Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.12.2015, 13:01   #1
Isssssaaaaaa
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Hallo an alle!

Leider ist mir am Wochenende eines meiner Online-Konten gehackt worden und ich bin Opfer eines Betruges geworden. Nun liegt der Gedanke nahe, dass ich mir einen Trojaner oder Spyware eingefangen habe. Aus diesem Grunde wäre es klasse, wenn mir jemand von euch helfen könnte. Vielen Dank schon mal!

Viele Grüße,
Isa

FRST.txt
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Isabell (Administrator) auf ISABELLS-PC (21-12-2015 13:46:27)
Gestartet von C:\Users\Isabell\Desktop
Geladene Profile: Isabell (Verfügbare Profile: Isabell)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Windows\System32\atwtusb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Windows\System32\atwtusb.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\System32\WTMKM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-08-21] (Lenovo)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-08-21] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2011-08-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2011-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] => C:\windows\system32\WTMKM.exe [7329792 2011-06-01] ()
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [336384 2009-12-28] (Lenovo)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-09-27] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-08-21] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2014-01-30] (ABBYY Production LLC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\RunOnce: [Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-08-21] ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0C147314-7CF6-4038-AF7E-2DC2EB3D3DF5}: [DhcpNameServer] 61.13.0.10 61.13.0.99
Tcpip\..\Interfaces\{73C71C4B-D366-4C88-972C-216C89C05785}: [DhcpNameServer] 192.168.178.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D042915-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2273105235-2498622047-140709370-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D042915-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2273105235-2498622047-140709370-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D042915-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2273105235-2498622047-140709370-1000 -> {8AEC627D-2EEB-43BC-9DFF-9A6B28DB978F} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d419695f000000000000e2df9ae5011b&r=956
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-10-15] (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
Toolbar: HKU\S-1-5-21-2273105235-2498622047-140709370-1000 -> Kein Name - {41564952-412D-5637-00A7-7A786E7484D7} - Keine Datei
 
FireFox:
========
FF ProfilePath: C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\windows\system32\npDeployJava1.dll [2013-05-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF SearchPlugin: C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\searchplugins\google-default.xml [2015-04-29]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\extensions\2020Player_IKEA@2020Technologies.com [2014-04-22] [ist nicht signiert]
FF Extension: Google Translator for Firefox - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\extensions\translator@zoli.bod.xpi [2015-07-09]
FF Extension: WEB.DE MailCheck - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\extensions\mailcheck@web.de [2015-12-17]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-03] [ist nicht signiert]
FF Extension: Video DownloadHelper - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-02]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-11-26] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-08] [ist nicht signiert]
FF HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Isabell\AppData\Roaming\Mozilla\Firefox\Profiles\mds0wjwu.default\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-03] [ist nicht signiert]
 
Chrome: 
=======
CHR Profile: C:\Users\Isabell\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Isabell\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-20]
 
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTService; C:\windows\system32\atwtusb.exe [916992 2011-04-27] () [Datei ist nicht signiert]
 
