert] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2017-12-22] ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Anwendungen\Adobe Acrobat\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> ) Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-03-10] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {53992A4F-A075-4284-BBB9-1BA508F05A60} - System32\Tasks\Opera scheduled Autoupdate 1540745483 => C:\Users\Michael\AppData\Local\Programs\Opera\launcher.exe Task: {5E2C69AB-E8BE-47E0-9F91-16FAF4ABFCAE} - System32\Tasks\Lenovo\sysrun-2170 => C:\Users\Michael\AppData\Local\Temp\sysrun-2170.cmd Task: {636DE964-6063-4B0D-BE98-02F72D71A775} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [85768 2014-05-27] (CyberLink Corp. -> CyberLink Corp.) Task: {6CADC730-A1C6-4788-A52C-15407E0501BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286096 2019-11-19] (Microsoft Corporation -> Microsoft Corporation) Task: {72A7F363-BB3D-49D2-B769-9C913269A57E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {781C98BA-5783-4E7A-8505-0DAC9D6857D0} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {B6B7074D-06F2-42C2-BA1B-1A29ADC172E1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {B85A2C2B-A890-4636-A506-03C489E26123} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> ) Task: {B939A2B4-4E29-45EE-B8DD-2C2FCDA128E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {C4A2F5B8-21F1-4D7C-8A3E-872864811F3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {CC192996-0BD0-4717-87BB-15110F745027} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-07] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) Task: {DB1B3D2F-2F2F-481C-8645-774418C5D1EE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {F0B0581D-475A-44B8-BAE0-4CA3FA677D6E} - System32\Tasks\EPSON ET-2750 Series Update {E8716E89-3534-42AC-B11F-0882846FC578} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {F972C1FB-F1F1-4BAB-90B6-FAA763F2F428} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286096 2019-11-19] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON ET-2750 Series Update {E8716E89-3534-42AC-B11F-0882846FC578}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSLE.EXE:/EXE:{E8716E89-3534-42AC-B11F-0882846FC578} /F:UpdateWORKGROUP\MICHAEL$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{7AED59C7-DCCE-4F0E-8496-DB1BE9515454}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{D2E1BCA7-44B9-4933-AB25-5DCE3D4B3134}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-126779072-3366365184-2721121050-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.2\bin\ssv.dll => Keine Datei BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-12-10] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Anwendungen\Adobe Acrobat\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Anwendungen\Adobe Acrobat\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-12-10] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-12-10] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Anwendungen\Video-Audio\VLC\npvlc.dll [2015-02-27] (VideoLAN) [Datei ist nicht signiert] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Anwendungen\Tools\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1207984 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567872 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3885592 2017-03-03] (devolo AG -> devolo AG) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-12-22] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-07-03] (Huawei Technologies Co., Ltd. -> ) [Datei ist nicht signiert] R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation - pGFX -> Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] (Intel Corporation-Mobile Wireless Group -> ) R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2014-03-04] () [Datei ist nicht signiert] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] (CyberLink Corp. -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AMPPAL; C:\Windows\System32\drivers\AMPPAL.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\system32\DRIVERS\amppal.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-06-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-02-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [208176 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2019-09-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2015-12-16] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [23816 2014-07-01] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.) S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [89792 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-24] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2017-03-03] (devolo AG -> Riverbed Technology, Inc.) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON) R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-24 00:16 - 2019-11-24 00:29 - 000000000 ____D C:\FRST 2019-11-24 00:15 - 2019-11-24 00:23 - 000000000 ____D C:\Users\Michael\Desktop\FARBAR 2019-11-21 19:42 - 2019-11-21 19:42 - 000002156 _____ C:\Users\Public\Desktop\Epson Printer Connection Checker.lnk 2019-11-21 19:42 - 2019-11-21 19:42 - 000002156 _____ C:\ProgramData\Desktop\Epson Printer Connection Checker.lnk 2019-11-17 14:42 - 2019-11-17 14:51 - 000000000 ____D C:\Users\Michael\Desktop\Maja Handy 2019-11-13 23:20 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-11-13 23:20 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-11-13 23:20 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-11-13 23:20 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-11-13 23:20 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-11-13 23:20 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-11-13 23:20 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-11-13 23:20 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-11-13 23:20 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-11-13 23:20 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-11-13 23:20 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-11-13 23:20 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-11-13 23:20 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-11-13 23:20 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2019-11-13 23:20 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-11-13 23:20 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-11-13 23:20 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-11-13 23:20 - 2019-09-25 05:18 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-11-13 23:20 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe 2019-11-13 23:20 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2019-11-13 23:20 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll 2019-11-13 23:20 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll 2019-11-13 23:20 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-11-13 23:20 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-11-13 23:19 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2019-11-13 23:19 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll 2019-11-13 23:19 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2019-11-13 23:19 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-11-13 23:19 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-11-13 23:19 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-11-13 23:19 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-11-13 23:19 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-11-13 23:19 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-11-13 23:19 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-11-13 23:19 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-11-13 23:19 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-11-13 23:19 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-11-13 23:19 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-11-13 23:19 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-11-13 23:19 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-11-13 23:19 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-11-13 23:19 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-11-13 23:19 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-11-13 23:19 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-11-13 23:19 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-11-13 23:19 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-11-13 23:19 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-11-13 23:19 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-11-13 23:19 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-11-13 23:19 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-11-13 23:19 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-11-13 23:19 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-11-13 23:19 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2019-11-13 23:19 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2019-11-13 23:19 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-11-13 23:19 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-11-13 23:19 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2019-11-13 23:19 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe 2019-11-13 23:19 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll 2019-11-13 23:19 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe 2019-11-13 23:19 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll 2019-11-13 23:19 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll 2019-11-13 23:19 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll 2019-11-13 23:19 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-11-13 23:19 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-11-13 23:19 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-11-13 23:19 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-11-13 23:19 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2019-11-13 23:19 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2019-11-13 23:19 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-11-13 23:19 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-11-13 23:19 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-11-13 23:19 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2019-11-13 23:19 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-11-13 23:19 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2019-11-13 23:19 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2019-11-13 23:19 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2019-11-13 23:19 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2019-11-13 23:19 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-11-13 23:19 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-11-13 23:19 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-11-13 23:19 - 2019-09-25 13:34 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-11-13 23:19 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-11-13 23:19 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-11-13 23:19 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-11-13 23:19 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2019-11-13 23:19 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll 2019-11-13 23:19 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll 2019-11-13 23:19 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll 2019-11-13 23:19 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll 2019-11-13 23:19 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll 2019-11-13 23:19 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll 2019-11-13 23:19 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll 2019-11-13 23:19 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll 2019-11-13 23:19 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll 2019-11-13 23:19 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2019-11-13 23:19 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2019-10-31 22:22 - 2019-10-31 22:22 - 000001140 _____ C:\Users\Public\Desktop\Avira.lnk 2019-10-31 22:22 - 2019-10-31 22:22 - 000001140 _____ C:\ProgramData\Desktop\Avira.lnk ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-24 00:24 - 2019-05-12 13:18 - 000000000 ____D C:\_Outlook_Datendateien 2019-11-23 23:37 - 2019-03-11 20:37 - 000000935 _____ C:\Windows\Tasks\EPSON ET-2750 Series Update {E8716E89-3534-42AC-B11F-0882846FC578}.job 2019-11-23 21:43 - 2014-10-20 09:17 - 000088164 _____ C:\Windows\system32\perfh007.dat 2019-11-23 21:43 - 2014-10-20 09:17 - 000018904 _____ C:\Windows\system32\perfc007.dat 2019-11-23 21:43 - 2014-03-18 16:26 - 000173128 _____ C:\Windows\system32\PerfStringBackup.INI 2019-11-23 21:43 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2019-11-23 21:40 - 2015-03-19 13:46 - 000000000 ____D C:\Users\Michael\Documents\Youcam 2019-11-23 21:40 - 2014-10-20 11:13 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo 2019-11-23 21:39 - 2015-03-19 14:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2019-11-23 21:39 - 2015-03-19 13:45 - 000000000 __SHD C:\Users\Michael\IntelGraphicsProfiles 2019-11-22 18:11 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness 2019-11-22 18:07 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-11-21 23:34 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-11-21 23:28 - 2015-03-26 20:35 - 000000000 ____D C:\_Temp_Audio 2019-11-21 20:27 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache 2019-11-21 20:08 - 2015-05-25 12:25 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-126779072-3366365184-2721121050-1001 2019-11-21 19:42 - 2019-03-11 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2019-11-21 19:42 - 2019-03-11 20:39 - 000000000 ____D C:\Program Files (x86)\EPSON Software 2019-11-21 17:53 - 2015-05-23 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-11-20 21:00 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-11-20 20:58 - 2015-03-23 10:36 - 000000000 ____D C:\Program Files\Microsoft Office 15 2019-11-19 22:52 - 2015-12-16 11:56 - 000000000 ____D C:\Users\Michael\AppData\Local\Deployment 2019-11-19 14:56 - 2013-08-22 15:44 - 000500152 _____ C:\Windows\system32\FNTCACHE.DAT 2019-11-17 16:43 - 2015-04-19 15:23 - 000000000 ____D C:\Windows\system32\appraiser 2019-11-17 16:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-11-17 16:43 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-11-17 16:43 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe 2019-11-17 16:43 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism 2019-11-17 11:13 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2019-11-17 11:06 - 2015-03-23 11:26 - 000000000 ____D C:\Windows\system32\MRT 2019-11-17 11:06 - 2014-04-24 17:12 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-11-11 21:10 - 2015-05-23 20:38 - 000208176 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2019-11-11 21:05 - 2015-03-19 13:44 - 000000000 ____D C:\Users\Michael\AppData\Local\Packages 2019-11-03 21:09 - 2019-05-05 12:20 - 000000000 ____D C:\Users\Michael\Desktop\SCANS 2019-10-31 22:20 - 2014-10-20 10:32 - 000000000 ____D C:\ProgramData\Package Cache 2019-10-29 21:18 - 2018-04-30 12:44 - 000000000 ____D C:\_Temp_Foto 2019-10-28 07:40 - 2018-02-05 15:47 - 000327168 ___SH C:\Users\Michael\Desktop\Thumbs.db ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2015-08-20 22:21 - 2017-05-16 23:03 - 000000685 _____ () C:\Users\Michael\AppData\Roaming\DriveCalculator Preferences 2015-04-15 22:03 - 2015-04-15 22:13 - 000026836 _____ () C:\Users\Michael\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2015-09-08 14:46 - 2016-08-29 19:30 - 000010752 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) LastRegBack: 2019-11-14 19:03 ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2019 durchgeführt von Michael (24-11-2019 00:30:43) Gestartet von C:\Users\Michael\Desktop\FARBAR Windows 8.1 (Update) (X64) (2015-03-19 12:44:45) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-126779072-3366365184-2721121050-500 - Administrator - Disabled) Gast (S-1-5-21-126779072-3366365184-2721121050-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-126779072-3366365184-2721121050-1004 - Limited - Enabled) Michael (S-1-5-21-126779072-3366365184-2721121050-1001 - Administrator - Enabled) => C:\Users\Michael Sicheres Internet (S-1-5-21-126779072-3366365184-2721121050-1002 - Limited - Enabled) => C:\Users\Sicheres Internet ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 3DF Zephyr Free Version 4.351 (HKLM\...