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-15] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-09-27] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-09-27] (Vimicro Corporation)
U3 BcmSqlStartupSvc; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; kein ImagePath
U2 CLKMSVC10_C3B3B687; kein ImagePath
U2 DriverService; kein ImagePath
S0 fbfmon; system32\drivers\fbfmon.sys [X]
U2 IAStorDataMgrSvc; kein ImagePath
U2 iATAgentService; kein ImagePath
U2 idealife Update Service; kein ImagePath
U3 IGRS; kein ImagePath
U2 IviRegMgr; kein ImagePath
U2 nvUpdatusService; kein ImagePath
U2 Oasis2Service; kein ImagePath
U2 PCCarerService; kein ImagePath
U2 ReadyComm.DirectRouter; kein ImagePath
U2 RichVideo; kein ImagePath
U2 RtLedService; kein ImagePath
U2 SeaPort; kein ImagePath
U2 SoftwareService; kein ImagePath
U3 SQLWriter; kein ImagePath
U2 Stereo Service; kein ImagePath
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2015-12-21 13:46 - 2015-12-21 13:47 - 00028182 _____ C:\Users\Isabell\Desktop\FRST.txt
2015-12-21 13:46 - 2015-12-21 13:46 - 00000000 ____D C:\FRST
2015-12-21 13:44 - 2015-12-21 13:44 - 02370560 _____ (Farbar) C:\Users\Isabell\Desktop\FRST64.exe
2015-12-15 20:34 - 2015-12-15 20:34 - 00000000 ____D C:\Users\Isabell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-15 15:30 - 2015-12-15 20:36 - 00000000 ____D C:\ProgramData\tmp
2015-12-15 15:30 - 2015-12-15 17:56 - 00000000 ____D C:\ProgramData\hps
2015-12-15 15:30 - 2015-12-15 15:30 - 00001031 _____ C:\Users\Public\Desktop\Mein CEWE FOTOBUCH.lnk
2015-12-15 15:30 - 2015-12-15 15:30 - 00001011 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2015-12-15 15:30 - 2015-12-15 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mein CEWE FOTOBUCH
2015-12-15 15:23 - 2015-12-15 15:23 - 00000000 ____D C:\Program Files\CEWE
2015-12-15 14:50 - 2015-12-15 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-09 19:37 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-12-09 19:37 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-12-09 19:37 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-12-09 19:37 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-12-09 19:37 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-12-09 19:37 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-12-09 19:37 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-12-09 19:37 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-12-09 19:37 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-12-09 19:37 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-12-09 19:37 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-12-09 19:37 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-12-09 19:37 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-12-09 19:36 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-12-09 19:36 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-12-09 19:36 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-09 19:36 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-09 19:36 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-09 19:36 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-09 19:36 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-12-09 19:36 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-12-09 19:36 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-12-09 19:36 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-12-09 19:36 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-12-09 19:36 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-12-09 19:36 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-12-09 19:36 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-12-09 19:36 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-12-09 19:36 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2015-12-09 19:36 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-12-09 19:36 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2015-12-09 19:36 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-12-09 19:36 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-12-09 19:36 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-12-09 19:36 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-12-09 19:36 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-12-09 19:36 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-12-09 19:36 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-12-09 19:36 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-12-09 19:36 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-12-09 19:36 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-12-09 19:36 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-12-09 19:36 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-12-09 19:36 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-12-09 19:36 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-12-09 19:36 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 19:36 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-12-09 19:36 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-12-09 19:36 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-12-09 19:36 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-12-09 19:36 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-12-09 19:36 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-12-09 19:36 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-12-09 19:36 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-12-09 19:36 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-12-09 19:36 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-12-09 19:36 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-12-09 19:36 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-12-09 19:36 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-12-09 19:36 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-12-09 19:36 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-12-09 19:36 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-12-09 19:36 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-12-09 19:36 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-12-09 19:36 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-12-09 19:36 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-12-09 19:36 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-12-09 19:36 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-12-09 19:36 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-12-09 19:36 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-12-09 19:36 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-12-09 19:36 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-12-09 19:36 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-12-09 19:36 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-12-09 19:36 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 19:36 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-12-09 19:36 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-12-09 19:36 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-12-09 19:36 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-12-09 19:36 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-12-09 19:36 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-12-09 19:36 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-12-09 19:36 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-12-09 19:36 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-12-09 19:36 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-12-09 19:36 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-12-09 19:36 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-12-09 19:36 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2015-12-09 19:36 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2015-12-09 19:36 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2015-12-09 19:36 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2015-12-09 19:36 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2015-12-09 19:36 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2015-12-09 19:36 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2015-12-09 19:36 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2015-12-09 19:36 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-09 19:36 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-09 19:36 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2015-12-09 19:36 - 2015-10-08 20:13 - 00419928 _____ C:\windows\SysWOW64\locale.nls
2015-12-09 19:36 - 2015-10-08 19:52 - 00419928 _____ C:\windows\system32\locale.nls
2015-12-09 19:35 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2015-12-09 19:35 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2015-12-01 06:51 - 2015-12-01 06:52 - 00266288 _____ C:\windows\Minidump\120115-18626-01.dmp
2015-11-29 12:10 - 2010-03-13 08:57 - 00174128 _____ C:\Users\Isabell\Desktop\Kingthings Christmas.ttf
2015-11-25 16:35 - 2015-11-25 16:35 - 01584406 _____ C:\Users\Isabell\Desktop\WELT_A.pdf
2015-11-22 21:29 - 2015-11-22 21:30 - 46456457 _____ C:\Users\Isabell\Desktop\Plakat_ISV_05.12.pdf
2015-11-22 21:28 - 2015-11-22 21:28 - 46460813 _____ C:\Users\Isabell\Desktop\Plakat_ISV_26.11.pdf
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2015-12-21 13:46 - 2009-07-14 05:45 - 00028704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 13:46 - 2009-07-14 05:45 - 00028704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 13:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-21 13:43 - 2012-04-02 11:51 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-21 13:41 - 2011-12-21 21:49 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 13:39 - 2011-08-22 00:18 - 22865766 _____ C:\windows\system32\perfh007.dat
2015-12-21 13:39 - 2011-08-22 00:18 - 07372658 _____ C:\windows\system32\perfc007.dat
2015-12-21 13:39 - 2009-07-14 06:13 - 00006268 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-21 13:36 - 2015-08-02 14:45 - 00000000 ___RD C:\Users\Isabell\Creative Cloud Files
2015-12-21 13:36 - 2015-08-02 14:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-21 13:35 - 2011-12-21 21:49 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 13:35 - 2011-10-13 10:51 - 00000374 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-12-21 13:35 - 2011-08-21 17:07 - 00000000 ____D C:\ProgramData\VeriFace
2015-12-21 13:35 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-21 13:35 - 2009-07-14 03:34 - 00000493 _____ C:\windows\win.ini
2015-12-21 12:24 - 2015-06-17 12:09 - 00001232 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000UA.job
2015-12-19 13:28 - 2011-10-13 09:44 - 00000000 ____D C:\Users\Isabell\AppData\Local\Adobe
2015-12-18 06:43 - 2015-04-07 12:50 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-12-18 06:43 - 2015-04-07 12:50 - 00000000 ___SD C:\windows\system32\GWX
2015-12-17 20:24 - 2015-06-17 12:09 - 00001180 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000Core.job
2015-12-15 20:34 - 2014-05-08 20:35 - 00000000 ____D C:\Users\Isabell\AppData\Roaming\Dropbox
2015-12-15 18:55 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2015-12-15 14:50 - 2015-05-20 17:39 - 00002006 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-15 14:47 - 2013-08-13 09:46 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-15 14:47 - 2013-08-13 09:46 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-15 14:47 - 2013-08-13 09:46 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-12-14 18:00 - 2009-07-14 05:45 - 05123184 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-14 17:58 - 2015-11-02 21:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 14:17 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-12 12:43 - 2012-04-02 11:51 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-12 12:43 - 2012-04-02 11:51 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-12 12:43 - 2011-10-13 12:09 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-12 12:26 - 2015-11-02 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-12 12:25 - 2015-11-02 21:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 12:25 - 2011-10-26 07:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-12 12:21 - 2013-09-06 18:23 - 00000000 ____D C:\windows\system32\MRT
2015-12-12 12:04 - 2011-11-29 08:52 - 140158008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-12-08 15:56 - 2014-03-25 17:33 - 00000000 ____D C:\Users\Isabell\AppData\Local\ElevatedDiagnostics
2015-12-06 12:36 - 2011-12-21 21:49 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 12:36 - 2011-12-21 21:49 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 16:21 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-12-01 06:51 - 2013-12-15 13:35 - 411323014 _____ C:\windows\MEMORY.DMP
2015-12-01 06:51 - 2013-12-15 13:35 - 00000000 ____D C:\windows\Minidump
2015-11-29 15:11 - 2011-10-13 15:29 - 00131632 _____ C:\Users\Isabell\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-29 11:36 - 2015-10-06 12:17 - 00000000 ____D C:\Users\Isabell\Desktop\Crunchtime
2015-11-28 13:17 - 2015-09-23 15:40 - 00000000 ____D C:\windows\pss
2015-11-28 11:24 - 2014-05-08 20:37 - 00000000 ___RD C:\Users\Isabell\Dropbox
2015-11-23 21:27 - 2013-04-04 14:17 - 00008192 _____ C:\Users\Isabell\Downloads\Bewerbung.pdf
2015-11-23 16:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-11-22 21:27 - 2015-11-09 19:51 - 46446027 _____ C:\Users\Isabell\Desktop\Plakat_ISV.pdf
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2012-08-09 18:03 - 2012-08-09 18:03 - 0043672 _____ () C:\ProgramData\dudenbib.wav
 
Einige Dateien in TEMP:
====================
C:\Users\Isabell\AppData\Local\Temp\avgnt.exe
C:\Users\Isabell\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf2wf6i.dll
 
 
==================== Bamital & volsnap =================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 
LastRegBack: 2015-12-15 18:35
 
==================== Ende von FRST.txt ============================
         
--- --- ---

Addition.txtFRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Isabell (2015-12-21 13:48:05)
Gestartet von C:\Users\Isabell\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-13 14:29:07)
Start-Modus: Normal
==========================================================
 
 
==================== Konten: =============================
 
Administrator (S-1-5-21-2273105235-2498622047-140709370-500 - Administrator - Disabled)
Gast (S-1-5-21-2273105235-2498622047-140709370-501 - Limited - Disabled)
Isabell (S-1-5-21-2273105235-2498622047-140709370-1000 - Administrator - Enabled) => C:\Users\Isabell
 
==================== Sicherheits-Center ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installierte Programme ======================
 
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0.1.105 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 600F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802) (Version: - )
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.11 - Cliqz.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der Restaurant-Manager 1.5 Vollversion.de Edition (HKLM-x32\...\ST6UNST #1) (Version: - )
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 3.1.0 - Imagon GmbH)
Dropbox (HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Duden-Rechtschreibprüfung (HKLM-x32\...\{BF420B0C-DD5B-4ACD-AD7A-CB8F25CA0D2F}) (Version: 8.031.31 - Bibliographisches Institut GmbH)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Energy Management (x32 Version: 6.0.1.6 - Lenovo) Hidden
FloorPlan 3D V.9 (HKLM-x32\...\{B22C0B70-6EE0-4027-A16B-4023C5C5B747}) (Version: 9.0 - IMSI)
Free YouTube Download version 3.2.58.415 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.415 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo MuteSync (HKLM-x32\...\InstallShield_{C39EF9B4-0C4F-4D48-8665-8FD45BFF3961}) (Version: 1.0.0.3 - Lenovo)
Lenovo MuteSync (x32 Version: 1.0.0.3 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2273105235-2498622047-140709370-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
ODF Add-In für Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.8 - Lenovo) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6301 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.00 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0000 - SRS Labs, Inc.)
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.4 - Synaptics Incorporated)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version: 4.13 - )
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
 
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2273105235-2498622047-140709370-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Isabell\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Wiederherstellungspunkte =========================
 
01-12-2015 06:38:49 Windows Update
04-12-2015 17:48:31 Windows Update
08-12-2015 14:42:05 Windows Update
12-12-2015 12:00:20 Windows Update
15-12-2015 14:43:41 Windows Update
18-12-2015 06:42:33 Windows Update
19-12-2015 12:48:27 Windows Update
 
==================== Hosts Inhalt: ===============================
 
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 
2009-07-14 03:34 - 2013-03-02 11:30 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
Task: {024EF429-5345-423E-A786-54F536E13BCE} - System32\Tasks\{CA766526-C28A-46F9-BA9E-192A3FCEB232} => pcalua.exe -a C:\Users\Isabell\Downloads\lide600fvst1212ea15.exe -d C:\Users\Isabell\Downloads
Task: {09E6D650-1319-4C91-BA51-9393CCB2E0B7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {0B755E36-7947-48E7-8020-46BC776C2B78} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-12] (Adobe Systems Incorporated)
Task: {1152A8B3-5019-4B81-9652-E98F3FBBCCD7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {2E7AAA74-EC24-43EB-857B-2E7DBD4720EA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000Core => C:\Users\Isabell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {2F77D600-3635-4139-9C3F-BB897AB6F6F0} - System32\Tasks\AdobeAAMUpdater-1.0-Isabells-PC-Isabell => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {301932DB-168C-4C29-AC4D-4F2051DF4FAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000UA => C:\Users\Isabell\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {566D44C2-E578-44D4-9816-0EF63D3026AB} - System32\Tasks\{CB8BB4A3-A7E6-4606-8547-AE10525DB2DB} => C:\Program Files (x86)\Adobe\Adobe InDesign CS2\InDesign.exe
Task: {6FABBDD1-57BE-43DA-89FD-533ABB41C4AC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {71698574-937A-41CF-A3B6-C5FC7EB91243} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {776B753F-60A0-4D07-B531-97DC0F588568} - System32\Tasks\{0FB6F1F8-18BE-4419-BECA-726C77A1CC87} => C:\Program Files (x86)\Adobe\Adobe InDesign CS2\InDesign.exe
Task: {8C00CDE5-571E-4587-B9D2-AD55C129D97D} - System32\Tasks\{F6CFECC9-5738-483A-8298-4A262B5906D9} => pcalua.exe -a C:\Users\Isabell\Downloads\KDZ.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9D2851EF-45D9-4DDC-B4B4-DEA12C0DBF32} - System32\Tasks\{E3A6921A-061F-4C85-96D0-11DFC85C060A} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\RestaurantManager\ST6UNST.LOG"
Task: {ADCB3254-6373-4EC4-ABF2-5F8296E61E42} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E5128588-8791-4465-9C4F-DBE95EDA17E1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {EBB77309-9C9A-476B-A02D-4117BEFF3CD7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F71F117C-FDA6-4D9C-B467-9FC452677D4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000Core.job => C:\Users\Isabell\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2273105235-2498622047-140709370-1000UA.job => C:\Users\Isabell\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Verknüpfungen =============================
 
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 
2012-06-13 14:43 - 2011-04-27 08:23 - 00916992 _____ () C:\windows\system32\atwtusb.exe
2011-02-16 18:56 - 2011-02-16 18:56 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-02-16 19:01 - 2011-02-16 19:01 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-03-04 11:17 - 2011-01-27 01:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 04:20 - 2011-08-21 17:16 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2011-08-21 17:16 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-06-13 14:42 - 2011-06-01 02:47 - 07329792 _____ () C:\Windows\System32\WTMKM.exe
2011-08-21 17:05 - 2011-08-21 17:05 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2015-09-11 18:01 - 2015-09-11 18:01 - 31958688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-21 17:06 - 2011-08-21 17:06 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2011-02-16 18:51 - 2011-02-16 18:51 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-02-16 18:53 - 2011-02-16 18:53 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
 
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 
==================== Andere Bereiche ============================
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
HKU\S-1-5-21-2273105235-2498622047-140709370-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Isabell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
 
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Isabell^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Isabell\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OneDrive => "C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
 
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
FirewallRules: [{22D50CAA-E052-48CF-AB55-58DA159D56C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5083CCEF-1E38-4AFC-A564-8BF542D90A5D}] => (Allow) LPort=2869
FirewallRules: [{C8F3C6DB-20C4-41DE-848A-A6E8854E1F9B}] => (Allow) LPort=1900
FirewallRules: [{2A2163AD-E05B-473D-9AF3-83865A6E6B1B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{35799166-13C1-43A5-ADFF-5259B0003164}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{2C2BE2BE-BBA1-4112-9DB5-ABFBCF53E1C4}C:\program files (x86)\secretcity 3dchat\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\secretcity 3dchat\utherverse vww client\utherverse.exe
FirewallRules: [UDP Query User{03E19680-1046-48A7-B413-69BC0487C9D3}C:\program files (x86)\secretcity 3dchat\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\secretcity 3dchat\utherverse vww client\utherverse.exe
FirewallRules: [{C62AD123-1646-48C4-ABFD-B7E4CD3A2C8F}] => (Allow) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
FirewallRules: [{D7B3A1C7-160C-44E0-8ABF-6D3BDF1DDA1A}] => (Allow) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
FirewallRules: [{71813264-AFA5-406A-8550-C5891DC15B0F}] => (Allow) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
FirewallRules: [{1EA24728-006B-4509-998B-6B74483F9EFC}] => (Allow) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
FirewallRules: [{1C12B11A-8152-4BDB-8D44-3510DDC9C1E6}] => (Allow) C:\Program Files (x86)\Anno 1701\Anno1701.exe
FirewallRules: [{2C8AA489-6AEF-4153-8C01-27DDED1ECCF3}] => (Allow) C:\Program Files (x86)\Anno 1701\Anno1701.exe
FirewallRules: [{D3E5FBEA-591A-43DE-B958-D94EA974444B}] => (Allow) C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe
FirewallRules: [{F289FAEA-93A2-4913-BFDB-380478A0DAED}] => (Allow) C:\Program Files (x86)\Anno 1701\Anno1701AddOn.exe
FirewallRules: [{30F2A891-9813-44FE-9F9E-3B45916AC0C0}] => (Allow) C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{25ACC779-AA69-4353-99F6-14B1416D603C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D800898-9471-4FFD-A962-A3E0EF92885B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01A90B8B-D3CC-4F12-9120-5495D8459BB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2913CDA7-5128-4886-8CD8-4FF6BDA801DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7B01BB20-82D5-4CF5-855B-120809770D28}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{0B6636CF-273F-4455-9C9E-52A9318D613F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{AF45FAEF-BCC6-43A8-9B01-4D15F81DC9A3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{DD7C509F-273B-4BB7-A960-2E37F42580B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{86B7A138-B7A1-486C-BF37-065F6D3D9223}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{B43FBAAB-C91D-4599-83C5-B4845FFCBB3A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{8AF5559B-003F-4B61-ABA7-8A6F891F77D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{267D52BF-012F-4A06-96B0-A1250CC8B37C}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{37E2BD40-32F7-41B9-9C72-29E083C69181}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{2AD20D6A-B188-4E97-B7DD-FE5E33ABF03C}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{EC7BA3F4-257F-4750-BD85-357EE0D0A967}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{85036D32-B6A3-4025-A03C-876291900DF0}] => (Allow) C:\Users\Isabell\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C700E8B0-B2DB-469E-A92C-E0557542418A}] => (Allow) C:\Users\Isabell\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DFD82C68-2376-4F90-B19F-6AE39DA5EE32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F5330E3-2272-4D9C-9531-55C7C1F18349}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E40215E6-9594-47FA-B268-23D24713D9D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6D4E3019-0DFF-4F87-8F9C-7DC97EF5AF8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFA414BD-E145-46B4-8A8B-2AC5109E67B0}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{0670123E-68BD-4D66-8057-224A06D3DE17}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{F5BDA19E-0490-442D-A29D-DFDBF837C93C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F57A5C2-0042-49DB-8983-E3AD6C4F74D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Fehlerhafte Geräte im Gerätemanager =============
 