\{53B4E599-2462-4A8F-B8D1-E736E7B5477D}_is1) (Version: 4.351 - 3Dflow srl) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems) Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AeroFly Professional Deluxe (HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.11.0709 - IPACS) AeroFly Professional Deluxe AddOn FMT Magazin (HKLM-x32\...\{C603C9F2-0600-4D6F-A669-7B2B63AF14D6}) (Version: 1.11.0701 - IPACS) ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 36111024.1637756.4759644.48 - Audible, Inc.) Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber) Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG) Autodesk Fusion 360 (HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5688 - Autodesk, Inc.) Avira (HKLM-x32\...\{d1005689-1fdc-458f-956d-498db20c18df}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{DA7052FA-B589-48D9-BF78-0A5AC11CB59A}) (Version: 1.2.138.20753 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{e2be50eb-5ea7-469b-9805-e29b51000bb6}) (Version: 1.2.137.23068 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1911.1660 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) calibre (HKLM-x32\...\{28E0D137-99C8-462E-BB12-FB1BD48BB7F3}) (Version: 0.9.33 - Kovid Goyal) calibre 64bit (HKLM\...\{103BE372-2B02-43DB-AEE9-B94E59BBE60F}) (Version: 2.21.0 - Kovid Goyal) cewe-fotoservice.de (HKLM-x32\...\cewe-fotoservice.de) (Version: 6.4.1 - CEWE Stiftung u Co. KGaA) Cura 2.7 (HKLM-x32\...\Cura 2.7) (Version: 2.7.0 - Ultimaker) CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PowerDirector 11 (HKLM\...\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.3910 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.3.0 - devolo AG) Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc) Druckerdeinstallation für EPSON ET-2750 Series (HKLM\...\EPSON ET-2750 Series) (Version: - Seiko Epson Corporation) ELAN Touchpad 11.10.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.10.26.3 - ELAN Microelectronic Corp.) Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation) EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-126779072-3366365184-2721121050-1001\...\195fa74437467f40) (Version: 2.3.4.0 - AVM Berlin) Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.303 - Huawei Technologies Co.,Ltd) Intel(R) Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3871 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Joe (HKLM-x32\...\{F8C986EA-13F8-4B39-91C3-A6B9A851CD34}) (Version: 4.01.0000 - Wirth IT Design) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.5189.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visio Viewer 2013 (HKLM-x32\...\{95150000-0052-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visio Viewer 2016 (HKLM\...\{95160000-0052-0407-1000-0000000FF1CE}) (Version: 16.0.4339.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mp3tag v2.69 (HKLM-x32\...\Mp3tag) (Version: v2.69 - Florian Heidenreich) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0105 - Pegatron Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7378 - Realtek Semiconductor Corp.) Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.) Simplify3D Software (HKLM\...\Simplify3D Software 3.1.1) (Version: 3.1.1 - Simplify3D) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TurboCAD 2D 19 (HKLM-x32\...\{68F4C2EC-841F-49C7-A959-FF1DE84E0969}) (Version: 19.1.444 - IMSIDesign) VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WingHelper 1.1.0 (HKLM-x32\...\{47CEAA4B-722D-4442-93ED-B00FAB78A2EE}_is1) (Version: - Wing Helper e.U.) Packages: ========= AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2016-08-14] (AccuWeather) Adera - Lite -> C:\Program Files\WindowsApps\Microsoft.Adera-Lite_1.2.0.25927_x86__8wekyb3d8bbwe [2015-03-23] (Microsoft Studios) Ashampoo ImageFX for Medion -> C:\Program Files\WindowsApps\AshampooMedion.AshampooImageFXforMedion_1.0.2.14_x64__g53hytncy48pj [2014-10-20] (Ashampoo GmbH & Co. KG) Cyberlink PhotoDirector_DE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.CyberlinkPhotoDirectorDE_2.1.4208.0_x86__fyjd2029wheaw [2015-06-19] (CYBERLINK COM) Cyberlink PowerDVD_BE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw [2014-10-20] (CYBERLINK COM) Cyberlink YouCam_DE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.YouCamforMedion_1.1.2118.27406_x86__fyjd2029wheaw [2014-10-20] (CYBERLINK COM) eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-03-23] (eBay, Inc) Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-12] (Microsoft Corporation) Medion Mediathek -> C:\Program Files\WindowsApps\D305113D.MedionMediathek_1.1.0.12_neutral__ka6x32c4zxtnt [2014-10-20] (Tune In) Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Studios) [MS Ad] Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-05-17] (Microsoft Studios) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-27] (Microsoft Studios) [MS Ad] MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad] MSN Nachrichten -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad] MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-05-02] (Microsoft Corporation) [MS Ad] MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-22] (Microsoft Corporation) [MS Ad] Musik -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-23] (Microsoft Corporation) [MS Ad] Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-16] (Microsoft Studios) SCHUFA-IdentSafe Special -> C:\Program Files\WindowsApps\SCHUFAHoldingAG.SCHUFA-IdentSafeSpecial_1.1.0.2_neutral__tpk8v36tk93y2 [2014-10-20] (SCHUFA Holding AG) Spiele -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-18] (Microsoft Corporation) [MS Ad] Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-26] (Microsoft Studios) [MS Ad] Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-08] (Microsoft Corporation) [MS Ad] Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_2.8.4.0_x86__8wekyb3d8bbwe [2015-06-19] (Microsoft Studios) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-126779072-3366365184-2721121050-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-126779072-3366365184-2721121050-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) CustomCLSID: HKU\S-1-5-21-126779072-3366365184-2721121050-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Autodesk\webdeploy\production\999917b56d84bad9b7325987880958e07a04d903\NPreview10.dll (Autodesk, Inc. -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Anwendungen\Tools\7zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Anwendungen\Adobe Acrobat\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-03-12] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-03-12] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Anwendungen\Tools\7zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Anwendungen\Tools\7zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Anwendungen\Adobe Acrobat\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2014-10-20 11:10 - 2013-09-17 23:23 - 000108032 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\PHotkey\PGFNEX.dll 2006-10-23 00:19 - 2006-10-23 00:19 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\acrotray.deu 2006-10-23 00:10 - 2006-10-23 00:10 - 000019968 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\AcroTray.FRA 2006-08-02 07:52 - 2006-08-02 07:52 - 000126976 ____R (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\asneu.dll 2006-09-14 23:20 - 2006-09-14 23:20 - 000212992 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\adobe_epic.dll 2006-09-14 23:46 - 2006-09-14 23:46 - 000208896 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\adobe_pcd.dll 2006-09-14 23:20 - 2006-09-14 23:20 - 000346112 ____R (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\adobe_personalization.dll 2006-10-23 01:32 - 2006-10-23 01:32 - 000012800 _____ (Adobe Systems Incorporated) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\PDFMaker\Office\PDFMOfficeAddin.DEU 2016-08-15 10:49 - 2016-08-15 10:49 - 000105472 _____ (AVM Berlin GmbH) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\managedupnp.DLL 2016-08-15 10:49 - 2016-08-15 10:49 - 000215040 _____ (AVM Berlin) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\avmacc32.dll 2016-08-15 10:49 - 2016-08-15 10:49 - 000756224 _____ (AVM Berlin) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\avmcsock.dll 2016-08-15 10:49 - 2016-08-15 10:49 - 000116224 _____ (AVM Berlin) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\avmssl.dll 2016-08-15 10:49 - 2016-08-15 10:49 - 000305664 _____ (AVM Berlin) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\upnpapicli.dll 2014-06-25 09:31 - 2014-06-25 09:31 - 000526336 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2014-06-25 09:31 - 2014-06-25 09:31 - 000296960 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2006-09-15 13:58 - 2006-09-15 13:58 - 000934400 ____R (Macrovision Europe Ltd.) [Datei ist nicht signiert] C:\Anwendungen\Adobe Acrobat\Acrobat\FNP_Act_Installer.dll 2014-10-20 11:33 - 2014-10-20 11:33 - 001093120 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL 2014-10-20 11:33 - 2014-10-20 11:33 - 000065536 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80DEU.DLL 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Windows\System32\enppmon.dll 2016-08-15 10:49 - 2016-08-15 10:49 - 001134592 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\LIBEAY32.dll 2016-08-15 10:49 - 2016-08-15 10:49 - 000234496 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\SSLEAY32.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Temp:5396B500 [358] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ========== ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Calibre2\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\ HKU\S-1-5-21-126779072-3366365184-2721121050-1001\Control Panel\Desktop\\Wallpaper -> C:\_Michaela_Michael_Maja___Daten\CIMG8591.JPG DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{3153B440-1248-49D1-92C5-B47D986ECBAA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe Keine Datei FirewallRules: [{FB386229-1F13-4389-A2B4-B930DD6A67A0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7F379222-6DBB-49B2-8CE9-4C846972DEA3}] => (Allow) LPort=2869 FirewallRules: [{C2BC7C08-EDAF-4EB1-8D31-9B5FA252A411}] => (Allow) LPort=1900 FirewallRules: [{77025E77-9B73-4B13-A386-3847480F140B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> ) FirewallRules: [{305BB159-57BE-4053-A844-2D0CCF1D202A}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE Keine Datei FirewallRules: [{7C2D8A6A-8530-43AE-9AE3-BFEE87C3BACC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{65E5B1D4-576F-445F-A2BC-78303CB23DD7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{2F10C619-2F59-476A-830F-5DEE5D26E8A7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{A66663B7-777B-4C4C-8475-E0ACAF21C91D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{DAD1DD8A-37C1-4E79-846C-128380B36B6C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D3C85CEB-1F78-402E-9B51-6EE99F2F63B7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8A345266-CC98-4D92-A3DF-B019EA87A0EA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{34D44323-37FE-4604-8E65-03361463C459}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe Keine Datei FirewallRules: [{5A9DE64A-C5D3-4E68-B891-312BF9C5DA08}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe Keine Datei FirewallRules: [{F5746A2D-BA57-4068-8043-AC276D028BBF}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe Keine Datei FirewallRules: [{01AA2B96-CA4E-4E51-AB71-BD17CE3C2FD5}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe Keine Datei FirewallRules: [{4754A094-42C9-4427-92A2-12349779BBAE}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{76585916-9D24-4399-A4B0-BDF892EF6FEC}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{4AA22213-142F-4E19-B593-AEFE200C340A}] => (Allow) C:\Anwendungen\Spiele\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9EEC78B9-C6B7-4BF1-BC45-D96E59EE0A6A}] => (Allow) C:\Anwendungen\Spiele\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{69E64434-0C55-4843-9B13-128C8CD412A0}] => (Allow) C:\Anwendungen\Spiele\bin\steamwebhelper.exe Keine Datei FirewallRules: [{D0668607-B5FA-420E-A719-9CF0DEA6934C}] => (Allow) C:\Anwendungen\Spiele\bin\steamwebhelper.exe Keine Datei FirewallRules: [{92929B8F-1D29-4FE2-8428-704474FC817D}] => (Allow) C:\Anwendungen\Spiele\SteamApps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{D53813FE-2413-4CF9-9374-FE92BE5479F1}] => (Allow) C:\Anwendungen\Spiele\SteamApps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{EFE08D9D-344E-4213-9441-38FC8F825168}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [{CBFCC7E1-055E-4E8F-A62A-5476D3C37AF4}] => (Allow) C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) FirewallRules: [TCP Query User{CD45162A-BA78-41F4-B65E-6CC15EB83B3B}C:\anwendungen\spiele\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Allow) C:\anwendungen\spiele\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games) [Datei ist nicht signiert] FirewallRules: [UDP Query User{4A13B8D4-38EF-4FD6-A850-A9FC5FBC19FE}C:\anwendungen\spiele\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Allow) C:\anwendungen\spiele\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games) [Datei ist nicht signiert] FirewallRules: [{58C08F93-2578-4077-A46D-C78426826F88}] => (Allow) C:\Anwendungen\Spiele\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7C431D44-F853-495F-AF0B-EB1A0A9BCEB1}] => (Allow) C:\Anwendungen\Spiele\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{74A0D4A9-7809-460A-A48E-2754F23A67EC}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG) FirewallRules: [{2832CB33-B28D-4C29-845C-8E1B4A31A4EC}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG) FirewallRules: [TCP Query User{8D358A78-9BE8-433B-95E5-80125EA659CC}C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe] => (Allow) C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{029F856A-5F09-42AB-ACF9-052F41F9AC36}C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe] => (Allow) C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{43CA6BAF-CDE6-4153-8554-CC304E6BE476}C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe] => (Allow) C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{31CF5760-1C1B-4E65-AF4B-9C6F8291050C}C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe] => (Allow) C:\anwendungen\modellbau\3d_druck\cura 2.7.0\cura 2.7\cura.exe () [Datei ist nicht signiert] FirewallRules: [{94D5FD03-6A21-41AB-8ECE-230DD1FE048A}] => (Allow) C:\Users\Michael\AppData\Local\Programs\Opera\56.0.3051.52\opera.exe Keine Datei FirewallRules: [{03B01493-5C98-4F27-B044-506631B5EF74}] => (Allow) C:\Users\Michael\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{C880DE5E-4CFB-4905-AC44-55D896E7615B}] => (Allow) C:\Users\Michael\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{9D4A993D-B08E-4BE5-AA32-3A478DE66EDA}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{9B8A65E7-397B-4B64-B321-7FE46972784C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{F51B4078-4073-49A9-9803-381338D4273B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C7AD7DBF-C93C-4042-A1E9-A778EADF1640}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 03-11-2019 19:38:56 Geplanter Prüfpunkt 10-11-2019 21:13:00 Geplanter Prüfpunkt 17-11-2019 11:04:49 Windows Update 21-11-2019 19:41:09 Installed Epson Printer Connection Checker ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/22/2019 06:31:23 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhostex (1964) IndexedDb: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf. Error: (11/22/2019 06:31:22 PM) (Source: ESENT) (EventID: 494) (User: ) Description: taskhostex (1964) IndexedDb: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\Michael\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung. Error: (11/21/2019 11:04:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: YouCam.exe, Version: 5.0.3907.0, Zeitstempel: 0x53197bf7 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0xadf12600 ID des fehlerhaften Prozesses: 0x9b0 Startzeit der fehlerhaften Anwendung: 0x01d5a0b7915e875b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: dbde42c6-0caa-11ea-835f-34de1a0b3253 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/21/2019 05:41:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: YouCam.exe, Version: 5.0.3907.0, Zeitstempel: 0x53197bf7 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0xadf12600 ID des fehlerhaften Prozesses: 0xac0 Startzeit der fehlerhaften Anwendung: 0x01d5a08a818f38a5 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: c64cc3a2-0c7d-11ea-835f-34de1a0b3253 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/20/2019 10:23:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: YouCam.exe, Version: 5.0.3907.0, Zeitstempel: 0x53197bf7 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0xadf12600 ID des fehlerhaften Prozesses: 0x1858 Startzeit der fehlerhaften Anwendung: 0x01d59fe8976364a8 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: f6a56725-0bdb-11ea-835f-34de1a0b3253 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/13/2019 05:57:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: YouCam.exe, Version: 5.0.3907.0, Zeitstempel: 0x53197bf7 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x5f982600 ID des fehlerhaften Prozesses: 0x1484 Startzeit der fehlerhaften Anwendung: 0x01d59a4368161a7b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: aeb444aa-0636-11ea-835e-34de1a0b3253 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/11/2019 08:59:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: fritzbox-usb-fernanschluss.exe, Version: 2.3.4.0, Zeitstempel: 0x57876978 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.19425, Zeitstempel: 0x5d26ae6e Ausnahmecode: 0xe0434352 Fehleroffset: 0x00034e28 ID des fehlerhaften Prozesses: 0x1fec Startzeit der fehlerhaften Anwendung: 0x01d597ff945d7230 Pfad der fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\KERNELBASE.dll Berichtskennung: b4eebbc1-04bd-11ea-835e-34de1a0b3253 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/11/2019 08:58:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: fritzbox-usb-fernanschluss.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.AccessViolationException bei AVM.AuraClient.CManagedUpnpDll.GetLastEvent(System.Text.StringBuilder, Int32) bei AVM.AuraClient.Window1.UPnPEventVarHandler(System.Object, System.EventArgs) Ausnahmeinformationen: System.Reflection.TargetInvocationException bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean) bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[]) bei System.Delegate.DynamicInvokeImpl(System.Object[]) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) bei System.Windows.Threading.DispatcherOperation.InvokeImpl() bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Windows.Threading.DispatcherOperation.Invoke() bei System.Windows.Threading.Dispatcher.ProcessQueue() bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) bei System.Windows.Application.RunDispatcher(System.Object) bei System.Windows.Application.RunInternal(System.Windows.Window) bei System.Windows.Application.Run(System.Windows.Window) bei AVM.AuraClient.App.Main() Systemfehler: ============= Error: (11/24/2019 12:26:50 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20. Error: (11/23/2019 11:32:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20. Error: (11/23/2019 09:50:49 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL) Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/23/2019 09:50:19 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL) Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/22/2019 06:24:20 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL) Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/22/2019 06:23:50 PM) (Source: DCOM) (EventID: 10010) (User: MICHAEL) Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/22/2019 06:16:06 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Error: (11/22/2019 06:16:06 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Windows Defender: =================================== Date: 2015-05-23 21:29:33.839 Description: Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {7BD458E3-8400-4F4E-B744-7EF5EC9E51F1} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2015-05-23 21:19:01.465 Description: Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {58160747-091F-4B37-A2F5-CC016458E401} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2015-05-23 21:13:38.880 Description: Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {355E9DB1-A25D-407E-8A44-273AA6919393} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2015-05-23 20:58:47.045 Description: Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {803DF5AC-3FB3-421D-8B53-1100265F87D9} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2019-04-23 14:25:21.336 Description: Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Betroffene Signaturen: Sicherung Fehlercode: 0x80073aba Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel. Signaturversion: 1.183.1460.0;1.183.1460.0 Modulversion: 1.1.10904.0 Date: 2017-03-23 18:18:46.850 Description: Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Betroffene Signaturen: Sicherung Fehlercode: 0x80073aba Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel. Signaturversion: 1.183.1460.0;1.183.1460.0 Modulversion: 1.1.10904.0 Date: 2017-03-23 18:18:46.522 Description: Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Betroffene Signaturen: Aktuell Fehlercode: 0x80073aba Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel. Signaturversion: 1.185.3406.0;1.185.3406.0 Modulversion: 1.1.11005.0 Date: 2015-05-23 20:43:18.218 Description: Fehler von Windows Defender beim Aktualisieren von Signaturen. Neue Signaturversion: Vorherige Signaturversion: 113.0.0.0 Updatequelle: Microsoft Center zum Schutz vor Schadsoftware Signaturtyp: Netzwerkinspektionssystem Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: Vorherige Modulversion: 2.1.11005.0 Fehlercode: 0x80072ee7 Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. Date: 2015-05-23 20:43:18.203 Description: Fehler von Windows Defender beim Aktualisieren von Signaturen. Neue Signaturversion: Vorherige Signaturversion: 1.185.3406.0 Updatequelle: Microsoft Center zum Schutz vor Schadsoftware Signaturtyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\Netzwerkdienst Aktuelle Modulversion: Vorherige Modulversion: 1.1.11005.0 Fehlercode: 0x80072ee7 Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. CodeIntegrity: =================================== Date: 2016-05-31 22:53:40.791 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-31 22:53:40.477 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-31 22:53:37.409 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-31 22:53:37.145 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-31 00:08:49.803 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-31 00:08:49.561 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-30 23:25:54.897 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-30 23:25:54.546 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 205 11/15/2014 Hauptplatine: Medion Akoya E7416T Prozessor: Intel(R) Pentium(R) 3805U @ 1.90GHz Prozentuale Nutzung des RAM: 72% Installierter physikalischer RAM: 4015 MB Verfügbarer physikalischer RAM: 1097.46 MB Summe virtueller Speicher: 4719 MB Verfügbarer virtueller Speicher: 1262.37 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:427.6 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:44.68 GB) NTFS \\?\Volume{def9a7e4-be20-474a-9129-96283c1eb040}\ () (Fixed) (Total:0.49 GB) (Free:0.23 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Nun ist auch der Amazon-Account betroffen. Hier wurde eine fremde Email-Adresse eingetragen. Ich habe den Account daher erst einmal sperren lassen. Gruß Michael Geändert von m.w. (24.11.2019 um 00:57 Uhr) |
24.11.2019, 11:26 | #2 | ||
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sichMein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Zitat:
Von welchen Programmen sprichst du denn? Oder meinst du mit "Programme" die Online-Plattformen (Ebay, Amazon, etc.)? Zitat:
Viel wahrscheinlicher ist es, dass Kriminelle (kürzlich oder auch schon vor Monaten) an deine Zugangsdaten gekommen sind. Dabei werden Datensätze, die nicht von den Plattformen entsprechend gesichert wurden, abgegriffen. Diese Datensätze werden dann später im Darknet verkauft. Andere Kriminelle nutzen nun diese Datensätze, wollen Zugriff auf die Konten... etc. etc. Wir kontrollieren deinen PC jetzt mal auf Schadsoftware, aber ich bezweifle, dass wir etwas Relevantes finden werden. Die Logdateien von FRST sind schon mal unauffällig. Schritt 1 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Geändert von M-K-D-B (24.11.2019 um 21:02 Uhr) |
24.11.2019, 12:52 | #3 | |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias,
__________________vielen Dank, dass du dichmeiner annimmst.... Zitat:
Ich werde jetzt "TDSSKiller" starten und mich dann wieder melden. Gruß Michael |
24.11.2019, 13:17 | #4 |
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich |
24.11.2019, 14:28 | #5 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias, In den Settings des "TDSSKiller" tauchte entgegen der Anleitungs-Screenshots noch die Option Objects to scan: BIOS auf. Diese habe ich angehakt gelassen. Es wurden keine Rootkits gefunden, Report folgt. Gruß Michael Teil 1: Code:
ATTFilter 14:06:24.0615 0x1aec TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46 14:06:24.0615 0x1aec UEFI system 14:06:45.0890 0x1aec ============================================================ 14:06:45.0890 0x1aec Current date / time: 2019/11/24 14:06:45.0890 14:06:45.0890 0x1aec SystemInfo: 14:06:45.0890 0x1aec 14:06:45.0890 0x1aec OS Version: 6.3.9600 ServicePack: 0.0 14:06:45.0890 0x1aec Product type: Workstation 14:06:45.0890 0x1aec ComputerName: MICHAEL 14:06:45.0890 0x1aec UserName: Michael 14:06:45.0890 0x1aec Windows directory: C:\Windows 14:06:45.0890 0x1aec System windows directory: C:\Windows 14:06:45.0890 0x1aec Running under WOW64 14:06:45.0890 0x1aec Processor architecture: Intel x64 14:06:45.0890 0x1aec Number of processors: 2 14:06:45.0890 0x1aec Page size: 0x1000 14:06:45.0890 0x1aec Boot type: Normal boot 14:06:45.0890 0x1aec CodeIntegrityOptions = 0x00000001 14:06:45.0890 0x1aec ============================================================ 14:06:52.0781 0x1aec KLMD registered as C:\Windows\system32\drivers\06544993.sys 14:06:52.0781 0x1aec KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.19538, osProperties = 0x19 14:06:53.0344 0x1aec System UUID: {4C392736-917A-A4C3-62A5-AE0A221803E1} 14:06:54.0016 0x1aec Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:06:54.0031 0x1aec ============================================================ 14:06:54.0031 0x1aec \Device\Harddisk0\DR0: 14:06:54.0031 0x1aec GPT partitions: 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DEF9A7E4-BE20-474A-9129-96283C1EB040}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9B8A9D7A-F42C-4729-A925-9919E2CC8889}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {14D7868E-39B5-4826-9360-C2F7D804C8F5}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {D87CA12A-2B9F-456C-85A7-BAA2E04CF278}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BDB4750A-3439-4250-BC2E-1CBE2A5ACBDD}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x6CB9A000 14:06:54.0031 0x1aec \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0CF6A3B4-470F-4F0B-9D09-3F9989BD3BE8}, Name: Basic data partition, StartLBA 0x6CF06000, BlocksNum 0x77FE000 14:06:54.0031 0x1aec MBR partitions: 14:06:54.0031 0x1aec ============================================================ 14:06:54.0078 0x1aec C: <-> \Device\Harddisk0\DR0\Partition5 14:06:54.0109 0x1aec D: <-> \Device\Harddisk0\DR0\Partition6 14:06:54.0109 0x1aec ============================================================ 14:06:54.0109 0x1aec Initialize success 14:06:54.0109 0x1aec ============================================================ 14:12:06.0004 0x0944 ============================================================ 14:12:06.0004 0x0944 Scan started 14:12:06.0004 0x0944 Mode: Manual; SigCheck; TDLFS; 14:12:06.0004 0x0944 ============================================================ 14:12:06.0004 0x0944 KSN ping started 14:12:06.0129 0x0944 KSN ping finished: true 14:12:08.0129 0x0944 ================ Scan BIOS ================================= 14:12:08.0129 0x0944 BIOS info: vendor = American Megatrends Inc., version = 205, releaseDate = 11/15/2014 14:12:08.0129 0x0944 Base board info: manufacturer = Medion, product = Akoya E7416T, version = 1.0 14:12:10.0301 0x0944 [ 8C7F9D0E6A8A57CAA0D10649C401B1CF, C5ED4C623E53CEF25C5B27A2DCD26F60A562517404979A7954854891AC5E0CF9 ] BIOS 14:12:10.0301 0x0944 BIOS - ok 14:12:10.0301 0x0944 ================ Scan system memory ======================== 14:12:10.0301 0x0944 System memory - ok 14:12:10.0301 0x0944 ================ Scan services ============================= 14:12:10.0551 0x0944 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 14:12:10.0629 0x0944 1394ohci - ok 14:12:10.0645 0x0944 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 14:12:10.0676 0x0944 3ware - ok 14:12:10.0723 0x0944 [ 508526EB2308D259DB8542FF50E9112C, DBF657F5D8890E2F58D3EE47B5F5A98DFB838CDD2871CE580B3FC1BDDC2A590E ] ACPI C:\Windows\system32\drivers\ACPI.sys 14:12:10.0770 0x0944 ACPI - ok 14:12:10.0785 0x0944 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 14:12:10.0801 0x0944 acpiex - ok 14:12:10.0801 0x0944 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 14:12:10.0848 0x0944 acpipagr - ok 14:12:10.0863 0x0944 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 14:12:10.0926 0x0944 AcpiPmi - ok 14:12:10.0941 0x0944 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 14:12:10.0957 0x0944 acpitime - ok 14:12:11.0051 0x0944 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:12:11.0082 0x0944 AdobeARMservice - ok 14:12:11.0129 0x0944 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 14:12:11.0160 0x0944 ADP80XX - ok 14:12:11.0207 0x0944 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 14:12:11.0285 0x0944 AeLookupSvc - ok 14:12:11.0348 0x0944 [ B246BEE99740A2A357E21D863A18774D, CE000059C157101D6C429594E76A69C4E863A9E752015D542E4F308E8D515386 ] AFD C:\Windows\system32\drivers\afd.sys 14:12:11.0441 0x0944 AFD - ok 14:12:11.0457 0x0944 [ 20FFFCA6E9870E358DBE402F7DBD3E6C, 8F964219C777C86ECC572E8B340C814CA09A0B88E4F1CF3DE4D5F1FD115D73ED ] agp440 C:\Windows\system32\drivers\agp440.sys 14:12:11.0473 0x0944 agp440 - ok 14:12:11.0504 0x0944 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 14:12:11.0535 0x0944 ahcache - ok 14:12:11.0566 0x0944 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe 14:12:11.0613 0x0944 ALG - ok 14:12:11.0660 0x0944 [ 4A3FAD94DC163A7C145EB7609D38925C, 81F4745EDC3267412016EE5FF954D9AAD60122421B5D3D9AA814DB2E464397A0 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 14:12:11.0738 0x0944 AmdK8 - ok 14:12:11.0754 0x0944 [ 466133F035543C450C6AC00B8860FDA4, 417F259B97E5AFD405ED9235551E31860A66D84868306AF90E94A46BAA0F6D75 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 14:12:11.0801 0x0944 AmdPPM - ok 14:12:11.0816 0x0944 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 14:12:11.0832 0x0944 amdsata - ok 14:12:11.0863 0x0944 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 14:12:11.0879 0x0944 amdsbs - ok 14:12:11.0895 0x0944 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 14:12:11.0910 0x0944 amdxata - ok 14:12:11.0941 0x0944 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL C:\Windows\System32\drivers\AMPPAL.sys 14:12:11.0957 0x0944 AMPPAL - ok 14:12:11.0973 0x0944 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 14:12:11.0973 0x0944 AMPPALP - ok 14:12:12.0082 0x0944 [ E307ED976D238B30B247108D1978A377, AF65336156897B0E28F2FA7306CEF2239FA0475C9542181003B44C643F19EC33 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 14:12:12.0129 0x0944 AMPPALR3 - ok 14:12:12.0207 0x0944 [ A7CDA874AED0B0AAE36BF37CF483FB49, 8C70438003E1BFD586CD0099CB56693B97ABA1BD054CE436034EC53BB327D75C ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 14:12:12.0254 0x0944 AntiVirMailService - ok 14:12:12.0316 0x0944 [ 61EDD5F12E29279788AB8E8E87273217, F5AAB49A3ECD7D41A947FCBF511D3CB677D3095BF3860BCE7F9927B5FDBC394F ] AntivirProtectedService C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe 14:12:12.0348 0x0944 AntivirProtectedService - ok 14:12:12.0379 0x0944 [ 719F1998D74156F1CD404CCF677CB531, 2C3910F4831CC5C2872241980790BBD9A9C0C378FB19623A2ECFF76A42088A64 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 14:12:12.0410 0x0944 AntiVirSchedulerService - ok 14:12:12.0441 0x0944 [ 719F1998D74156F1CD404CCF677CB531, 2C3910F4831CC5C2872241980790BBD9A9C0C378FB19623A2ECFF76A42088A64 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 14:12:12.0473 0x0944 AntiVirService - ok 14:12:12.0504 0x0944 [ C382AE05BFEF27CEDB4A935F68259C0D, C39197C060D63909A593B87387F93215A0E3256AE7E8A3D89A6FB8F2F47389F7 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 14:12:12.0535 0x0944 AntiVirWebService - ok 14:12:12.0566 0x0944 [ 2949C9F3F4E8C7A7D2F9F0C115A69C23, 7D015BE92F4EC7E6DE12C893AAB36EC9BBB0F2304F904EEE4C9F521E2FD7211C ] AppID C:\Windows\system32\drivers\appid.sys 14:12:12.0629 0x0944 AppID - ok 14:12:12.0660 0x0944 [ 942C8297400FCFB13CEE3F3CD89C5CE5, AFD9EC35F6C44D86DD5943A2AB0B99B0C1B1783D70FD966F6467F97F0831403F ] AppIDSvc C:\Windows\System32\appidsvc.dll 14:12:12.0691 0x0944 AppIDSvc - ok 14:12:12.0770 0x0944 [ 54ACF58A59A5FD3AD29EABBECA5B5BA4, B3B7572E93ACFF3CCB08968F33B796A6FC6DDCF75F48038A0626E46997AAD2D1 ] Appinfo C:\Windows\System32\appinfo.dll 14:12:12.0801 0x0944 Appinfo - ok 14:12:12.0863 0x0944 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll 14:12:12.0910 0x0944 AppReadiness - ok 14:12:12.0988 0x0944 [ D21871CED357F1314E8AFF5C7C1AA104, 819BD7712B83BBFEC3FCBB28EF803F3ED014D4D707FE77B53FDEA13EB2241E63 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 14:12:13.0082 0x0944 AppXSvc - ok 14:12:13.0113 0x0944 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 14:12:13.0129 0x0944 arcsas - ok 14:12:13.0160 0x0944 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 14:12:13.0176 0x0944 atapi - ok 14:12:13.0207 0x0944 [ 40064D2FCFE830149B0EB3C11BD83ECE, 3162AE54DD28B7DB952D27A4B7AE5F68F2C3B4DF3AB64EBE267F07A619893844 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 14:12:13.0270 0x0944 AudioEndpointBuilder - ok 14:12:13.0348 0x0944 [ 40090C9604E2D1F0562B216188BAD6F6, 3B12836FEDC8F0E31B5FEDCC4328DCBFB88EF836A3787094FD417E74BC71D0E2 ] Audiosrv C:\Windows\System32\Audiosrv.dll 14:12:13.0410 0x0944 Audiosrv - ok 14:12:13.0457 0x0944 [ 04BE924DF267A19A78324A3895AA9819, B01A4AF25604FA82C2DAC88F3CE08AFC23F189296F6C17DA1C4497A52564A641 ] avdevprot C:\Windows\system32\DRIVERS\avdevprot.sys 14:12:13.0473 0x0944 avdevprot - ok 14:12:13.0504 0x0944 [ 6FF1BDB1139FF87025B4A1E2A4B2EAD5, 5583FFBDA7418642E447EA76DF94BABF0FB5E76C0F688E8E36DD7AA16147B2EC ] avelam C:\Windows\system32\drivers\avelam.sys 14:12:13.0520 0x0944 avelam - ok 14:12:13.0535 0x0944 [ 654FE9C2688B07C2EB14D12A52736E7B, D7E219B7D9E49FAB68D06B21E88371645756045AA30081701D98751259DA6B99 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 14:12:13.0551 0x0944 avgntflt - ok 14:12:13.0567 0x0944 [ 5B1DE9574012D42C29A051F862A9F185, A257E4E9A10658A1F5D7A98B6E29F678FFCF7208FD0A75CF92576CB1A1585E2B ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 14:12:13.0582 0x0944 avipbb - ok 14:12:13.0676 0x0944 [ 84A5FB4432E0D9FD92F1567710B44C76, B011255D0A147DA456B9841F43536A0ED0BE5F6B244B7B72AF368AF812F7AB71 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 14:12:13.0707 0x0944 Avira.ServiceHost - ok 14:12:13.0738 0x0944 [ 40786E1AC650F9F7E8B67A672B5EB69E, C754DD80F8F3E19144FFB01A17AACE2176CB5A8DD404A38CE6EC4ED88B6AF759 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 14:12:13.0754 0x0944 avkmgr - ok 14:12:13.0785 0x0944 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\Windows\System32\drivers\avmaura.sys 14:12:13.0848 0x0944 avmaura - ok 14:12:13.0863 0x0944 [ 6582D694C9CEEA44096EA333E5D38FC6, BCD3FE682E4E8040877B6AC27593CD9697EC9D6AC13C8E434CC697DC07DF22AC ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 14:12:13.0879 0x0944 avnetflt - ok 14:12:13.0910 0x0944 [ 256622221AEF0AEBE718D146567B8D29, 676038538A0376C3F7478EF626A3DE96071B766B1A57A1F8BBDBF3CAF317664E ] AxInstSV C:\Windows\System32\AxInstSV.dll 14:12:13.0957 0x0944 AxInstSV - ok 14:12:13.0988 0x0944 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 14:12:14.0020 0x0944 b06bdrv - ok 14:12:14.0051 0x0944 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 14:12:14.0098 0x0944 BasicDisplay - ok 14:12:14.0129 0x0944 [ BF002CF6CA41491665F7D3DCA51B7EFB, 4925B7689B47C583901CD75E7AB9160100838D5E33B829EB3CA4F71F7514958B ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 14:12:14.0238 0x0944 BasicRender - ok 14:12:14.0270 0x0944 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 14:12:14.0270 0x0944 bcmfn2 - ok 14:12:14.0317 0x0944 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll 14:12:14.0426 0x0944 BDESVC - ok 14:12:14.0426 0x0944 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 14:12:14.0473 0x0944 Beep - ok 14:12:14.0551 0x0944 [ 4BA5C192E77375B62D603B38B9D99128, E1BF8646DA927EF81A9B940D0FAE7E49116A713F335625C5E18224BBB79F165E ] BFE C:\Windows\System32\bfe.dll 14:12:14.0629 0x0944 BFE - ok 14:12:14.0691 0x0944 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll 14:12:14.0754 0x0944 BITS - ok 14:12:14.0848 0x0944 [ E66FA967B5659C5725344582F250A6E9, 1C8DFF65E414EA3ADD8992F19E95F96FDBC557D101B29E3138DBCF364E7E4115 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 14:12:14.0895 0x0944 Bluetooth Device Monitor - ok 14:12:14.0941 0x0944 [ 13323CD3010EDFD7E72104E3EE415692, 9453CBC6D7F5CCFD915C8C3050B755B3493327B410E15D982FAAF59B6FDF245C ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 14:12:14.0988 0x0944 Bluetooth OBEX Service - ok 14:12:15.0020 0x0944 [ A9DB66E4A411D06B2EB41B3C39922BD0, B2BC8C4BF1E566325CDE327526A028B7B43708905F7B7D159DFD0F7BFC88B554 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 14:12:15.0098 0x0944 bowser - ok 14:12:15.0145 0x0944 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 14:12:15.0207 0x0944 BrokerInfrastructure - ok 14:12:15.0238 0x0944 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll 14:12:15.0285 0x0944 Browser - ok 14:12:15.0301 0x0944 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 14:12:15.0363 0x0944 BthAvrcpTg - ok 14:12:15.0395 0x0944 [ 524DB65928BCF70071DFF03726C32615, AED6465E9312E76BE2783AFBD1B07790E3A27E703E4EE42379C82FB8624E7AF6 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys 14:12:15.0473 0x0944 BthEnum - ok 14:12:15.0488 0x0944 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 14:12:15.0520 0x0944 BthHFEnum - ok 14:12:15.0535 0x0944 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 14:12:15.0551 0x0944 bthhfhid - ok 14:12:15.0598 0x0944 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll 14:12:15.0629 0x0944 BthHFSrv - ok 14:12:15.0645 0x0944 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys 14:12:15.0707 0x0944 BthLEEnum - ok 14:12:15.0723 0x0944 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 14:12:15.0785 0x0944 BTHMODEM - ok 14:12:15.0817 0x0944 [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan C:\Windows\System32\drivers\bthpan.sys 14:12:15.0879 0x0944 BthPan - ok 14:12:15.0957 0x0944 [ EA33D37913275A2BFF1FD87327631F01, 2875933471DF471B5CF13919AFD262564FB42F7E97AFF1D03E38E2C0522131A8 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 14:12:16.0051 0x0944 BTHPORT - ok 14:12:16.0113 0x0944 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll 14:12:16.0176 0x0944 bthserv - ok 14:12:16.0207 0x0944 [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 14:12:16.0223 0x0944 BTHSSecurityMgr - ok 14:12:16.0270 0x0944 [ 3AEB6B0E633D13D5CC8E44595EEB5F25, 253DDDB016AACFC6D726FEDFAE73B8394CB6017ED82121416602BD8E1B48A2A0 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 14:12:16.0301 0x0944 BTHUSB - ok 14:12:16.0348 0x0944 [ 70F8310E8B36DFCAD9A11720929E20ED, 1E591FE15F59474CD9D9241197F7EB784F331B800BA2DCF9F5680D4408CE0D9C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 14:12:16.0379 0x0944 btmaux - ok 14:12:16.0410 0x0944 [ 94A99773CC88E25E61E99EB137D7C176, 02B113C6E6577C2A931B79D839B626CDB16A59C800BACC7B750A5F2597F527A2 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 14:12:16.0457 0x0944 btmhsf - ok 14:12:16.0504 0x0944 [ C17B61862B3C0D795A3FC68622D6729B, A8A65701400A799C8D56E86681C5A9889D5A56BD49F8414BA0EEB15E48DE0526 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 14:12:16.0566 0x0944 cdfs - ok 14:12:16.0613 0x0944 [ D61EDE3D49B04E703AEC3B111C763F42, A07780B7AAA982B1971C1FE3B597840541BF9FCE9D8322807C9C12300F9D2987 ] cdrom C:\Windows\System32\drivers\cdrom.sys 14:12:16.0660 0x0944 cdrom - ok 14:12:16.0692 0x0944 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc C:\Windows\System32\certprop.dll 14:12:16.0738 0x0944 CertPropSvc - ok 14:12:16.0770 0x0944 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 14:12:16.0801 0x0944 circlass - ok 14:12:16.0832 0x0944 [ E08E3D93D2D2FD119959D7BB9383AE9E, B7AC717AE09D9285CC48B0A58F6B64D34004297F48858F01C61CC0DC05DA7F0A ] CLFS C:\Windows\system32\drivers\CLFS.sys 14:12:16.0863 0x0944 CLFS - ok 14:12:17.0035 0x0944 [ C3DA4C782B79B25FCB085C5AB567FBF9, F23CB4BAD530E4509957654A36ED3DB6404874846662C321359C414F96CDCAAB ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 14:12:17.0145 0x0944 ClickToRunSvc - ok 14:12:17.0176 0x0944 [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 14:12:17.0191 0x0944 CLVirtualDrive - ok 14:12:17.0207 0x0944 [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 14:12:17.0207 0x0944 clwvd - ok 14:12:17.0238 0x0944 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 14:12:17.0301 0x0944 CmBatt - ok 14:12:17.0363 0x0944 [ 2D86922A88BDC74E769C47A51E66B5ED, 4833434DFB8F7279C8EA4F0204D2762B3A905E1973CF3B9D4D68906FF9E06B3A ] CNG C:\Windows\system32\Drivers\cng.sys 14:12:17.0395 0x0944 CNG - ok 14:12:17.0410 0x0944 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 14:12:17.0442 0x0944 CompositeBus - ok 14:12:17.0457 0x0944 COMSysApp - ok 14:12:17.0457 0x0944 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 14:12:17.0504 0x0944 condrv - ok 14:12:17.0613 0x0944 [ 4ED5306AF5549E525B4C173F7A504B8B, 83BC3F631380D66E2944008D9342DDAA7BAA0243EDF89F88973FBD9086865594 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 14:12:17.0645 0x0944 cphs - ok 14:12:17.0676 0x0944 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll 14:12:17.0738 0x0944 CryptSvc - ok 14:12:17.0754 0x0944 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys 14:12:17.0754 0x0944 dam - ok 14:12:17.0848 0x0944 [ 490B92124B583E021B9EEED7BC654DED, 79A955478C1FA0D9F97A56ADF4AA119352D0130926ED70344862969B8EC75194 ] DcomLaunch C:\Windows\system32\rpcss.dll 14:12:17.0926 0x0944 DcomLaunch - ok 14:12:17.0973 0x0944 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll 14:12:18.0035 0x0944 defragsvc - ok 14:12:18.0082 0x0944 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll 14:12:18.0145 0x0944 DeviceAssociationService - ok 14:12:18.0176 0x0944 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 14:12:18.0207 0x0944 DeviceInstall - ok 14:12:18.0426 0x0944 [ 8761D5A2C223B4D1AB6B474196EA969C, DD3CDDE0CA345F114357E6F3B088D410BF5C00B269A0D0A5B7BF2CF46456717E ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe 14:12:18.0535 0x0944 DevoloNetworkService - ok 14:12:18.0582 0x0944 [ D1049D4D1311D43F6FCF180CAA5BF78B, E32D3B0FB3CFE2E9C243E7540B9A534B6B5B53759A3883A231EB69F4A8C823C1 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 14:12:18.0613 0x0944 Dfsc - ok 14:12:18.0645 0x0944 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 14:12:18.0660 0x0944 dg_ssudbus - ok 14:12:18.0707 0x0944 [ 25A0BFA57A80D757C1927F65A76D78B7, 7308B5C20895EF1B98D9B4F22694FB9AA4550E7F7A4341B533F3DBEA2A25338F ] Dhcp C:\Windows\system32\dhcpcore.dll 14:12:18.0770 0x0944 Dhcp - ok 14:12:18.0848 0x0944 [ 3F317ADDC69826A8A8EBB9BC5B17826B, D789E4B96556797424D2573189A8CD0929525C3109BCC04E37C434212DF9A0EF ] DiagTrack C:\Windows\system32\diagtrack.dll 14:12:18.0942 0x0944 DiagTrack - ok 14:12:18.0988 0x0944 [ BF6D8575DDF30384939B2D5251F27C1F, 1605530BC61FB726F1095C5B5C8E27B18C06BCE01948550988E9EDCEBBCC0B3D ] disk C:\Windows\system32\drivers\disk.sys 14:12:19.0004 0x0944 disk - ok 14:12:19.0020 0x0944 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 14:12:19.0067 0x0944 dmvsc - ok 14:12:19.0129 0x0944 [ 2777CAC4B6E23C95A7C6E11701F4ED62, 0B6E2D46FD66BFB1AACF80A4E42B31470A6335FE484F469E478BFCDBA9B84F66 ] Dnscache C:\Windows\System32\dnsrslvr.dll 14:12:19.0160 0x0944 Dnscache - ok 14:12:19.0192 0x0944 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll 14:12:19.0254 0x0944 dot3svc - ok 14:12:19.0285 0x0944 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll 14:12:19.0316 0x0944 DPS - ok 14:12:19.0348 0x0944 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 14:12:19.0363 0x0944 drmkaud - ok 14:12:19.0410 0x0944 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 14:12:19.0488 0x0944 DsmSvc - ok 14:12:19.0551 0x0944 [ D9E5361EEA3C16F9F3BAD6424DAAB9FC, A6702689529C522297326B0EE4B2E327CB0314EDE744D465003E8F961298D1D8 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 14:12:19.0629 0x0944 DXGKrnl - ok 14:12:19.0645 0x0944 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll 14:12:19.0692 0x0944 Eaphost - ok 14:12:19.0801 0x0944 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 14:12:19.0926 0x0944 ebdrv - ok 14:12:19.0973 0x0944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe 14:12:19.0988 0x0944 EFS - ok 14:12:20.0004 0x0944 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 14:12:20.0020 0x0944 EhStorClass - ok 14:12:20.0035 0x0944 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 14:12:20.0051 0x0944 EhStorTcgDrv - ok 14:12:20.0098 0x0944 [ 859DF918E0B44E764D394E940C4717AD, 818E6C4D08FCDCA9B2B90EDE68E093359A03E20F368B4484618FC356700DB125 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe 14:12:20.0113 0x0944 EpsonScanSvc - ok 14:12:20.0129 0x0944 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 14:12:20.0160 0x0944 ErrDev - ok 14:12:20.0192 0x0944 [ C049F5042CA51D5AC0400EA4DE6675E8, 1C2913C6B4AC59735C35C43DC04EE352D06320AB14FBDA0BD37AB00C4167410A ] ETD C:\Windows\system32\DRIVERS\ETD.sys 14:12:20.0223 0x0944 ETD - ok 14:12:20.0223 0x0944 [ 7825C33E164E23CAAF5187F3C2031593, A02D5328168DCF755993BBFF38CA0FEB5538751E9889DE00021496EE66A35E87 ] ETDSMBus C:\Windows\system32\DRIVERS\ETDSMBus.sys 14:12:20.0238 0x0944 ETDSMBus - ok 14:12:20.0301 0x0944 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll 14:12:20.0379 0x0944 EventSystem - ok 14:12:20.0473 0x0944 [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 14:12:20.0504 0x0944 EvtEng - ok 14:12:20.0535 0x0944 [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\Windows\System32\drivers\ew_usbccgpfilter.sys 14:12:20.0582 0x0944 ew_usbccgpfilter - ok 14:12:20.0629 0x0944 [ 2AF4299C296390EFCF9B72FA77E90019, 04C11EE58F612A09C6DBA958308B4E6AF0E3DFE5FC58E25EDFA3F6249BA45628 ] exfat C:\Windows\system32\drivers\exfat.sys 14:12:20.0676 0x0944 exfat - ok 14:12:20.0707 0x0944 [ 858254B9CB16B912CAA4A6C4903971B9, C738CDCCFC0AEE289C0A775794D92069265F172FC9C8F7FF94968FCCB6016BC8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 14:12:20.0738 0x0944 fastfat - ok 14:12:20.0801 0x0944 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe 14:12:20.0863 0x0944 Fax - ok 14:12:20.0879 0x0944 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 14:12:20.0910 0x0944 fdc - ok 14:12:20.0942 0x0944 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll 14:12:20.0988 0x0944 fdPHost - ok 14:12:21.0020 0x0944 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll 14:12:21.0051 0x0944 FDResPub - ok 14:12:21.0082 0x0944 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll 14:12:21.0160 0x0944 fhsvc - ok 14:12:21.0192 0x0944 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 14:12:21.0207 0x0944 FileInfo - ok 14:12:21.0223 0x0944 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 14:12:21.0301 0x0944 Filetrace - ok 14:12:21.0379 0x0944 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 14:12:21.0410 0x0944 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:21.0488 0x0944 Detect skipped due to KSN trusted 14:12:21.0488 0x0944 FLEXnet Licensing Service - ok 14:12:21.0520 0x0944 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 14:12:21.0551 0x0944 flpydisk - ok 14:12:21.0598 0x0944 [ 421CB7F63395A6C2A3F5D01577B73AB0, FA416D7D182ECE9419CDC44FAEB76FA55DD64C5D655B4A8DED5B3AE93C80F9AE ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 14:12:21.0660 0x0944 FltMgr - ok 14:12:21.0754 0x0944 [ 95DCBD57C61805744EA7F3D6D0EF0300, 4352F7D9F80B2C9E402A2BC1920C49A8F8B6FDE66C334BE476865EABF089A6AE ] FontCache C:\Windows\system32\FntCache.dll 14:12:21.0832 0x0944 FontCache - ok 14:12:21.0895 0x0944 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:12:21.0926 0x0944 FontCache3.0.0.0 - ok 14:12:21.0957 0x0944 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 14:12:21.0973 0x0944 FsDepends - ok 14:12:21.0988 0x0944 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 14:12:22.0004 0x0944 Fs_Rec - ok 14:12:22.0035 0x0944 [ D5F53AFCD0D6E0A2925BFFF9E2605552, 8C494A63B270D8605AB9A4AD7D5AE074F7D466D64ADBA36F5E559210ECB35617 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys 14:12:22.0051 0x0944 FTDIBUS - ok 14:12:22.0082 0x0944 [ FBD982A8B9B94FC17D37EDEBA40B71E9, 2D07F14812AF8D0796A2056808C092A71275DF3138378AEB2C22A396BEC67051 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys 14:12:22.0098 0x0944 FTSER2K - ok 14:12:22.0160 0x0944 [ 2C8D12C3C6E6FA87795B3328BDA85EB0, 042885D56D56BF43BE9C67721F2095FF896A91BE8C958058765D5191B6375A5F ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 14:12:22.0192 0x0944 fvevol - ok 14:12:22.0223 0x0944 [ 49E44F7804BD7575639A833ADC89A1B4, D89605DF3284A92623A42C906EABFAED4A206B089C76869D232F6AD711FEF6DB ] FxPPM C:\Windows\System32\drivers\fxppm.sys 14:12:22.0254 0x0944 FxPPM - ok 14:12:22.0285 0x0944 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 14:12:22.0301 0x0944 gagp30kx - ok 14:12:22.0301 0x0944 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 14:12:22.0332 0x0944 gencounter - ok 14:12:22.0426 0x0944 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 14:12:22.0457 0x0944 GPIOClx0101 - ok 14:12:22.0535 0x0944 [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc C:\Windows\System32\gpsvc.dll 14:12:22.0598 0x0944 gpsvc - ok 14:12:22.0645 0x0944 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 14:12:22.0645 0x0944 grmnusb - ok 14:12:22.0707 0x0944 [ 311765BDB21B7DFC6D952C314FABFC3A, 4D6CC7202CEE6453C0838C567A315BF3DC58FDEAE717A1D8C74D91129CF2DBE4 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 14:12:22.0817 0x0944 HdAudAddService - ok 14:12:22.0848 0x0944 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 14:12:22.0879 0x0944 HDAudBus - ok 14:12:22.0910 0x0944 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 14:12:22.0926 0x0944 HidBatt - ok 14:12:22.0957 0x0944 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 14:12:23.0020 0x0944 HidBth - ok 14:12:23.0051 0x0944 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 14:12:23.0082 0x0944 hidi2c - ok 14:12:23.0113 0x0944 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 14:12:23.0160 0x0944 HidIr - ok 14:12:23.0192 0x0944 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll 14:12:23.0270 0x0944 hidserv - ok 14:12:23.0364 0x0944 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys 14:12:23.0457 0x0944 HidUsb - ok 14:12:23.0489 0x0944 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll 14:12:23.0535 0x0944 hkmsvc - ok 14:12:23.0598 0x0944 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 14:12:23.0660 0x0944 HomeGroupListener - ok 14:12:23.0707 0x0944 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 14:12:23.0739 0x0944 HomeGroupProvider - ok 14:12:23.0770 0x0944 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 14:12:23.0801 0x0944 HpSAMD - ok 14:12:23.0863 0x0944 [ E45EB7AE6C890F2C8DE8F160AC641C8A, 3637D1FCE42A5600BD7FCC1F602C926968B327097CB36EE5FAC9140DD99EEC2D ] HTTP C:\Windows\system32\drivers\HTTP.sys 14:12:23.0910 0x0944 HTTP - ok 14:12:23.0957 0x0944 [ 9CEE2BBB060DC4B7062BE4461774A7A0, BBE3AEE1B5FF27871E6E2F3BFAF17C5DB646A9491576E348D3BDE93C17F05D18 ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 14:12:23.0989 0x0944 HuaweiHiSuiteService64.exe - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:24.0051 0x0944 Detect skipped due to KSN trusted 14:12:24.0051 0x0944 HuaweiHiSuiteService64.exe - ok 14:12:24.0082 0x0944 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 14:12:24.0113 0x0944 hwpolicy - ok 14:12:24.0145 0x0944 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 14:12:24.0176 0x0944 hyperkbd - ok 14:12:24.0192 0x0944 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 14:12:24.0223 0x0944 HyperVideo - ok 14:12:24.0254 0x0944 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 14:12:24.0332 0x0944 i8042prt - ok 14:12:24.0363 0x0944 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 14:12:24.0379 0x0944 iaLPSSi_GPIO - ok 14:12:24.0395 0x0944 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 14:12:24.0410 0x0944 iaLPSSi_I2C - ok 14:12:24.0410 0x0944 [ 5CC64394DECD35104418773F0C103C8A, 37294D958FE0717ACB93D153319A772745699CADD7100E51BE7F26CD7B80B435 ] iaLPSS_GPIO C:\Windows\System32\drivers\iaLPSS_GPIO.sys 14:12:24.0426 0x0944 iaLPSS_GPIO - ok 14:12:24.0504 0x0944 [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA C:\Windows\system32\drivers\iaStorA.sys 14:12:24.0520 0x0944 iaStorA - ok 14:12:24.0551 0x0944 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 14:12:24.0582 0x0944 iaStorAV - ok 14:12:24.0614 0x0944 [ E4B16F9770B0F04A1841C74368896870, 55A07A24686DEFB53158992F4490371D7BC6378692F353124599C9E653134236 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 14:12:24.0629 0x0944 IAStorDataMgrSvc - ok 14:12:24.0660 0x0944 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 14:12:24.0692 0x0944 iaStorV - ok 14:12:24.0739 0x0944 [ F39940584D12775B73712CF50056FBAC, 5EEB3011C3352A29E9BFE560DCDC2A573737EB03C0222F5AABF51C8C116BF6E4 ] iBtSiva C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe 14:12:24.0754 0x0944 iBtSiva - ok 14:12:24.0770 0x0944 [ 18DA57A6DBA2DFEFDCD52D1637FFB657, 94F161895EAB5B538B1BCD8457E489B0739420EC1CD8519F6EBF5F1524A0DE9C ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys 14:12:24.0785 0x0944 ibtusb - ok 14:12:24.0801 0x0944 IEEtwCollectorService - ok 14:12:25.0067 0x0944 [ 32F5DCDDC3D4DF6DDA96CD29C8FC51A4, CA041161BCC4BFF0BDE07CBC2A5BD33D5DD5B01D0864C319B836A0F840D0BCA9 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 14:12:25.0301 0x0944 igfx - ok 14:12:25.0395 0x0944 [ DB8E368C8F91CB1EE211784C75E4282F, ADB4E376A6C2F998D78AE0C4F2C9FC7E913C24B361400B5AF5FA85EC0999B998 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe 14:12:25.0426 0x0944 igfxCUIService2.0.0.0 - ok 14:12:25.0488 0x0944 [ 3335483DB1064A24DA1B4DEF5D37CEB1, D5315465622C022FB6D4839292238675A20876982BBA4AD156F3217D3F20AF86 ] IKEEXT C:\Windows\System32\ikeext.dll 14:12:25.0551 0x0944 IKEEXT - ok 14:12:25.0598 0x0944 [ AFA7F1696B431C07729E9BF2565D6045, 77966485A23581C079A480BEC13982AB926F5C62686F48A44F8C562B3C67745B ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 14:12:25.0613 0x0944 intaud_WaveExtensible - ok 14:12:25.0738 0x0944 [ 07598029B8B7A18A49095010319E7056, A38FCAC718A11DF92C79E867934CB35825D67942A32C190F6A67230EB20B5878 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 14:12:25.0863 0x0944 IntcAzAudAddService - ok 14:12:25.0910 0x0944 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 14:12:25.0926 0x0944 IntcDAud - ok 14:12:26.0004 0x0944 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 14:12:26.0035 0x0944 Intel(R) Capability Licensing Service TCP IP Interface - ok 14:12:26.0082 0x0944 [ A7AED4514E3E309AABF8237A8DD341A9, 59DC19773C0AA28B08FBB954B4F737EE5EE4D833D6EE12F7E3D901B244C5B1F9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 14:12:26.0082 0x0944 Intel(R) ME Service - ok 14:12:26.0114 0x0944 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 14:12:26.0114 0x0944 intelide - ok 14:12:26.0145 0x0944 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys 14:12:26.0160 0x0944 intelpep - ok 14:12:26.0207 0x0944 [ 24FF99B76037E1449E4E2E6DDF03F417, D001CFF6CF40B47E8D235378A563DAE22D32B4AE1D50755436567B6B2BB188A3 ] intelppm C:\Windows\System32\drivers\intelppm.sys 14:12:26.0223 0x0944 intelppm - ok 14:12:26.0238 0x0944 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:12:26.0270 0x0944 IpFilterDriver - ok 14:12:26.0317 0x0944 [ 3346E5B1A3C788831C7798C129B5D9AE, 337402BCA9EE8B6D4C0D1C941E565CB2F20882EFF4CD8AF18FA2AE8A741CBCC2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 14:12:26.0410 0x0944 iphlpsvc - ok 14:12:26.0457 0x0944 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 14:12:26.0504 0x0944 IPMIDRV - ok 14:12:26.0535 0x0944 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 14:12:26.0613 0x0944 IPNAT - ok 14:12:26.0629 0x0944 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 14:12:26.0660 0x0944 IRENUM - ok 14:12:26.0692 0x0944 [ 00AD710037F4A4F00CDDD94CBA7BABEA, 234FD60D659D9338C9FA0A54D176840BFDDEEB358DAF67A8B13F7699D442CAC0 ] isapnp C:\Windows\system32\drivers\isapnp.sys 14:12:26.0707 0x0944 isapnp - ok 14:12:26.0739 0x0944 [ 6205F494094FC3DB755CB1139917D058, EFD5CBE86D4523F9693E26F78292A52B211B25451B47B26B8C3CBC00B3C86C25 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 14:12:26.0770 0x0944 iScsiPrt - ok 14:12:26.0832 0x0944 [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe 14:12:26.0879 0x0944 iumsvc - ok 14:12:26.0926 0x0944 [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\Windows\System32\drivers\iwdbus.sys 14:12:26.0942 0x0944 iwdbus - ok 14:12:26.0957 0x0944 [ 2749D828991C160D1D8E7A06A0A95D93, 6F590E3A8F295D367A23938E062AEB0D904CDD8B8262B1EBB1208369587EA186 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 14:12:26.0973 0x0944 jhi_service - ok 14:12:26.0989 0x0944 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 14:12:27.0004 0x0944 kbdclass - ok 14:12:27.0020 0x0944 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 14:12:27.0051 0x0944 kbdhid - ok 14:12:27.0067 0x0944 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 14:12:27.0129 0x0944 kdnic - ok 14:12:27.0145 0x0944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe 14:12:27.0160 0x0944 KeyIso - ok 14:12:27.0207 0x0944 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 14:12:27.0238 0x0944 KSecDD - ok 14:12:27.0270 0x0944 [ 6C1B963421698746D78C43CB111CBE88, C624EAFBB5AD49C95394A5C85CD982C351F96E4445A0FF9D488A55CD117D175F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 14:12:27.0285 0x0944 KSecPkg - ok 14:12:27.0301 0x0944 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 14:12:27.0332 0x0944 ksthunk - ok 14:12:27.0363 0x0944 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll 14:12:27.0379 0x0944 KtmRm - ok 14:12:27.0488 0x0944 [ B75ADC97905F43C7C946F1465A8697BD, AF50E3F5DBF222DB095B40FD4896650B5F8DD47153CB9A1ADE54D17FCE85C529 ] LanmanServer C:\Windows\system32\srvsvc.dll 14:12:27.0551 0x0944 LanmanServer - ok 14:12:27.0613 0x0944 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 14:12:27.0660 0x0944 LanmanWorkstation - ok 14:12:27.0692 0x0944 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 14:12:27.0754 0x0944 lfsvc - ok 14:12:27.0801 0x0944 [ 02538E602280C07438C94489DCBE77D5, 2E2B60E5FB7A274F4945444D5EDB058E62CAC268C5336FF8F4B9E82245095211 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys 14:12:27.0832 0x0944 libusb0 - ok 14:12:27.0848 0x0944 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 14:12:27.0895 0x0944 lltdio - ok 14:12:27.0910 0x0944 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll 14:12:27.0926 0x0944 lltdsvc - ok 14:12:27.0957 0x0944 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll 14:12:28.0004 0x0944 lmhosts - ok 14:12:28.0051 0x0944 [ 9C30978597D52AD8EA319BABE6112AAE, 50A63FB33797D79D688CA86600693FA4BD668588FAE0F67D9725ACDD20445D2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 14:12:28.0082 0x0944 LMS - ok 14:12:28.0113 0x0944 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 14:12:28.0129 0x0944 LSI_SAS - ok 14:12:28.0145 0x0944 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 14:12:28.0160 0x0944 LSI_SAS2 - ok 14:12:28.0160 0x0944 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 14:12:28.0176 0x0944 LSI_SAS3 - ok 14:12:28.0192 0x0944 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 14:12:28.0207 0x0944 LSI_SSS - ok 14:12:28.0285 0x0944 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll 14:12:28.0363 0x0944 LSM - ok 14:12:28.0410 0x0944 [ 218DACD809BA8D3D4DBFFACE2E40D460, E4DF9584F50995269B76B9361EE49B57E79560CCE873C05FAE1DB072D1AB0CD8 ] luafv C:\Windows\system32\drivers\luafv.sys 14:12:28.0473 0x0944 luafv - ok 14:12:28.0489 0x0944 [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 14:12:28.0504 0x0944 MBAMProtector - ok 14:12:28.0582 0x0944 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 14:12:28.0629 0x0944 MBAMService - ok 14:12:28.0645 0x0944 [ 28B597A61C9AC9B59BC0573D70A62CBF, 032C095ECDAEEE800BD9C7AB08C089E7530A9DD09AE577D1612035F2BFFAA61C ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 14:12:28.0660 0x0944 MBAMWebAccessControl - ok 14:12:28.0660 0x0944 McAfee SiteAdvisor Service - ok 14:12:28.0676 0x0944 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 14:12:28.0692 0x0944 megasas - ok 14:12:28.0723 0x0944 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 14:12:28.0754 0x0944 megasr - ok 14:12:28.0785 0x0944 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 14:12:28.0801 0x0944 MEIx64 - ok 14:12:28.0832 0x0944 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll 14:12:28.0879 0x0944 MMCSS - ok |
24.11.2019, 18:42 | #6 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Teil 2: Code:
ATTFilter 14:12:28.0895 0x0944 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 14:12:28.0926 0x0944 Modem - ok 14:12:28.0942 0x0944 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 14:12:28.0988 0x0944 monitor - ok 14:12:29.0004 0x0944 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys 14:12:29.0020 0x0944 mouclass - ok 14:12:29.0035 0x0944 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys 14:12:29.0067 0x0944 mouhid - ok 14:12:29.0098 0x0944 [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 14:12:29.0113 0x0944 mountmgr - ok 14:12:29.0145 0x0944 [ BC08EC552C7238F437902FD300811D7E, 50EA6962E04B8041F7CE6D13065EA1A893CFF35C0DFD3DE79001B31D39083289 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 14:12:29.0160 0x0944 mpsdrv - ok 14:12:29.0223 0x0944 [ 4D33C8B6159B61C7F13984ED10EA2A82, 2E6B8C104F34BFED3C521062F0F12B8D9B4A602221256C41791932771EB79B2C ] MpsSvc C:\Windows\system32\mpssvc.dll 14:12:29.0270 0x0944 MpsSvc - ok 14:12:29.0317 0x0944 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 14:12:29.0379 0x0944 MRxDAV - ok 14:12:29.0426 0x0944 [ 50342440F4E4CC933D7E6541B63B7B1D, 1B4934DCEF2D88D1834CDA8C59D362C89601EBBA6603365A150941A37872635E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 14:12:29.0457 0x0944 mrxsmb - ok 14:12:29.0504 0x0944 [ EF3625A402C6C7660F66EB2C148FECAE, 0456014B9314940882F6BA64A44E70CB48F6B33ACA6CF7CE182EC94BD882F9E2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:12:29.0567 0x0944 mrxsmb10 - ok 14:12:29.0629 0x0944 [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:12:29.0676 0x0944 mrxsmb20 - ok 14:12:29.0692 0x0944 [ D0C29B221F3BE89C23D8101EFF825B85, 4E1792759A37D83BFE37ACAF9C0614A8A771B452816FFEB8D2CDDF93A76F2084 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 14:12:29.0739 0x0944 MsBridge - ok 14:12:29.0770 0x0944 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe 14:12:29.0785 0x0944 MSDTC - ok 14:12:29.0817 0x0944 [ 74FFF6220E4016FD6F2F9991BE54654B, 74955C73C1353ADB9F6AD2B2E8D9D21F2EDDBE85B13EE70A8349732F6368F523 ] Msfs C:\Windows\system32\drivers\Msfs.sys 14:12:29.0895 0x0944 Msfs - ok 14:12:29.0926 0x0944 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 14:12:29.0942 0x0944 msgpiowin32 - ok 14:12:29.0957 0x0944 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 14:12:29.0989 0x0944 mshidkmdf - ok 14:12:30.0004 0x0944 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 14:12:30.0035 0x0944 mshidumdf - ok 14:12:30.0067 0x0944 [ 15552CD43BD9DA6C00659167403D19E6, B93BAE0FB5A132FA3F0218B07284117D424175DB0A69C4FB3E3C2E33F122207F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 14:12:30.0082 0x0944 msisadrv - ok 14:12:30.0114 0x0944 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 14:12:30.0160 0x0944 MSiSCSI - ok 14:12:30.0176 0x0944 msiserver - ok 14:12:30.0192 0x0944 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 14:12:30.0207 0x0944 MSKSSRV - ok 14:12:30.0239 0x0944 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 14:12:30.0301 0x0944 MsLldp - ok 14:12:30.0301 0x0944 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 14:12:30.0332 0x0944 MSPCLOCK - ok 14:12:30.0348 0x0944 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 14:12:30.0364 0x0944 MSPQM - ok 14:12:30.0410 0x0944 [ 516F0F4CEF278D8C4582C6E7897C267B, 2F666AF94FCA9ECCD38DA66F49062A6D8DB2929545C7EBEDCB1C2A319264A87A ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 14:12:30.0457 0x0944 MsRPC - ok 14:12:30.0473 0x0944 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 14:12:30.0489 0x0944 mssmbios - ok 14:12:30.0504 0x0944 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 14:12:30.0520 0x0944 MSTEE - ok 14:12:30.0551 0x0944 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 14:12:30.0582 0x0944 MTConfig - ok 14:12:30.0614 0x0944 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys 14:12:30.0629 0x0944 Mup - ok 14:12:30.0645 0x0944 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 14:12:30.0660 0x0944 mvumis - ok 14:12:30.0676 0x0944 [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 14:12:30.0707 0x0944 MyWiFiDHCPDNS - ok 14:12:30.0739 0x0944 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll 14:12:30.0785 0x0944 napagent - ok 14:12:30.0817 0x0944 [ F3A70F2C79D91B7C95F78E959DEDAD0E, CB1826614D1EEC1C2E8E6F8D2B8DE486CE7AF628DAC6969655E57EC4BAF70C9D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 14:12:30.0879 0x0944 NativeWifiP - ok 14:12:30.0910 0x0944 [ 038E8043C425D88D8CEBD4A85A662B3B, 288E3BB79C5131EBD6482C4832D824E1C205A4B24C21F05575011B5DE1BBD4E3 ] NcaSvc C:\Windows\System32\ncasvc.dll 14:12:30.0973 0x0944 NcaSvc - ok 14:12:31.0004 0x0944 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll 14:12:31.0067 0x0944 NcbService - ok 14:12:31.0098 0x0944 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 14:12:31.0160 0x0944 NcdAutoSetup - ok 14:12:31.0223 0x0944 [ FCE3B49118A5431585D8BD884A98CE46, F6E590BB03B5615BA9D502502019CD60B76629E4F7D577DC639C5619A5B40B3F ] NDIS C:\Windows\system32\drivers\ndis.sys 14:12:31.0270 0x0944 NDIS - ok 14:12:31.0301 0x0944 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 14:12:31.0332 0x0944 NdisCap - ok 14:12:31.0364 0x0944 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 14:12:31.0442 0x0944 NdisImPlatform - ok 14:12:31.0473 0x0944 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 14:12:31.0520 0x0944 NdisTapi - ok 14:12:31.0551 0x0944 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 14:12:31.0614 0x0944 Ndisuio - ok 14:12:31.0629 0x0944 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 14:12:31.0660 0x0944 NdisVirtualBus - ok 14:12:31.0692 0x0944 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 14:12:31.0739 0x0944 NdisWan - ok 14:12:31.0754 0x0944 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 14:12:31.0770 0x0944 NdisWanLegacy - ok 14:12:31.0785 0x0944 [ 4F5178EEF4CC259F0A8CF56C2F16ADDB, 1940275E4AB0A863B146736A189F797EE06841DD74376AF6E09033FB1EEB6643 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 14:12:31.0817 0x0944 NDProxy - ok 14:12:31.0832 0x0944 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys 14:12:31.0864 0x0944 Ndu - ok 14:12:31.0879 0x0944 [ AD6A78E25BBC916354753A500C4E73C8, 52D10B07CA52B90E6934EC8916715B1BA78711A12600980A3A7A16EA5408F99A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 14:12:31.0957 0x0944 NetBIOS - ok 14:12:32.0020 0x0944 [ ECA8458C5042B5E63AAA8B9EC808F707, CBB731C95C8C848A7CB06A4B16EF3B5065ECAF8B6A8C06B974C556F0EF0C2EEB ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 14:12:32.0114 0x0944 NetBT - ok 14:12:32.0129 0x0944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe 14:12:32.0145 0x0944 Netlogon - ok 14:12:32.0207 0x0944 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll 14:12:32.0239 0x0944 Netman - ok 14:12:32.0285 0x0944 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll 14:12:32.0332 0x0944 netprofm - ok 14:12:32.0410 0x0944 [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:12:32.0426 0x0944 NetTcpPortSharing - ok 14:12:32.0457 0x0944 [ 39935F3D3582A8B3387E9A2ED4C85413, 4B0629CA22B9AEF90425991BC800043DBE18007AC90445809A8D5D122B41218D ] netvsc C:\Windows\System32\drivers\netvsc63.sys 14:12:32.0520 0x0944 netvsc - ok 14:12:32.0660 0x0944 [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64 C:\Windows\system32\DRIVERS\Netwbw02.sys 14:12:32.0770 0x0944 NETwNb64 - ok 14:12:32.0926 0x0944 [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\Windows\system32\DRIVERS\NETwew02.sys 14:12:33.0067 0x0944 NETwNe64 - ok 14:12:33.0114 0x0944 [ DEC1CAAE55AB3CDD7BA9F8907B278A45, 4EFED5F21155AB95562ECFE7D1C1F46609B9066E4046BA8A8A904F94111638CA ] NlaSvc C:\Windows\System32\nlasvc.dll 14:12:33.0160 0x0944 NlaSvc - ok 14:12:33.0176 0x0944 [ B91CD5EE06CDFFF5665352AF74F11230, 2562CF4EB102712570705C590E980D240502529FEB29CECC106799082DE9FD1E ] Npfs C:\Windows\system32\drivers\Npfs.sys 14:12:33.0192 0x0944 Npfs - ok 14:12:33.0270 0x0944 [ BD6ADDB3BB8B73C314B683A8E346C0FE, A6B0B5939AD38C13395C5C6F9BF5458A1EEB2CE3D01721224CAED4931D55FEB5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys 14:12:33.0285 0x0944 NPF_devolo - ok 14:12:33.0285 0x0944 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 14:12:33.0332 0x0944 npsvctrig - ok 14:12:33.0364 0x0944 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll 14:12:33.0426 0x0944 nsi - ok 14:12:33.0473 0x0944 [ 018510D88536798852DAE12F9BA6E138, C0D89C36F8737FD139CEA80BED65D1DB4248E667804645FF71C39BA92FEC4109 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 14:12:33.0504 0x0944 nsiproxy - ok 14:12:33.0614 0x0944 [ 5A23FFA58B79512F40668836E58E4B22, CF634ED527FB39A195D7EB69660F8A6D51357983474EF4827BD49B582CA2B9AD ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 14:12:33.0692 0x0944 Ntfs - ok 14:12:33.0723 0x0944 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 14:12:33.0754 0x0944 Null - ok 14:12:33.0770 0x0944 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 14:12:33.0785 0x0944 nvraid - ok 14:12:33.0801 0x0944 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 14:12:33.0817 0x0944 nvstor - ok 14:12:33.0864 0x0944 [ 9D1D5F4A66790A6B6B83B49497DB7A9F, CEFB57674BB681A0F446307E6D10D141DC2F5C5650A481FCF4D7FA877F421D0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 14:12:33.0895 0x0944 nv_agp - ok 14:12:33.0989 0x0944 [ A8CB2F8082DB653083A5EB867BA339A9, CF948F1FC3B190EC4643A6B549B5EC857A47ECE5C5EF3E01EDB9F448F395AA11 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:12:34.0020 0x0944 ose - ok 14:12:34.0067 0x0944 [ 9D7494E48B86FC839C91DF801A3968B1, F5847BE92E63EFD9E5975133B8B43A8C4F873CD0C9740AA441C9DA36C8009F41 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 14:12:34.0114 0x0944 p2pimsvc - ok 14:12:34.0176 0x0944 [ 0B100C336809C1D7DBD108A75DAFFEF5, F8E5B7EBB5F751FD5BBBD0A5CE5CD60F2EE32CC75EFA68DAAD17E2B26B71AF4E ] p2psvc C:\Windows\system32\p2psvc.dll 14:12:34.0239 0x0944 p2psvc - ok 14:12:34.0270 0x0944 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys 14:12:34.0332 0x0944 Parport - ok 14:12:34.0364 0x0944 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys 14:12:34.0379 0x0944 partmgr - ok 14:12:34.0426 0x0944 [ 10D35971E29936AE422A9C728014E761, 7B1547312663D50D72B76A7C13A01E532F41132A8E108AF5C6C086B456C86ACA ] PcaSvc C:\Windows\System32\pcasvc.dll 14:12:34.0489 0x0944 PcaSvc - ok 14:12:34.0551 0x0944 [ 9C1015B033ABDFC59584F480207AECDD, 288011A1F5A6C6D530122210EF3CAD09DF0BDA15E490CD5C52209037B3A0714F ] pci C:\Windows\system32\drivers\pci.sys 14:12:34.0582 0x0944 pci - ok 14:12:34.0614 0x0944 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 14:12:34.0629 0x0944 pciide - ok 14:12:34.0629 0x0944 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 14:12:34.0660 0x0944 pcmcia - ok 14:12:34.0676 0x0944 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 14:12:34.0692 0x0944 pcw - ok 14:12:34.0739 0x0944 [ E6B3ACBA06BAF48594557FCCBFA66FD2, 44A0FAC6169D9130870456DEFBFFE563FCCC4AD7A9754B455D5A1C1A77F0699D ] pdc C:\Windows\system32\drivers\pdc.sys 14:12:34.0754 0x0944 pdc - ok 14:12:34.0785 0x0944 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 14:12:34.0848 0x0944 PEAUTH - ok 14:12:34.0879 0x0944 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 14:12:34.0910 0x0944 PEGAGFN - ok 14:12:34.0910 0x0944 [ 7BB4BD4E20221B6BFC0038851CF3A4F0, 29EECB0C2A8BFC315C5212AD26B871B02DF7B76B5097FF45BA5E5C78891F357C ] PegaRadioSwitch C:\Windows\System32\drivers\PegaRadioSwitch.sys 14:12:34.0957 0x0944 PegaRadioSwitch - ok 14:12:34.0989 0x0944 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 14:12:35.0004 0x0944 PerfHost - ok 14:12:35.0036 0x0944 [ 81BDFDAE4FA5E1A4F767B332CACB1292, 19C468B1D43ADB93A3BBE03B83137A2720C01F4F63A929D059FA784572F4C97A ] PGFNEXSrv C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe 14:12:35.0051 0x0944 PGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:35.0129 0x0944 Detect skipped due to KSN trusted 14:12:35.0129 0x0944 PGFNEXSrv - ok 14:12:35.0207 0x0944 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll 14:12:35.0285 0x0944 pla - ok 14:12:35.0317 0x0944 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 14:12:35.0332 0x0944 PlugPlay - ok 14:12:35.0348 0x0944 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 14:12:35.0410 0x0944 PNRPAutoReg - ok 14:12:35.0426 0x0944 [ 9D7494E48B86FC839C91DF801A3968B1, F5847BE92E63EFD9E5975133B8B43A8C4F873CD0C9740AA441C9DA36C8009F41 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 14:12:35.0457 0x0944 PNRPsvc - ok 14:12:35.0504 0x0944 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 14:12:35.0536 0x0944 PolicyAgent - ok 14:12:35.0582 0x0944 [ EA1B3AD8B794356C1E2CE40873DE75E6, 38EB1A2C4374AD8B3097E397F70361B706CB02973125609DCCAED660AB736ACB ] Power C:\Windows\system32\umpo.dll 14:12:35.0660 0x0944 Power - ok 14:12:35.0785 0x0944 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 14:12:35.0926 0x0944 PrintNotify - ok 14:12:35.0973 0x0944 [ 400E95F70BC0336D206139C930C3F7F6, 50D40C9E4B4BAEC25067B0A4E55A8FE0CEF6C6B66BDBAE62BBDB5A02C62DDF7E ] Processor C:\Windows\System32\drivers\processr.sys 14:12:36.0020 0x0944 Processor - ok 14:12:36.0036 0x0944 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll 14:12:36.0098 0x0944 ProfSvc - ok 14:12:36.0129 0x0944 [ DEF4D00D1E55B1E29138A1541D0B82D3, CB042B49BA34F501CAD5AE1277EBFC34BD7BC01C1251811733901566880FF280 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 14:12:36.0145 0x0944 Psched - ok 14:12:36.0192 0x0944 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll 14:12:36.0254 0x0944 QWAVE - ok 14:12:36.0286 0x0944 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 14:12:36.0317 0x0944 QWAVEdrv - ok 14:12:36.0332 0x0944 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 14:12:36.0364 0x0944 RasAcd - ok 14:12:36.0395 0x0944 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll 14:12:36.0426 0x0944 RasAuto - ok 14:12:36.0473 0x0944 [ 0A655DD285E4E1E2975CEAB8FDE75295, 023B73A71CB48578702548F8F1096BDF72BE09D836F2D324DDA869E4F0354133 ] RasMan C:\Windows\System32\rasmans.dll 14:12:36.0520 0x0944 RasMan - ok 14:12:36.0551 0x0944 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 14:12:36.0598 0x0944 RasPppoe - ok 14:12:36.0629 0x0944 [ E1F0AF7971AE51B7F5023CD7A3695371, D5638EFA4E51F8FCCB24868916005067F8A6A9ACA705B8C1A95A75011C8684B4 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 14:12:36.0661 0x0944 rdbss - ok 14:12:36.0692 0x0944 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 14:12:36.0739 0x0944 rdpbus - ok 14:12:36.0770 0x0944 [ 57B60DC668977AF0F806F25F525CE1D5, 2EAC000A03ADAF44833FE064AFA6D58F0CA39230A4F293C941C7B0DB6775F80D ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 14:12:36.0848 0x0944 RDPDR - ok 14:12:36.0895 0x0944 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 14:12:36.0910 0x0944 RdpVideoMiniport - ok 14:12:36.0957 0x0944 [ 468F9F3886DD3320357ECDBFF838DBBF, B8A8198A3D7CF19D662718AC9D33AD3722D179DA88D9F3FCFFB67AAA3F95C153 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 14:12:37.0020 0x0944 rdyboost - ok 14:12:37.0082 0x0944 [ B5C2EA2F3FC153B8C2095B338ED0035F, 467977E9C37378BDFC2929F9DD8FEBE0D76F89C278EE0A5D9118A08F2B1285EF ] ReFS C:\Windows\system32\drivers\ReFS.sys 14:12:37.0129 0x0944 ReFS - ok 14:12:37.0192 0x0944 [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 14:12:37.0192 0x0944 RegSrvc - ok 14:12:37.0254 0x0944 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll 14:12:37.0317 0x0944 RemoteAccess - ok 14:12:37.0348 0x0944 [ 7594FEFBAD6BA4645CE7AA175C19BAD0, 32625BA39B905576F0465E261F15D222ED228A19071E3A1BC4286B5FECA0F948 ] RemoteRegistry C:\Windows\system32\regsvc.dll 14:12:37.0442 0x0944 RemoteRegistry - ok 14:12:37.0473 0x0944 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys 14:12:37.0504 0x0944 RFCOMM - ok 14:12:37.0582 0x0944 [ 27A3A6BF6EE99AB61BF6F1147542F6AA, EA77F391067BF597E2E9A5A915CED91694B34624CD7BC87531C1610659C28748 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 14:12:37.0614 0x0944 RichVideo64 - ok 14:12:37.0645 0x0944 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 14:12:37.0692 0x0944 RpcEptMapper - ok 14:12:37.0739 0x0944 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe 14:12:37.0770 0x0944 RpcLocator - ok 14:12:37.0832 0x0944 [ 490B92124B583E021B9EEED7BC654DED, 79A955478C1FA0D9F97A56ADF4AA119352D0130926ED70344862969B8EC75194 ] RpcSs C:\Windows\system32\rpcss.dll 14:12:37.0879 0x0944 RpcSs - ok 14:12:37.0895 0x0944 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 14:12:37.0926 0x0944 rspndr - ok 14:12:37.0989 0x0944 [ 99E927EA78E4B20F02B4B900F6FAB569, C4F6EC9B3BA4FA39926673F39BA3A183CDB7FFC04404F115779C7397C482A795 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys 14:12:38.0004 0x0944 RSUSBVSTOR - ok 14:12:38.0051 0x0944 [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 14:12:38.0082 0x0944 RTL8168 - ok 14:12:38.0176 0x0944 [ 65315D4C548B9F42918226FD06ADD557, B374F9C561BC986458FAD23A82926EFADF95F20F57C80B0BED6B81DCB366A912 ] RtlWlanu C:\Windows\system32\DRIVERS\rtwlanu.sys 14:12:38.0270 0x0944 RtlWlanu - ok 14:12:38.0301 0x0944 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 14:12:38.0317 0x0944 s3cap - ok 14:12:38.0364 0x0944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe 14:12:38.0379 0x0944 SamSs - ok 14:12:38.0395 0x0944 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 14:12:38.0410 0x0944 sbp2port - ok 14:12:38.0442 0x0944 [ 305B725E3FC1936162FE84A0BB526F22, 341E311BAF071F630E277BA41629883D5F8DB76E820425AB898BAC13D09971DC ] SCardSvr C:\Windows\System32\SCardSvr.dll 14:12:38.0473 0x0944 SCardSvr - ok 14:12:38.0520 