Name: Broadcom Bluetooth 2.1 USB
Description: Broadcom Bluetooth 2.1 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
 
Applikationsfehler:
==================
Error: (12/21/2015 01:39:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error: (12/21/2015 01:39:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error: (12/21/2015 01:39:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error: (12/21/2015 01:38:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error: (12/21/2015 01:38:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error: (12/21/2015 01:38:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error: (12/21/2015 01:35:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/21/2015 12:42:46 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (12/21/2015 11:47:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error: (12/21/2015 11:47:26 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
 
Systemfehler:
=============
Error: (12/21/2015 01:35:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
fbfmon
 
Error: (12/21/2015 11:43:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
fbfmon
 
Error: (12/19/2015 12:47:12 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (12/19/2015 12:45:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
fbfmon
 
Error: (12/18/2015 06:41:18 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (12/18/2015 06:39:40 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (12/18/2015 06:39:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
fbfmon
 
Error: (12/17/2015 08:12:09 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (12/17/2015 08:10:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
fbfmon
 
Error: (12/16/2015 06:49:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
CodeIntegrity:
===================================
Date: 2013-03-02 11:28:11.629
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
Date: 2013-03-02 11:28:11.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 
==================== Speicherinformationen =========================== 
 
Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 4000.58 MB
Verfügbarer physikalischer RAM: 2113.09 MB
Summe virtueller Speicher: 7999.36 MB
Verfügbarer virtueller Speicher: 5826.93 MB
 
==================== Laufwerke ================================
 
Drive c: () (Fixed) (Total:420.33 GB) (Free:222.16 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:28.26 GB) NTFS
 
==================== MBR & Partitionstabelle ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 267B5502)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
 
==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 21.12.2015, 17:42   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 21.12.2015, 18:20   #3
Isssssaaaaaa
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Scanergebnisse



Hallo Jürgen,

zuerst vielen Dank, dass Du Dich meiner annimmst! Ich habe den Scan durchgeführt und hier ist mein Report.

19:13:42.0481 0x17f4 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:13:55.0180 0x17f4 ============================================================
19:13:55.0180 0x17f4 Current date / time: 2015/12/21 19:13:55.0180
19:13:55.0180 0x17f4 SystemInfo:
19:13:55.0180 0x17f4
19:13:55.0180 0x17f4 OS Version: 6.1.7601 ServicePack: 1.0
19:13:55.0180 0x17f4 Product type: Workstation
19:13:55.0180 0x17f4 ComputerName: ISABELLS-PC
19:13:55.0180 0x17f4 UserName: Isabell
19:13:55.0180 0x17f4 Windows directory: C:\windows
19:13:55.0180 0x17f4 System windows directory: C:\windows
19:13:55.0180 0x17f4 Running under WOW64
19:13:55.0180 0x17f4 Processor architecture: Intel x64
19:13:55.0180 0x17f4 Number of processors: 4
19:13:55.0180 0x17f4 Page size: 0x1000
19:13:55.0180 0x17f4 Boot type: Normal boot
19:13:55.0180 0x17f4 ============================================================
19:13:55.0472 0x17f4 KLMD registered as C:\windows\system32\drivers\83797576.sys
19:13:55.0846 0x17f4 System UUID: {A27D4557-B46B-C897-FAE4-2AEA53171F74}
19:13:56.0372 0x17f4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:13:56.0377 0x17f4 ============================================================
19:13:56.0377 0x17f4 \Device\Harddisk0\DR0:
19:13:56.0377 0x17f4 MBR partitions:
19:13:56.0378 0x17f4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
19:13:56.0378 0x17f4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x348AA000
19:13:56.0404 0x17f4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3490F000, BlocksNum 0x3CF4800
19:13:56.0404 0x17f4 ============================================================
19:13:56.0454 0x17f4 C: <-> \Device\Harddisk0\DR0\Partition2
19:13:56.0488 0x17f4 D: <-> \Device\Harddisk0\DR0\Partition3
19:13:56.0488 0x17f4 ============================================================
19:13:56.0488 0x17f4 Initialize success
19:13:56.0488 0x17f4 ============================================================
19:15:30.0397 0x15b0 ============================================================
19:15:30.0397 0x15b0 Scan started
19:15:30.0397 0x15b0 Mode: Manual; SigCheck; TDLFS;
19:15:30.0397 0x15b0 ============================================================
19:15:30.0397 0x15b0 KSN ping started
19:15:45.0225 0x15b0 KSN ping finished: true
19:15:46.0285 0x15b0 ================ Scan system memory ========================
19:15:46.0285 0x15b0 System memory - ok
19:15:46.0287 0x15b0 ================ Scan services =============================
19:15:46.0509 0x15b0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:15:46.0637 0x15b0 1394ohci - ok
19:15:46.0830 0x15b0 [ 8425B01C7B7BCBCF0B11ACD25FE35CAE, 64A7E94C6511995C4498D61F4758D7FB3F324AEFF1B15E124C32FD14B70E3ECC ] ABBYY.Licensing.FineReader.Professional.12.0 C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
19:15:46.0924 0x15b0 ABBYY.Licensing.FineReader.Professional.12.0 - ok
19:15:46.0976 0x15b0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:15:46.0998 0x15b0 ACPI - ok
19:15:47.0045 0x15b0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:15:47.0134 0x15b0 AcpiPmi - ok
19:15:47.0200 0x15b0 [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
19:15:47.0219 0x15b0 ACPIVPC - ok
19:15:47.0343 0x15b0 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:15:47.0361 0x15b0 AdobeARMservice - ok
19:15:47.0556 0x15b0 [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:15:47.0604 0x15b0 AdobeFlashPlayerUpdateSvc - ok
19:15:47.0676 0x15b0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
19:15:47.0746 0x15b0 adp94xx - ok
19:15:47.0790 0x15b0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
19:15:47.0831 0x15b0 adpahci - ok
19:15:47.0840 0x15b0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
19:15:47.0858 0x15b0 adpu320 - ok
19:15:47.0900 0x15b0 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:15:47.0975 0x15b0 AeLookupSvc - ok
19:15:48.0045 0x15b0 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
19:15:48.0116 0x15b0 AFD - ok
19:15:48.0142 0x15b0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
19:15:48.0157 0x15b0 agp440 - ok
19:15:48.0324 0x15b0 [ A9F3294F6939172C45D6C5AF2E563714, 5A3C1CFF254222D210974E974D4E5FEC38CA83D855E3DF341719CD0E3BA67171 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:15:48.0411 0x15b0 AGSService - ok
19:15:48.0455 0x15b0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
19:15:48.0499 0x15b0 ALG - ok
19:15:48.0547 0x15b0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
19:15:48.0561 0x15b0 aliide - ok
19:15:48.0603 0x15b0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
19:15:48.0617 0x15b0 amdide - ok
19:15:48.0646 0x15b0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
19:15:48.0669 0x15b0 AmdK8 - ok
19:15:48.0691 0x15b0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
19:15:48.0726 0x15b0 AmdPPM - ok
19:15:48.0761 0x15b0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:15:48.0779 0x15b0 amdsata - ok
19:15:48.0824 0x15b0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
19:15:48.0842 0x15b0 amdsbs - ok
19:15:48.0859 0x15b0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
19:15:48.0872 0x15b0 amdxata - ok
19:15:48.0977 0x15b0 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
19:15:49.0024 0x15b0 AntiVirMailService - ok
19:15:49.0104 0x15b0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:15:49.0144 0x15b0 AntiVirSchedulerService - ok
19:15:49.0209 0x15b0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:15:49.0232 0x15b0 AntiVirService - ok
19:15:49.0327 0x15b0 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
19:15:49.0377 0x15b0 AntiVirWebService - ok
19:15:49.0433 0x15b0 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\windows\system32\drivers\appid.sys
19:15:49.0501 0x15b0 AppID - ok
19:15:49.0514 0x15b0 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:15:49.0549 0x15b0 AppIDSvc - ok
19:15:49.0594 0x15b0 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\windows\System32\appinfo.dll
19:15:49.0664 0x15b0 Appinfo - ok
19:15:49.0761 0x15b0 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:15:49.0790 0x15b0 Apple Mobile Device - ok
19:15:49.0849 0x15b0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
19:15:49.0864 0x15b0 arc - ok
19:15:49.0880 0x15b0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
19:15:49.0894 0x15b0 arcsas - ok
19:15:50.0039 0x15b0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:15:50.0101 0x15b0 aspnet_state - ok
19:15:50.0132 0x15b0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:15:50.0277 0x15b0 AsyncMac - ok
19:15:50.0325 0x15b0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
19:15:50.0348 0x15b0 atapi - ok
19:15:50.0472 0x15b0 [ 52A970EE0D9812B2B1070D6D57043B65, F499A6E9FB94F3989ED7040DBD1044ECE7CF1BEF811E0E10C9D557B6B28E4CE0 ] athr C:\windows\system32\DRIVERS\athrx.sys
19:15:50.0620 0x15b0 athr - ok
19:15:50.0690 0x15b0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:15:50.0760 0x15b0 AudioEndpointBuilder - ok
19:15:50.0799 0x15b0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
19:15:50.0828 0x15b0 AudioSrv - ok
19:15:50.0896 0x15b0 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
19:15:50.0912 0x15b0 avgntflt - ok
19:15:50.0978 0x15b0 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
19:15:50.0995 0x15b0 avipbb - ok
19:15:51.0006 0x15b0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
19:15:51.0018 0x15b0 avkmgr - ok
19:15:51.0051 0x15b0 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
19:15:51.0066 0x15b0 avnetflt - ok
19:15:51.0106 0x15b0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
19:15:51.0206 0x15b0 AxInstSV - ok
19:15:51.0252 0x15b0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:15:51.0311 0x15b0 b06bdrv - ok
19:15:51.0354 0x15b0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:15:51.0399 0x15b0 b57nd60a - ok
19:15:51.0444 0x15b0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
19:15:51.0496 0x15b0 BDESVC - ok
19:15:51.0511 0x15b0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
19:15:51.0561 0x15b0 Beep - ok
19:15:51.0614 0x15b0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
19:15:51.0706 0x15b0 BFE - ok
19:15:51.0762 0x15b0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
19:15:52.0004 0x15b0 BITS - ok
19:15:52.0042 0x15b0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:15:52.0089 0x15b0 blbdrive - ok
19:15:52.0180 0x15b0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:15:52.0201 0x15b0 Bonjour Service - ok
19:15:52.0223 0x15b0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:15:52.0261 0x15b0 bowser - ok
19:15:52.0295 0x15b0 [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
19:15:52.0306 0x15b0 BPntDrv - ok
19:15:52.0340 0x15b0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:15:52.0356 0x15b0 BrFiltLo - ok
19:15:52.0370 0x15b0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:15:52.0405 0x15b0 BrFiltUp - ok
19:15:52.0439 0x15b0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:15:52.0458 0x1590 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
19:15:52.0479 0x15b0 BridgeMP - ok
19:15:52.0518 0x15b0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
19:15:52.0550 0x15b0 Browser - ok
19:15:52.0580 0x15b0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:15:52.0644 0x15b0 Brserid - ok
19:15:52.0670 0x15b0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:15:52.0704 0x15b0 BrSerWdm - ok
19:15:52.0729 0x15b0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:15:52.0771 0x15b0 BrUsbMdm - ok
19:15:52.0788 0x15b0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:15:52.0818 0x15b0 BrUsbSer - ok