0x0944 [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 14:12:38.0536 0x0944 ScDeviceEnum - ok 14:12:38.0551 0x0944 [ DEA731D96816F1F67C32F49E4EF248DD, 6A977D80164616A85BDAE437A3D50E055720E3163941259F19E8719F54BE267D ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 14:12:38.0582 0x0944 scfilter - ok 14:12:38.0676 0x0944 [ 5DB117D0A5DE583420CF437963EEEF87, 0BC7E67B0ED512367949A9400CB86A0D9B4FFAE029D2E17A66232992D0E8AA71 ] Schedule C:\Windows\system32\schedsvc.dll 14:12:38.0739 0x0944 Schedule - ok 14:12:38.0754 0x0944 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc C:\Windows\System32\certprop.dll 14:12:38.0770 0x0944 SCPolicySvc - ok 14:12:38.0801 0x0944 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys 14:12:38.0817 0x0944 sdbus - ok 14:12:38.0848 0x0944 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 14:12:38.0864 0x0944 sdstor - ok 14:12:38.0864 0x0944 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 14:12:38.0926 0x0944 secdrv - ok 14:12:38.0973 0x0944 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll 14:12:39.0035 0x0944 seclogon - ok 14:12:39.0082 0x0944 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll 14:12:39.0114 0x0944 SENS - ok 14:12:39.0160 0x0944 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 14:12:39.0223 0x0944 SensrSvc - ok 14:12:39.0239 0x0944 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 14:12:39.0254 0x0944 SerCx - ok 14:12:39.0270 0x0944 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 14:12:39.0285 0x0944 SerCx2 - ok 14:12:39.0317 0x0944 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys 14:12:39.0364 0x0944 Serenum - ok 14:12:39.0395 0x0944 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys 14:12:39.0410 0x0944 Serial - ok 14:12:39.0442 0x0944 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys 14:12:39.0473 0x0944 sermouse - ok 14:12:39.0520 0x0944 [ A3955F30E33409E6F548592C187B21AC, EF87E0A71D23569CDCACD408278BD2274031D530689C36921CDCE4ED5BD20B3F ] SessionEnv C:\Windows\system32\sessenv.dll 14:12:39.0551 0x0944 SessionEnv - ok 14:12:39.0567 0x0944 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 14:12:39.0598 0x0944 sfloppy - ok 14:12:39.0676 0x0944 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll 14:12:39.0707 0x0944 SharedAccess - ok 14:12:39.0801 0x0944 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll 14:12:39.0879 0x0944 ShellHWDetection - ok 14:12:39.0911 0x0944 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 14:12:39.0911 0x0944 SiSRaid2 - ok 14:12:39.0926 0x0944 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 14:12:39.0942 0x0944 SiSRaid4 - ok 14:12:40.0020 0x0944 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 14:12:40.0067 0x0944 SkypeUpdate - ok 14:12:40.0145 0x0944 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll 14:12:40.0223 0x0944 smphost - ok 14:12:40.0270 0x0944 [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 14:12:40.0301 0x0944 SNMPTRAP - ok 14:12:40.0332 0x0944 [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport C:\Windows\system32\drivers\spaceport.sys 14:12:40.0364 0x0944 spaceport - ok 14:12:40.0395 0x0944 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 14:12:40.0411 0x0944 SpbCx - ok 14:12:40.0457 0x0944 [ 0A45832BABD4831A0510765D7E5410BB, B583E23071CE5C941DC3DB2014A6C0A302612863442CA8930CB3F150E5854CC3 ] Spooler C:\Windows\System32\spoolsv.exe 14:12:40.0520 0x0944 Spooler - ok 14:12:40.0739 0x0944 [ 8B14E197DB9C8E2B5447CD8AFCE92E1F, CF22D703FA779BE84E3957E7A18EF4837B1328914B2634898BBCABE08BD239C1 ] sppsvc C:\Windows\system32\sppsvc.exe 14:12:40.0957 0x0944 sppsvc - ok 14:12:41.0082 0x0944 [ 133A11435368E8BA1B01BF9D2EB324F7, 55E8F0F29B2BCFE746A34F650115F35E7B447586B007607AFCED58F7B4C29B44 ] srv C:\Windows\system32\DRIVERS\srv.sys 14:12:41.0129 0x0944 srv - ok 14:12:41.0176 0x0944 [ 7FE9832AE5A8F9629314766EF14B291E, 5B451222E56C79D10DC36A74E175179B6E8F17CE5ED01CE0EDA124B20C290E1E ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 14:12:41.0254 0x0944 srv2 - ok 14:12:41.0301 0x0944 [ D540461FE5B752BCB967FDE979B9E712, BA3659CC4FA42E6F649CF44833B733C02978171F112AC0B6B4E14565A7E7DC34 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 14:12:41.0332 0x0944 srvnet - ok 14:12:41.0411 0x0944 [ 238CCBB59F1E1421196572828DCA174F, 54E861FF96D68FBBA1AF4594AFF1255AEC10DA63163BD7E08D473CF59417459A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 14:12:41.0457 0x0944 SSDPSRV - ok 14:12:41.0473 0x0944 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll 14:12:41.0520 0x0944 SstpSvc - ok 14:12:41.0567 0x0944 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 14:12:41.0582 0x0944 ssudmdm - ok 14:12:41.0739 0x0944 [ 221D1C7636064CB71C30CDA2D43C3B6B, 85693E387273FC745B98B32F2B0B60FB2C499EA0A1799CE36127C2DCE3DF0FEE ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 14:12:41.0786 0x0944 Steam Client Service - ok 14:12:41.0817 0x0944 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 14:12:41.0832 0x0944 stexstor - ok 14:12:41.0879 0x0944 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll 14:12:41.0973 0x0944 stisvc - ok 14:12:41.0989 0x0944 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 14:12:42.0004 0x0944 storahci - ok 14:12:42.0051 0x0944 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 14:12:42.0082 0x0944 storflt - ok 14:12:42.0114 0x0944 [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme C:\Windows\system32\drivers\stornvme.sys 14:12:42.0129 0x0944 stornvme - ok 14:12:42.0176 0x0944 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll 14:12:42.0239 0x0944 StorSvc - ok 14:12:42.0270 0x0944 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 14:12:42.0286 0x0944 storvsc - ok 14:12:42.0317 0x0944 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll 14:12:42.0348 0x0944 svsvc - ok 14:12:42.0379 0x0944 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys 14:12:42.0411 0x0944 swenum - ok 14:12:42.0473 0x0944 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll 14:12:42.0536 0x0944 swprv - ok 14:12:42.0582 0x0944 [ 0404A539EC3D731EE42632AAFFF0666A, 5558B96C9A425ADEC69A020E0FEDB6D7562A60E403A2ECDCE58CAF2CA155549F ] SysMain C:\Windows\system32\sysmain.dll 14:12:42.0645 0x0944 SysMain - ok 14:12:42.0692 0x0944 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 14:12:42.0739 0x0944 SystemEventsBroker - ok 14:12:42.0786 0x0944 [ 54A1F83B166F1062000A0D816CB3B43A, 8A104B2141546984CFB988CC178EB1910F6B42A19CB75A30F4E74D5EE67901EB ] TabletInputService C:\Windows\System32\TabSvc.dll 14:12:42.0801 0x0944 TabletInputService - ok 14:12:42.0848 0x0944 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll 14:12:42.0911 0x0944 TapiSrv - ok 14:12:43.0020 0x0944 [ B5474EB0B9D719E97A7BD11CF56037CA, BF43FE2B519E8C7CB60DA80A3774CF54CCF6646188A2DFD2CE3292C33DA844C5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 14:12:43.0114 0x0944 Tcpip - ok 14:12:43.0176 0x0944 [ B5474EB0B9D719E97A7BD11CF56037CA, BF43FE2B519E8C7CB60DA80A3774CF54CCF6646188A2DFD2CE3292C33DA844C5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 14:12:43.0270 0x0944 TCPIP6 - ok 14:12:43.0348 0x0944 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 14:12:43.0426 0x0944 tcpipreg - ok 14:12:43.0473 0x0944 [ 576FA545FAB846B06E79B324160DE25C, 14F1FD2769E7F5362E6452CA061564EF3DEBFDF6BC8EFF0CD4E22068A460A727 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 14:12:43.0504 0x0944 tdx - ok 14:12:43.0520 0x0944 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 14:12:43.0536 0x0944 terminpt - ok 14:12:43.0598 0x0944 [ 68F6B7ACEAAB39DB558239ADE4EEB524, E806C4674A9D77DCDAFBA40BE98BF9BEB199953BAB0B9E7F2B32A7537EAF178D ] TermService C:\Windows\System32\termsrv.dll 14:12:43.0661 0x0944 TermService - ok 14:12:43.0692 0x0944 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll 14:12:43.0707 0x0944 Themes - ok 14:12:43.0754 0x0944 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll 14:12:43.0770 0x0944 THREADORDER - ok 14:12:43.0817 0x0944 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 14:12:43.0879 0x0944 TimeBroker - ok 14:12:43.0926 0x0944 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys 14:12:43.0957 0x0944 TPM - ok 14:12:44.0004 0x0944 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll 14:12:44.0051 0x0944 TrkWks - ok 14:12:44.0114 0x0944 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 14:12:44.0192 0x0944 TrustedInstaller - ok 14:12:44.0207 0x0944 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 14:12:44.0270 0x0944 TsUsbFlt - ok 14:12:44.0301 0x0944 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 14:12:44.0332 0x0944 TsUsbGD - ok 14:12:44.0379 0x0944 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 14:12:44.0411 0x0944 tunnel - ok 14:12:44.0426 0x0944 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 14:12:44.0442 0x0944 uagp35 - ok 14:12:44.0457 0x0944 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 14:12:44.0473 0x0944 UASPStor - ok 14:12:44.0520 0x0944 [ 42FF91AAAFB5BFA7FE0F5A31E8D83AE3, 11D4EF275357BB69F9431F9B24A5524A631D65610F8128F68290C6E839009BE2 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 14:12:44.0536 0x0944 UCX01000 - ok 14:12:44.0567 0x0944 [ 326805D03C5CC71967B21BEF33A02042, 00482C30FE75DB374BB75FF1E3166CB6B4804D7CF3195D04E5A87895541B31A0 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 14:12:44.0598 0x0944 udfs - ok 14:12:44.0629 0x0944 [ 5DFA6081BE0AE39EA5B3A38CAC6A961F, D2EC133CF68E794225DE4FAB678F9FECD20D82EC7539A450769076BA57C1914F ] UEFI C:\Windows\System32\drivers\UEFI.sys 14:12:44.0661 0x0944 UEFI - ok 14:12:44.0692 0x0944 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe 14:12:44.0754 0x0944 UI0Detect - ok 14:12:44.0786 0x0944 [ 4EF2D1DCFFC75ADFFFDD471BD9EBEDCC, 9B47DB34537B08D2F934C5FA0503B3441F718F0F8CEDF2483F77C684BD2D63E5 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 14:12:44.0817 0x0944 uliagpkx - ok 14:12:44.0832 0x0944 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 14:12:44.0848 0x0944 umbus - ok 14:12:44.0864 0x0944 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 14:12:44.0879 0x0944 UmPass - ok 14:12:44.0926 0x0944 [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C, C14C979612426D4449274C109FCF25D3BE170DC5CD7EF8E230C7E8D5681904D3 ] UmRdpService C:\Windows\System32\umrdp.dll 14:12:44.0942 0x0944 UmRdpService - ok 14:12:45.0004 0x0944 [ AE5249146D87013E998325F7FD0CCCC5, 3BC3348BA3E0317B7CD1B3855AF3A6E6B362DF8CEDA57A2CBC64569055C5CA30 ] upnphost C:\Windows\System32\upnphost.dll 14:12:45.0051 0x0944 upnphost - ok 14:12:45.0083 0x0944 [ 621317D14B93CBFBD5694767EFB6B40A, 84D3F4AA2CAFA11DF5EAD178889ACCAA2FF50D48AFE9518F63FBB862928630FB ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 14:12:45.0114 0x0944 usbccgp - ok 14:12:45.0145 0x0944 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys 14:12:45.0176 0x0944 usbcir - ok 14:12:45.0208 0x0944 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys 14:12:45.0223 0x0944 usbehci - ok 14:12:45.0254 0x0944 [ E30B159760053C5A1297D2CD08046CD7, E45472CEEC31616DBE2B38C4FD9B90179ED7FF29041F21FB124334B4A53AE48C ] usbhub C:\Windows\System32\drivers\usbhub.sys 14:12:45.0286 0x0944 usbhub - ok 14:12:45.0332 0x0944 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 14:12:45.0364 0x0944 USBHUB3 - ok 14:12:45.0379 0x0944 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys 14:12:45.0426 0x0944 usbohci - ok 14:12:45.0458 0x0944 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 14:12:45.0504 0x0944 usbprint - ok 14:12:45.0536 0x0944 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys 14:12:45.0583 0x0944 usbscan - ok 14:12:45.0629 0x0944 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 14:12:45.0661 0x0944 USBSTOR - ok 14:12:45.0692 0x0944 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 14:12:45.0754 0x0944 usbuhci - ok 14:12:45.0786 0x0944 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 14:12:45.0848 0x0944 usbvideo - ok 14:12:45.0895 0x0944 [ 3413BCA17155F82614A3F18518923475, A3C8FAB425CDC088CE9CC33A23B242291469C17848B8BE8DDEAC276905F7BAA4 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 14:12:45.0911 0x0944 USBXHCI - ok 14:12:45.0926 0x0944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe 14:12:45.0942 0x0944 VaultSvc - ok 14:12:45.0973 0x0944 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 14:12:45.0989 0x0944 vdrvroot - ok 14:12:46.0067 0x0944 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe 14:12:46.0114 0x0944 vds - ok 14:12:46.0129 0x0944 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 14:12:46.0145 0x0944 VerifierExt - ok 14:12:46.0192 0x0944 [ C86DEBD77D832E14C0E5B70048A7DA09, E4E864F37CA065DA6DB17A41FEDE239EECCC68D18FA1B293AC2CBA78405C7838 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 14:12:46.0239 0x0944 vhdmp - ok 14:12:46.0239 0x0944 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 14:12:46.0254 0x0944 viaide - ok 14:12:46.0301 0x0944 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys 14:12:46.0317 0x0944 vmbus - ok 14:12:46.0332 0x0944 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 14:12:46.0364 0x0944 VMBusHID - ok 14:12:46.0411 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 14:12:46.0442 0x0944 vmicguestinterface - ok 14:12:46.0457 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 14:12:46.0489 0x0944 vmicheartbeat - ok 14:12:46.0504 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 14:12:46.0536 0x0944 vmickvpexchange - ok 14:12:46.0551 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll 14:12:46.0582 0x0944 vmicrdv - ok 14:12:46.0598 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll 14:12:46.0629 0x0944 vmicshutdown - ok 14:12:46.0645 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll 14:12:46.0676 0x0944 vmictimesync - ok 14:12:46.0692 0x0944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll 14:12:46.0707 0x0944 vmicvss - ok 14:12:46.0770 0x0944 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys 14:12:46.0786 0x0944 volmgr - ok 14:12:46.0832 0x0944 [ 7DD4EAE2E680948D9AFF3E1B5234C1D3, 7B893CEF2B72458F5C716C811A24E4A8856E12E2AC9F551606A64B59C9DCF272 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 14:12:46.0879 0x0944 volmgrx - ok 14:12:46.0926 0x0944 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys 14:12:46.0942 0x0944 volsnap - ok 14:12:46.0989 0x0944 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys 14:12:47.0004 0x0944 vpci - ok 14:12:47.0020 0x0944 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 14:12:47.0036 0x0944 vsmraid - ok 14:12:47.0114 0x0944 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe 14:12:47.0207 0x0944 VSS - ok 14:12:47.0223 0x0944 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 14:12:47.0254 0x0944 VSTXRAID - ok 14:12:47.0286 0x0944 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 14:12:47.0348 0x0944 vwifibus - ok 14:12:47.0364 0x0944 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 14:12:47.0395 0x0944 vwififlt - ok 14:12:47.0411 0x0944 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 14:12:47.0457 0x0944 vwifimp - ok 14:12:47.0489 0x0944 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll 14:12:47.0567 0x0944 W32Time - ok 14:12:47.0598 0x0944 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 14:12:47.0645 0x0944 WacomPen - ok 14:12:47.0739 0x0944 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe 14:12:47.0832 0x0944 wbengine - ok 14:12:47.0879 0x0944 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 14:12:47.0957 0x0944 WbioSrvc - ok 14:12:48.0004 0x0944 [ BC8569DF937505D450FCAAD63F50465E, 42F95ED6154951AB5A2ED3CBDA2F1A7D8DC19C078E6A75D813D91749C2048A21 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 14:12:48.0051 0x0944 Wcmsvc - ok 14:12:48.0098 0x0944 [ A7F2B008F038EFFED5A847029852BC27, EC6C6DEC559AA0DD4307F87880939A84A4CFB13C73C92C444E9B53EBBDE80F79 ] wcncsvc C:\Windows\System32\wcncsvc.dll 14:12:48.0129 0x0944 wcncsvc - ok 14:12:48.0161 0x0944 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 14:12:48.0207 0x0944 WcsPlugInService - ok 14:12:48.0270 0x0944 [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 14:12:48.0286 0x0944 WdBoot - ok 14:12:48.0333 0x0944 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys 14:12:48.0364 0x0944 WDC_SAM - ok 14:12:48.0457 0x0944 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 14:12:48.0504 0x0944 Wdf01000 - ok 14:12:48.0520 0x0944 [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 14:12:48.0536 0x0944 WdFilter - ok 14:12:48.0583 0x0944 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll 14:12:48.0614 0x0944 WdiServiceHost - ok 14:12:48.0629 0x0944 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll 14:12:48.0645 0x0944 WdiSystemHost - ok 14:12:48.0661 0x0944 [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 14:12:48.0692 0x0944 WdNisDrv - ok 14:12:48.0708 0x0944 WdNisSvc - ok 14:12:48.0754 0x0944 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll 14:12:48.0832 0x0944 WebClient - ok 14:12:48.0879 0x0944 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll 14:12:48.0911 0x0944 Wecsvc - ok 14:12:48.0942 0x0944 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 14:12:49.0004 0x0944 WEPHOSTSVC - ok 14:12:49.0036 0x0944 [ AEAA74E34A2FFFA1E325E7BF757CD466, 0A3BABA3A294AEB8B40FE615B9B3E504EDB063352B2B1B8D2E788DAA85264AFE ] wercplsupport C:\Windows\System32\wercplsupport.dll 14:12:49.0082 0x0944 wercplsupport - ok 14:12:49.0114 0x0944 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll 14:12:49.0176 0x0944 WerSvc - ok 14:12:49.0208 0x0944 [ 726358A50EB2C6E72CF51E2C0D73421D, 532DEA4FC811664E1371C38A37BD95F7B5C49C5D70DD551DB316594F7F64C389 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 14:12:49.0239 0x0944 WFPLWFS - ok 14:12:49.0270 0x0944 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll 14:12:49.0301 0x0944 WiaRpc - ok 14:12:49.0317 0x0944 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 14:12:49.0332 0x0944 WIMMount - ok 14:12:49.0348 0x0944 WinDefend - ok 14:12:49.0411 0x0944 [ 403B0E82CCB383DD02D9987B7247EF28, BE7A731A0A96949ABA8ACB8FD6D29F5E1F8FF6BA227C6E99C5A2CAE25F9C7F2C ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 14:12:49.0457 0x0944 WinHttpAutoProxySvc - ok 14:12:49.0520 0x0944 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 14:12:49.0614 0x0944 Winmgmt - ok 14:12:49.0723 0x0944 [ F81B96E455847919D2382098157DC20A, EDB286730D4F3D535F1F0B738DB39230B05B133FAFDD2F4904AD5B57C2705106 ] WinRM C:\Windows\system32\WsmSvc.dll 14:12:49.0848 0x0944 WinRM - ok 14:12:49.0864 0x0944 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys 14:12:49.0911 0x0944 WinUsb - ok 14:12:50.0020 0x0944 [ B18C1859BE6A4F28F9814FADA9B84F0F, BD2914B80F3C17857ED375D85B0C20AAB8141779740B7EA652F4882F5D29BAB8 ] WlanSvc C:\Windows\System32\wlansvc.dll 14:12:50.0083 0x0944 WlanSvc - ok 14:12:50.0161 0x0944 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll 14:12:50.0223 0x0944 wlidsvc - ok 14:12:50.0254 0x0944 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 14:12:50.0286 0x0944 WmiAcpi - ok 14:12:50.0317 0x0944 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 14:12:50.0333 0x0944 wmiApSrv - ok 14:12:50.0348 0x0944 WMPNetworkSvc - ok 14:12:50.0395 0x0944 [ 07E621960FCD14CC222338955A9B38AE, 77256F86101902FE3851BE5A2DB00F3C64DBBD140FC1F406F1DD7605D16D6638 ] Wof C:\Windows\system32\drivers\Wof.sys 14:12:50.0411 0x0944 Wof - ok 14:12:50.0489 0x0944 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 14:12:50.0598 0x0944 workfolderssvc - ok 14:12:50.0645 0x0944 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 14:12:50.0661 0x0944 wpcfltr - ok 14:12:50.0692 0x0944 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll 14:12:50.0739 0x0944 WPCSvc - ok 14:12:50.0770 0x0944 [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 14:12:50.0833 0x0944 WPDBusEnum - ok 14:12:50.0864 0x0944 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 14:12:50.0879 0x0944 WpdUpFltr - ok 14:12:50.0911 0x0944 [ B710A85C63FF10E92A5A3EACFAB0778A, F5AE0B72F0281A7A8773282467C175FFE3E2E5FCE7190DE2E421E815EECD7486 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 14:12:50.0942 0x0944 ws2ifsl - ok 14:12:50.0989 0x0944 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll 14:12:51.0067 0x0944 wscsvc - ok 14:12:51.0114 0x0944 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys 14:12:51.0161 0x0944 WSDPrintDevice - ok 14:12:51.0192 0x0944 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 14:12:51.0223 0x0944 WSDScan - ok 14:12:51.0223 0x0944 WSearch - ok 14:12:51.0364 0x0944 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll 14:12:51.0504 0x0944 WSService - ok 14:12:51.0661 0x0944 [ AA49FD3D13A3A1BD78C359283818B187, D95AF89D9ABD898361076AA4D78FC7346408D917E110E83447291D1B61EB83E5 ] wuauserv C:\Windows\system32\wuaueng.dll 14:12:51.0817 0x0944 wuauserv - ok 14:12:51.0864 0x0944 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 14:12:51.0879 0x0944 WudfPf - ok 14:12:51.0926 0x0944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 14:12:51.0958 0x0944 WUDFRd - ok 14:12:51.0989 0x0944 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 14:12:52.0020 0x0944 wudfsvc - ok 14:12:52.0036 0x0944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys 14:12:52.0051 0x0944 WUDFWpdFs - ok 14:12:52.0067 0x0944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys 14:12:52.0083 0x0944 WUDFWpdMtp - ok 14:12:52.0129 0x0944 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll 14:12:52.0176 0x0944 WwanSvc - ok 14:12:52.0379 0x0944 [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 14:12:52.0489 0x0944 ZeroConfigService - ok 14:12:52.0520 0x0944 ================ Scan global =============================== 14:12:52.0567 0x0944 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll 14:12:52.0614 0x0944 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll 14:12:52.0661 0x0944 [ C19844E998F5AFDEB9C29AF1873E4112, 24E3F1165114971C4862A58483D4CB620D8D20E994147EF932207CAD39AC3AB1 ] C:\Windows\system32\sxssrv.dll 14:12:52.0723 0x0944 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe 14:12:52.0723 0x0944 [ Global ] - ok 14:12:52.0723 0x0944 ================ Scan MBR ================================== 14:12:52.0739 0x0944 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 14:12:52.0833 0x0944 \Device\Harddisk0\DR0 - ok 14:12:52.0833 0x0944 ================ Scan VBR ================================== 14:12:52.0848 0x0944 [ 36A2927B66432B98B6F8687F7999E33C ] \Device\Harddisk0\DR0\Partition1 14:12:52.0848 0x0944 \Device\Harddisk0\DR0\Partition1 - ok 14:12:52.0879 0x0944 [ 9CB64B466D9F8DC77B59480233776B99 ] \Device\Harddisk0\DR0\Partition2 14:12:52.0879 0x0944 \Device\Harddisk0\DR0\Partition2 - ok 14:12:52.0895 0x0944 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 14:12:52.0895 0x0944 \Device\Harddisk0\DR0\Partition3 - ok 14:12:52.0895 0x0944 [ 56C34A6AB07525AF0C6F51229E07136E ] \Device\Harddisk0\DR0\Partition4 14:12:52.0895 0x0944 \Device\Harddisk0\DR0\Partition4 - ok 14:12:52.0911 0x0944 [ 45467ABB403E96A81B7E89FBEDA137DD ] \Device\Harddisk0\DR0\Partition5 14:12:52.0926 0x0944 \Device\Harddisk0\DR0\Partition5 - ok 14:12:52.0942 0x0944 [ 945812C8FBEEC454957296E2019083DF ] \Device\Harddisk0\DR0\Partition6 14:12:52.0942 0x0944 \Device\Harddisk0\DR0\Partition6 - ok 14:12:52.0942 0x0944 ================ Scan generic autorun ====================== 14:12:52.0989 0x0944 [ 7C17C957880958754F70963E3C8EABBD, F933F2AD913811DE5C1340CB7E76E53F6F3A2AE27943B6AAE0A1A250DA70B439 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 14:12:53.0020 0x0944 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:53.0098 0x0944 Detect skipped due to KSN trusted 14:12:53.0098 0x0944 IAStorIcon - ok 14:12:53.0114 0x0944 ETDCtrl - ok 14:12:53.0114 0x0944 BTMTrayAgent - ok 14:12:53.0583 0x0944 [ 6BCE148DE6670CFB44828B8497E089F6, 150899C8FCBF57BD61794638149D8C14738AB915CA4470E2B65E766BBE4CF171 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 14:12:54.0036 0x0944 RtHDVCpl - ok 14:12:54.0161 0x0944 [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 14:12:54.0208 0x0944 RtHDVBg_Dolby - ok 14:12:54.0348 0x0944 [ DE91AA01B01FF8F5837C46EF0B51B57F, C896865F9C0613286C01AA3183D37B25C324D64963A2B1EE0CFA91100822D086 ] C:\Anwendungen\Video-Audio\Greenshot\Greenshot.exe 14:12:54.0395 0x0944 Greenshot - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:54.0458 0x0944 Detect skipped due to KSN trusted 14:12:54.0458 0x0944 Greenshot - ok 14:12:54.0520 0x0944 [ 4E9AF25BA5E8219310E384AEA5B0EED8, 743062F755E7A88BA394E96CA26A988CCFDF73B441B779B3149D54A769CBC411 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 14:12:54.0551 0x0944 CLMLServer_For_P2G8 - ok 14:12:54.0583 0x0944 [ B69D9FA1CF97A80109FA8D1152552AB6, D56A4B0DCDF7CF6417520622FE365641A3E66C69DB1D3FD388668796430DABDE ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe 14:12:54.0614 0x0944 CLVirtualDrive - ok 14:12:54.0614 0x0944 PowerDVD12Agent - ok 14:12:54.0661 0x0944 [ 85778366674083C3070834AE7A917214, 8778B467ED60839129CB01F380A53F2167536525DF3DEBC393CFF5B91C90069E ] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe 14:12:54.0676 0x0944 YouCam Service - ok 14:12:54.0770 0x0944 [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 14:12:54.0817 0x0944 Adobe ARM - ok 14:12:54.0911 0x0944 [ A21E70B4F972CA396A80013D0D436350, EE9C6A43895BBFE901CE8055E166064D1F38F196F4F8342DBED43D9E2A1E855E ] C:\Anwendungen\Adobe Acrobat\Acrobat\Acrotray.exe 14:12:54.0958 0x0944 Acrobat Assistant 8.0 - ok 14:12:55.0067 0x0944 [ 40F7401928355A1515199676A5D00CDC, 4F16DE77F0BD7D1F9F61AE5712B3FD7BD53D19DCCEF88925E10180EF040A8E0B ] C:\Users\Michael\AppData\Local\Apps\2.0\NKOB9MBP.9T6\K3NGK8DG.JTB\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\AVMAutoStart.exe 14:12:55.0067 0x0944 AVMUSBFernanschluss - detected UnsignedFile.Multi.Generic ( 1 ) 14:12:55.0161 0x0944 Detect skipped due to KSN trusted 14:12:55.0161 0x0944 AVMUSBFernanschluss - ok 14:12:55.0364 0x0944 [ 0128B369B3890B4FFBE47A39CECBAC7E, 611A90592A0CBAEC2113D57E4CE63112310298DC14E26002C6D4D656407E55B0 ] C:\Anwendungen\Spiele\Steam.exe 14:12:55.0458 0x0944 Steam - ok 14:12:55.0489 0x0944 GarminExpressTrayApp - ok 14:12:55.0489 0x0944 Adobe Speed Launcher - ok 14:12:55.0489 0x0944 Waiting for KSN requests completion. In queue: 166 14:12:56.0520 0x0944 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe ( 15.0.1910.1634 ), 0x41000 ( enabled : updated ) 14:12:56.0551 0x0944 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60110 ( disabled : outofdate ) 14:12:56.0645 0x0944 Win FW state via NFP2: enabled ( trusted ) 14:12:56.0770 0x0944 ============================================================ 14:12:56.0770 0x0944 Scan finished 14:12:56.0770 0x0944 ============================================================ 14:12:56.0786 0x02d8 Detected object count: 0 14:12:56.0786 0x02d8 Actual detected object count: 0 ich habe die oben beschriebenen Probleme nun mit folgenden Plattformen/Diensten/... gehabt. - Ebay - Ebay-Kleinanzeigen - Amazon - Freenet.de (Postfach) - Steam - Gmail Was mich verwundert ist die Vielzahl der Probleme mit den verschiedensten Zugängen/Accounts in der kurzen Zeit (<2 Tage)... Gruß Michael Geändert von m.w. (24.11.2019 um 19:34 Uhr) |
24.11.2019, 21:02 | #7 |
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. |
24.11.2019, 21:40 | #8 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias, hier die AdwCleaner-Logdatei: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.4.2.0 # ------------------------------- # Build: 10-21-2019 # Database: 2019-11-20.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-24-2019 # Duration: 00:00:13 # OS: Windows 8.1 # Cleaned: 12 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8 Deleted C:\Users\Michael\AppData\Local\Temp\DMR Deleted C:\Users\Michael\Start Menu\Programs\SpyHunter ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885} Deleted HKCU\Software\SpeedMon Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Deleted HKLM\Software\SecurityUtility Deleted HKLM\Software\Wow6432Node\SecurityUtility Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\PicexaService ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset Chromium Policies [+] Reset IE Policies [+] Reset Winsock ************************* AdwCleaner_Debug.log - [23375 octets] - [24/11/2019 21:26:35] AdwCleaner[S00].txt - [5383 octets] - [24/11/2019 21:31:28] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Gruß Michael |
25.11.2019, 13:48 | #9 |
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Schritt 3 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. |
25.11.2019, 19:45 | #10 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias, hier das Malwarebytes Protokoll: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/25/19 Scan Time: 7:02 PM Log File: ce23b2b2-0fad-11ea-89bc-34de1a0b3253.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.750 Update Package Version: 1.0.15396 License: Free -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: MICHAEL\Michael -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 310904 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 24 min, 35 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) In diesem Zuge.... Ich habe mal über den "HPI Identity Leak Checker" (hoffe der ist vertrauenswürdig...) meine Emailadresse überprüft. Scheinbar taucht diese Emailadresse in einer gestohlenen Identitätsdatenbank auf. Gruß Michael |
25.11.2019, 20:26 | #11 | |
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sichZitat:
Dann solltest du dir überall neue Konten mit neuen Passwörtern anlegen. Wie gesagt, die Logdateien sehen gut aus. Schritt 4
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt: Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst... Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
25.11.2019, 21:59 | #12 | ||
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias, hier die fixlog.txt von FRST: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-11-2019 durchgeführt von Michael (25-11-2019 20:36:17) Run:1 Gestartet von C:\Users\Michael\Desktop Geladene Profile: Michael (Verfügbare Profile: Michael & Sicheres Internet) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** DeleteQuarantine: Reboot: ***************** "C:\FRST\Quarantine" => erfolgreich entfernt Das System musste neu gestartet werden. ==== Ende von Fixlog 20:36:17 ==== Du schriebst: Zitat:
Habe mehrere neue Emailkonten eingerichtet und verschiebe gerade meine diversen Accounts. Hoffe das hilft. Der Freenet-Account wird abschließend gelöscht. Zitat:
Sage aber an dieser Stelle bereits: VIELEN LIEBEN DANK FÜR DIE TOLLE HILFE!!! Gruß Michael NACHTRAG: Hallo Matthias, habe den Cleanup laufen lassen. Bis auf "MBSetup" und "Malwarebytes" wurde alles automatisch entfernt. Soll ich diese beiden von Hand löschen? Die Sicherheitsmaßnahmen werde ich mir sorgfältig durchlesen. ...und die Spende werde ich gerne leisten!!! Noch einmal vielen, vielen Dank für deine Mühe!!!! Gruß Michael NACHTRAG-2 Hallo Matthias, in den Tipps wird ja von Windows-10 ausgegangen. Ich nutze jedoch Windows-8.1. Hier habe ich die "Windows-Firewall" aktiviert und nutze zusätzlich "AVIRA Free". Ist das OK, oder gibt es etwas sinnvolleres? Bereits vorab vielen Dank! Gruß Michael |
26.11.2019, 15:07 | #13 | ||
/// TB-Ausbilder | Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sichZitat:
Mit diesem Tool kannst du wöchentliche Suchläufe durchführen. Zitat:
Wir empfehlen nur noch den Windows Defender und die Windows Firewall. Sobald du Avira deinstalliert hast, sollte sich der Windows Defender automatisch aktivieren. Ich bin froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
26.11.2019, 18:26 | #14 |
| Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich Hallo Matthias, alles klar und vielen Dank! Gruß Michael |
Themen zu Windows 8.1 - Kennwörter für Anwendungen (z.B. Ebay) ändern sich |
adobe, antivirus, avdevprot, avg, avira, defender, desktop, ebay, explorer, internet, mozilla, problem, prozesse, realtek, registry, rundll, scan, schutz, sigcheck, siteadvisor, software, temp, udp, updates, warnung, windows, windowsapps, wmi |