19:15:52.0862 0x15b0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
19:15:52.0940 0x15b0 BthEnum - ok
19:15:52.0956 0x15b0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
19:15:52.0985 0x15b0 BTHMODEM - ok
19:15:53.0007 0x15b0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:15:53.0044 0x15b0 BthPan - ok
19:15:53.0134 0x15b0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
19:15:53.0220 0x15b0 BTHPORT - ok
19:15:53.0264 0x15b0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
19:15:53.0314 0x15b0 bthserv - ok
19:15:53.0364 0x15b0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
19:15:53.0395 0x15b0 BTHUSB - ok
19:15:53.0459 0x15b0 [ 9DE56FA4533E485AE5409D3C11747143, 197A3914D75F0FAFC0A7F24CC40C9714ED3FAF84312172BACEBC4FEFA8D1909C ] BTWAMPFL C:\windows\system32\DRIVERS\btwampfl.sys
19:15:53.0482 0x15b0 BTWAMPFL - ok
19:15:53.0527 0x15b0 [ F6135859A582A7294BA7A3336E08BAA1, DE30457F91C25950C2713CE3A2AE1F1EFFBB068DD3B0BCC87700E7CBAF73C818 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
19:15:53.0541 0x15b0 btwaudio - ok
19:15:53.0571 0x15b0 [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
19:15:53.0586 0x15b0 btwavdt - ok
19:15:53.0686 0x15b0 [ 7987FFFDA812ABC69047D1B029D446A2, 666DBA819E148989AA0D1EB704737787CF37E55CB2CA0353C896E7693DA871AB ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
19:15:53.0736 0x15b0 btwdins - ok
19:15:53.0746 0x15b0 [ E8D2BCD080EA91E74775B9F5EA051F97, FE75F765B785E513399D2B449CA068DA5BBB3B27C2E21740DFCB8C6E6B810028 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
19:15:53.0757 0x15b0 btwl2cap - ok
19:15:53.0771 0x15b0 [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
19:15:53.0781 0x15b0 btwrchid - ok
19:15:53.0793 0x15b0 catchme - ok
19:15:53.0811 0x15b0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:15:53.0860 0x15b0 cdfs - ok
19:15:53.0923 0x15b0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:15:53.0956 0x15b0 cdrom - ok
19:15:53.0990 0x15b0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
19:15:54.0027 0x15b0 CertPropSvc - ok
19:15:54.0049 0x15b0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
19:15:54.0065 0x15b0 circlass - ok
19:15:54.0123 0x15b0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
19:15:54.0156 0x15b0 CLFS - ok
19:15:54.0242 0x15b0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:15:54.0261 0x15b0 clr_optimization_v2.0.50727_32 - ok
19:15:54.0316 0x15b0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:15:54.0330 0x15b0 clr_optimization_v2.0.50727_64 - ok
19:15:54.0439 0x15b0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:15:54.0492 0x15b0 clr_optimization_v4.0.30319_32 - ok
19:15:54.0543 0x15b0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:15:54.0566 0x15b0 clr_optimization_v4.0.30319_64 - ok
19:15:54.0605 0x15b0 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
19:15:54.0617 0x15b0 clwvd - ok
19:15:54.0648 0x15b0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:15:54.0675 0x15b0 CmBatt - ok
19:15:54.0698 0x15b0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
19:15:54.0710 0x15b0 cmdide - ok
19:15:54.0767 0x15b0 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\windows\system32\Drivers\cng.sys
19:15:54.0805 0x15b0 CNG - ok
19:15:54.0826 0x15b0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
19:15:54.0837 0x15b0 Compbatt - ok
19:15:54.0859 0x15b0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:15:54.0875 0x15b0 CompositeBus - ok
19:15:54.0884 0x15b0 COMSysApp - ok
19:15:54.0897 0x15b0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:15:54.0908 0x15b0 crcdisk - ok
19:15:54.0953 0x15b0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:15:54.0998 0x15b0 CryptSvc - ok
19:15:55.0040 0x15b0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
19:15:55.0116 0x15b0 DcomLaunch - ok
19:15:55.0155 0x15b0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
19:15:55.0224 0x15b0 defragsvc - ok
19:15:55.0263 0x15b0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:15:55.0312 0x15b0 DfsC - ok
19:15:55.0352 0x15b0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
19:15:55.0380 0x1590 Object send P2P result: true
19:15:55.0380 0x1590 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
19:15:55.0396 0x15b0 Dhcp - ok
19:15:55.0498 0x15b0 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\windows\system32\diagtrack.dll
19:15:55.0587 0x15b0 DiagTrack - ok
19:15:55.0630 0x15b0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
19:15:55.0686 0x15b0 discache - ok
19:15:55.0738 0x15b0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
19:15:55.0768 0x15b0 Disk - ok
19:15:55.0806 0x15b0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:15:55.0866 0x15b0 Dnscache - ok
19:15:55.0900 0x15b0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
19:15:55.0958 0x15b0 dot3svc - ok
19:15:55.0979 0x15b0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
19:15:56.0044 0x15b0 DPS - ok
19:15:56.0116 0x15b0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:15:56.0160 0x15b0 drmkaud - ok
19:15:56.0217 0x15b0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:15:56.0276 0x15b0 DXGKrnl - ok
19:15:56.0316 0x15b0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
19:15:56.0368 0x15b0 EapHost - ok
19:15:56.0511 0x15b0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
19:15:56.0680 0x15b0 ebdrv - ok
19:15:56.0733 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\windows\System32\lsass.exe
19:15:56.0776 0x15b0 EFS - ok
19:15:56.0845 0x15b0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:15:56.0931 0x15b0 ehRecvr - ok
19:15:56.0951 0x15b0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
19:15:56.0986 0x15b0 ehSched - ok
19:15:57.0045 0x15b0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:15:57.0080 0x15b0 elxstor - ok
19:15:57.0095 0x15b0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
19:15:57.0127 0x15b0 ErrDev - ok
19:15:57.0169 0x15b0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
19:15:57.0232 0x15b0 EventSystem - ok
19:15:57.0277 0x15b0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
19:15:57.0335 0x15b0 exfat - ok
19:15:57.0356 0x15b0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
19:15:57.0398 0x15b0 fastfat - ok
19:15:57.0444 0x15b0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
19:15:57.0500 0x15b0 Fax - ok
19:15:57.0505 0x15b0 fbfmon - ok
19:15:57.0520 0x15b0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
19:15:57.0557 0x15b0 fdc - ok
19:15:57.0584 0x15b0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
19:15:57.0627 0x15b0 fdPHost - ok
19:15:57.0642 0x15b0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
19:15:57.0694 0x15b0 FDResPub - ok
19:15:57.0720 0x15b0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:15:57.0733 0x15b0 FileInfo - ok
19:15:57.0753 0x15b0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:15:57.0845 0x15b0 Filetrace - ok
19:15:57.0862 0x15b0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:15:57.0877 0x15b0 flpydisk - ok
19:15:57.0896 0x15b0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:15:57.0916 0x15b0 FltMgr - ok
19:15:57.0989 0x15b0 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\windows\system32\FntCache.dll
19:15:58.0092 0x15b0 FontCache - ok
19:15:58.0160 0x15b0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:15:58.0175 0x15b0 FontCache3.0.0.0 - ok
19:15:58.0196 0x15b0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:15:58.0210 0x15b0 FsDepends - ok
19:15:58.0224 0x1590 Object send P2P result: true
19:15:58.0224 0x1590 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
19:15:58.0252 0x15b0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:15:58.0265 0x15b0 Fs_Rec - ok
19:15:58.0322 0x15b0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:15:58.0359 0x15b0 fvevol - ok
19:15:58.0392 0x15b0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:15:58.0407 0x15b0 gagp30kx - ok
19:15:58.0462 0x15b0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:15:58.0474 0x15b0 GEARAspiWDM - ok
19:15:58.0519 0x15b0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
19:15:58.0612 0x15b0 gpsvc - ok
19:15:58.0705 0x15b0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:15:58.0719 0x15b0 gupdate - ok
19:15:58.0738 0x15b0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:15:58.0749 0x15b0 gupdatem - ok
19:15:58.0771 0x15b0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:15:58.0817 0x15b0 hcw85cir - ok
19:15:58.0851 0x15b0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:15:58.0897 0x15b0 HdAudAddService - ok
19:15:58.0937 0x15b0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:15:58.0968 0x15b0 HDAudBus - ok
19:15:58.0979 0x15b0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:15:59.0013 0x15b0 HidBatt - ok
19:15:59.0041 0x15b0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
19:15:59.0101 0x15b0 HidBth - ok
19:15:59.0137 0x15b0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
19:15:59.0154 0x15b0 HidIr - ok
19:15:59.0171 0x15b0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
19:15:59.0224 0x15b0 hidserv - ok
19:15:59.0275 0x15b0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:15:59.0299 0x15b0 HidUsb - ok
19:15:59.0323 0x15b0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
19:15:59.0361 0x15b0 hkmsvc - ok
19:15:59.0390 0x15b0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:15:59.0415 0x15b0 HomeGroupListener - ok
19:15:59.0449 0x15b0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:15:59.0484 0x15b0 HomeGroupProvider - ok
19:15:59.0530 0x15b0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:15:59.0559 0x15b0 HpSAMD - ok
19:15:59.0639 0x15b0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:15:59.0718 0x15b0 HTTP - ok
19:15:59.0753 0x15b0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:15:59.0765 0x15b0 hwpolicy - ok
19:15:59.0790 0x15b0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:15:59.0823 0x15b0 i8042prt - ok
19:15:59.0882 0x15b0 [ 53CC5BF8B5A219119953C7ABB19A7705, F342A9732978D893729EA2591CB72E5F5BD1B3E6C9E4DBFFE54EC866E534A8C0 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:15:59.0903 0x15b0 iaStor - ok
19:15:59.0985 0x15b0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:16:00.0015 0x15b0 iaStorV - ok
19:16:00.0113 0x15b0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:16:00.0188 0x15b0 idsvc - ok
19:16:00.0217 0x15b0 IEEtwCollectorService - ok
19:16:00.0655 0x15b0 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:16:01.0069 0x1590 Object send P2P result: true
19:16:01.0070 0x1590 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
19:16:01.0203 0x15b0 igfx - ok
19:16:01.0264 0x15b0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:16:01.0277 0x15b0 iirsp - ok
19:16:01.0322 0x15b0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
19:16:01.0371 0x15b0 IKEEXT - ok
19:16:01.0498 0x15b0 [ 72A253EFCA059D8CF303371255624890, 2D4AB4C5F3A2F05893197B662A51BA527EACE917B36912CAC0672DCDE3A58805 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:16:01.0622 0x15b0 IntcAzAudAddService - ok
19:16:01.0678 0x15b0 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
19:16:01.0725 0x15b0 IntcDAud - ok
19:16:01.0756 0x15b0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
19:16:01.0769 0x15b0 intelide - ok
19:16:01.0804 0x15b0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:16:01.0839 0x15b0 intelppm - ok
19:16:01.0883 0x15b0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:16:01.0932 0x15b0 IPBusEnum - ok
19:16:01.0948 0x15b0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:16:01.0984 0x15b0 IpFilterDriver - ok
19:16:02.0038 0x15b0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:16:02.0129 0x15b0 iphlpsvc - ok
19:16:02.0152 0x15b0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:16:02.0168 0x15b0 IPMIDRV - ok
19:16:02.0181 0x15b0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:16:02.0240 0x15b0 IPNAT - ok
19:16:02.0329 0x15b0 [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:16:02.0374 0x15b0 iPod Service - ok
19:16:02.0393 0x15b0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
19:16:02.0422 0x15b0 IRENUM - ok
19:16:02.0441 0x15b0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:16:02.0453 0x15b0 isapnp - ok
19:16:02.0483 0x15b0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:16:02.0504 0x15b0 iScsiPrt - ok
19:16:02.0547 0x15b0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:16:02.0560 0x15b0 kbdclass - ok
19:16:02.0580 0x15b0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
19:16:02.0595 0x15b0 kbdhid - ok
19:16:02.0610 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\windows\system32\lsass.exe
19:16:02.0623 0x15b0 KeyIso - ok
19:16:02.0666 0x15b0 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:16:02.0681 0x15b0 KSecDD - ok
19:16:02.0696 0x15b0 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:16:02.0712 0x15b0 KSecPkg - ok
19:16:02.0724 0x15b0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:16:02.0788 0x15b0 ksthunk - ok
19:16:02.0821 0x15b0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
19:16:02.0870 0x15b0 KtmRm - ok
19:16:02.0932 0x15b0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
19:16:02.0985 0x15b0 LanmanServer - ok
19:16:03.0054 0x15b0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:16:03.0104 0x15b0 LanmanWorkstation - ok
19:16:03.0159 0x15b0 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
19:16:03.0171 0x15b0 LHDmgr - ok
19:16:03.0202 0x15b0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:16:03.0260 0x15b0 lltdio - ok
19:16:03.0302 0x15b0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
19:16:03.0373 0x15b0 lltdsvc - ok
19:16:03.0413 0x15b0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
19:16:03.0451 0x15b0 lmhosts - ok
19:16:03.0549 0x15b0 [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:16:03.0568 0x15b0 LMS - ok
19:16:03.0597 0x15b0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:16:03.0612 0x15b0 LSI_FC - ok
19:16:03.0626 0x15b0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:16:03.0641 0x15b0 LSI_SAS - ok
19:16:03.0657 0x15b0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:16:03.0671 0x15b0 LSI_SAS2 - ok
19:16:03.0692 0x15b0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:16:03.0707 0x15b0 LSI_SCSI - ok
19:16:03.0735 0x15b0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
19:16:03.0787 0x15b0 luafv - ok
19:16:03.0826 0x15b0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:16:03.0844 0x15b0 Mcx2Svc - ok
19:16:03.0863 0x15b0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
19:16:03.0875 0x15b0 megasas - ok
19:16:03.0910 0x15b0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:16:03.0931 0x15b0 MegaSR - ok
19:16:03.0933 0x1590 Object send P2P result: true
19:16:03.0965 0x15b0 [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:16:03.0977 0x15b0 MEIx64 - ok
19:16:04.0016 0x15b0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
19:16:04.0074 0x15b0 MMCSS - ok
19:16:04.0102 0x15b0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
19:16:04.0146 0x15b0 Modem - ok
19:16:04.0179 0x15b0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:16:04.0194 0x15b0 monitor - ok
19:16:04.0217 0x15b0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:16:04.0231 0x15b0 mouclass - ok
19:16:04.0280 0x15b0 [ 21B7ACEA1BB49C3371DD5427BF309D6A, 39055A4D9BC293BD5DE5519FC6B95E7345089B32027E1799FA642606E6298856 ] moufiltr C:\windows\system32\DRIVERS\moufiltr.sys
19:16:04.0324 0x15b0 moufiltr - ok
19:16:04.0334 0x15b0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:16:04.0360 0x15b0 mouhid - ok
19:16:04.0409 0x15b0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:16:04.0425 0x15b0 mountmgr - ok
19:16:04.0499 0x15b0 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:16:04.0516 0x15b0 MozillaMaintenance - ok
19:16:04.0538 0x15b0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
19:16:04.0555 0x15b0 mpio - ok
19:16:04.0570 0x15b0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:16:04.0608 0x15b0 mpsdrv - ok
19:16:04.0658 0x15b0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
19:16:04.0737 0x15b0 MpsSvc - ok
19:16:04.0779 0x15b0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:16:04.0821 0x15b0 MRxDAV - ok
19:16:04.0870 0x15b0 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:16:04.0922 0x15b0 mrxsmb - ok
19:16:04.0958 0x15b0 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:16:04.0981 0x15b0 mrxsmb10 - ok
19:16:05.0016 0x15b0 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:16:05.0033 0x15b0 mrxsmb20 - ok
19:16:05.0057 0x15b0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
19:16:05.0070 0x15b0 msahci - ok
19:16:05.0095 0x15b0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:16:05.0111 0x15b0 msdsm - ok
19:16:05.0125 0x15b0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
19:16:05.0159 0x15b0 MSDTC - ok
19:16:05.0202 0x15b0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:16:05.0238 0x15b0 Msfs - ok
19:16:05.0254 0x15b0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:16:05.0307 0x15b0 mshidkmdf - ok
19:16:05.0329 0x15b0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:16:05.0341 0x15b0 msisadrv - ok
19:16:05.0364 0x15b0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:16:05.0430 0x15b0 MSiSCSI - ok
19:16:05.0434 0x15b0 msiserver - ok
19:16:05.0462 0x15b0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:16:05.0497 0x15b0 MSKSSRV - ok
19:16:05.0516 0x15b0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:16:05.0567 0x15b0 MSPCLOCK - ok
19:16:05.0602 0x15b0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:16:05.0658 0x15b0 MSPQM - ok
19:16:05.0683 0x15b0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:16:05.0707 0x15b0 MsRPC - ok
19:16:05.0740 0x15b0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:16:05.0752 0x15b0 mssmbios - ok
19:16:05.0766 0x15b0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:16:05.0811 0x15b0 MSTEE - ok
19:16:05.0826 0x15b0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:16:05.0856 0x15b0 MTConfig - ok
19:16:05.0871 0x15b0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
19:16:05.0885 0x15b0 Mup - ok
19:16:05.0924 0x15b0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
19:16:05.0999 0x15b0 napagent - ok
19:16:06.0039 0x15b0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:16:06.0082 0x15b0 NativeWifiP - ok
19:16:06.0162 0x15b0 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
19:16:06.0221 0x15b0 NDIS - ok
19:16:06.0243 0x15b0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:16:06.0298 0x15b0 NdisCap - ok
19:16:06.0324 0x15b0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:16:06.0361 0x15b0 NdisTapi - ok
19:16:06.0402 0x15b0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:16:06.0438 0x15b0 Ndisuio - ok
19:16:06.0457 0x15b0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:16:06.0496 0x15b0 NdisWan - ok
19:16:06.0510 0x15b0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:16:06.0546 0x15b0 NDProxy - ok
19:16:06.0574 0x15b0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:16:06.0630 0x15b0 NetBIOS - ok
19:16:06.0660 0x15b0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:16:06.0702 0x15b0 NetBT - ok
19:16:06.0732 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\windows\system32\lsass.exe
19:16:06.0744 0x15b0 Netlogon - ok
19:16:06.0796 0x15b0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
19:16:06.0850 0x15b0 Netman - ok
19:16:06.0917 0x15b0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:06.0960 0x15b0 NetMsmqActivator - ok
19:16:06.0967 0x15b0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:06.0982 0x15b0 NetPipeActivator - ok
19:16:06.0999 0x15b0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
19:16:07.0063 0x15b0 netprofm - ok
19:16:07.0092 0x15b0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:07.0108 0x15b0 NetTcpActivator - ok
19:16:07.0115 0x15b0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:07.0131 0x15b0 NetTcpPortSharing - ok
19:16:07.0164 0x15b0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:16:07.0177 0x15b0 nfrd960 - ok
19:16:07.0228 0x15b0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
19:16:07.0284 0x15b0 NlaSvc - ok
19:16:07.0303 0x15b0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
19:16:07.0340 0x15b0 Npfs - ok
19:16:07.0356 0x15b0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
19:16:07.0404 0x15b0 nsi - ok
19:16:07.0426 0x15b0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:16:07.0474 0x15b0 nsiproxy - ok
19:16:07.0562 0x15b0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:16:07.0650 0x15b0 Ntfs - ok
19:16:07.0667 0x15b0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
19:16:07.0702 0x15b0 Null - ok
19:16:07.0725 0x15b0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
19:16:07.0741 0x15b0 nvraid - ok
19:16:07.0769 0x15b0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
19:16:07.0785 0x15b0 nvstor - ok
19:16:07.0798 0x15b0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:16:07.0813 0x15b0 nv_agp - ok
19:16:07.0820 0x15b0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:16:07.0844 0x15b0 ohci1394 - ok
19:16:07.0901 0x15b0 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:16:07.0916 0x15b0 ose64 - ok
19:16:08.0107 0x15b0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:16:08.0332 0x15b0 osppsvc - ok
19:16:08.0388 0x15b0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:16:08.0456 0x15b0 p2pimsvc - ok
19:16:08.0504 0x15b0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
19:16:08.0558 0x15b0 p2psvc - ok
19:16:08.0593 0x15b0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
19:16:08.0621 0x15b0 Parport - ok
19:16:08.0649 0x15b0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
19:16:08.0663 0x15b0 partmgr - ok
19:16:08.0704 0x15b0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
19:16:08.0746 0x15b0 PcaSvc - ok
19:16:08.0771 0x15b0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
19:16:08.0788 0x15b0 pci - ok
19:16:08.0819 0x15b0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
19:16:08.0832 0x15b0 pciide - ok
19:16:08.0852 0x15b0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:16:08.0870 0x15b0 pcmcia - ok
19:16:08.0890 0x15b0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
19:16:08.0922 0x15b0 pcw - ok
19:16:08.0963 0x15b0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:16:09.0027 0x15b0 PEAUTH - ok
19:16:09.0133 0x15b0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
19:16:09.0174 0x15b0 PerfHost - ok
19:16:09.0259 0x15b0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
19:16:09.0364 0x15b0 pla - ok
19:16:09.0418 0x15b0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:16:09.0481 0x15b0 PlugPlay - ok
19:16:09.0577 0x15b0 [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
19:16:09.0614 0x15b0 PMBDeviceInfoProvider - ok
19:16:09.0642 0x15b0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:16:09.0679 0x15b0 PNRPAutoReg - ok
19:16:09.0711 0x15b0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:16:09.0733 0x15b0 PNRPsvc - ok
19:16:09.0773 0x15b0 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\windows\system32\DRIVERS\point64.sys
19:16:09.0785 0x15b0 Point64 - ok
19:16:09.0831 0x15b0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:16:09.0899 0x15b0 PolicyAgent - ok
19:16:09.0924 0x15b0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
19:16:09.0981 0x15b0 Power - ok
19:16:10.0018 0x15b0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:16:10.0077 0x15b0 PptpMiniport - ok
19:16:10.0100 0x15b0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
19:16:10.0126 0x15b0 Processor - ok
19:16:10.0161 0x15b0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
19:16:10.0212 0x15b0 ProfSvc - ok
19:16:10.0232 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\windows\system32\lsass.exe
19:16:10.0247 0x15b0 ProtectedStorage - ok
19:16:10.0278 0x15b0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:16:10.0340 0x15b0 Psched - ok
19:16:10.0432 0x15b0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:16:10.0526 0x15b0 ql2300 - ok
19:16:10.0553 0x15b0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:16:10.0568 0x15b0 ql40xx - ok
19:16:10.0609 0x15b0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
19:16:10.0636 0x15b0 QWAVE - ok
19:16:10.0654 0x15b0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:16:10.0703 0x15b0 QWAVEdrv - ok
19:16:10.0725 0x15b0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:16:10.0779 0x15b0 RasAcd - ok
19:16:10.0828 0x15b0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:16:10.0866 0x15b0 RasAgileVpn - ok
19:16:10.0886 0x15b0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
19:16:10.0944 0x15b0 RasAuto - ok
19:16:10.0984 0x15b0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:16:11.0040 0x15b0 Rasl2tp - ok
19:16:11.0087 0x15b0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
19:16:11.0150 0x15b0 RasMan - ok
19:16:11.0168 0x15b0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:16:11.0222 0x15b0 RasPppoe - ok
19:16:11.0249 0x15b0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:16:11.0308 0x15b0 RasSstp - ok
19:16:11.0355 0x15b0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:16:11.0408 0x15b0 rdbss - ok
19:16:11.0428 0x15b0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:16:11.0459 0x15b0 rdpbus - ok
19:16:11.0476 0x15b0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:16:11.0532 0x15b0 RDPCDD - ok
19:16:11.0552 0x15b0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:16:11.0598 0x15b0 RDPENCDD - ok
19:16:11.0617 0x15b0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:16:11.0653 0x15b0 RDPREFMP - ok
19:16:11.0699 0x15b0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:16:11.0741 0x15b0 RDPWD - ok
19:16:11.0768 0x15b0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:16:11.0787 0x15b0 rdyboost - ok
19:16:11.0817 0x15b0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
19:16:11.0857 0x15b0 RemoteAccess - ok
19:16:11.0896 0x15b0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:16:11.0946 0x15b0 RemoteRegistry - ok
19:16:11.0986 0x15b0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:16:12.0023 0x15b0 RFCOMM - ok
19:16:12.0043 0x15b0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:16:12.0082 0x15b0 RpcEptMapper - ok
19:16:12.0115 0x15b0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
19:16:12.0145 0x15b0 RpcLocator - ok
19:16:12.0173 0x15b0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
19:16:12.0233 0x15b0 RpcSs - ok
19:16:12.0253 0x15b0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:16:12.0305 0x15b0 rspndr - ok
19:16:12.0345 0x15b0 [ CE0A1D8A59410E698140821E4E69DA0D, 4AEBF07C4016AF62B1A4F1C838FDC3A272FC643E596A86E4FE3C34F10523E318 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
19:16:12.0366 0x15b0 RSUSBVSTOR - ok
19:16:12.0412 0x15b0 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
19:16:12.0433 0x15b0 RTL8167 - ok
19:16:12.0454 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\windows\system32\lsass.exe
19:16:12.0467 0x15b0 SamSs - ok
19:16:12.0488 0x15b0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:16:12.0503 0x15b0 sbp2port - ok
19:16:12.0536 0x15b0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
19:16:12.0587 0x15b0 SCardSvr - ok
19:16:12.0603 0x15b0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:16:12.0651 0x15b0 scfilter - ok
19:16:12.0726 0x15b0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
19:16:12.0801 0x15b0 Schedule - ok
19:16:12.0833 0x15b0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
19:16:12.0869 0x15b0 SCPolicySvc - ok
19:16:12.0904 0x15b0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:16:12.0941 0x15b0 SDRSVC - ok
19:16:12.0962 0x15b0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
19:16:13.0034 0x15b0 secdrv - ok
19:16:13.0053 0x15b0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
19:16:13.0106 0x15b0 seclogon - ok
19:16:13.0138 0x15b0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
19:16:13.0196 0x15b0 SENS - ok
19:16:13.0215 0x15b0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
19:16:13.0251 0x15b0 SensrSvc - ok
19:16:13.0268 0x15b0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
19:16:13.0282 0x15b0 Serenum - ok
19:16:13.0317 0x15b0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
19:16:13.0344 0x15b0 Serial - ok
19:16:13.0369 0x15b0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
19:16:13.0399 0x15b0 sermouse - ok
19:16:13.0430 0x15b0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
19:16:13.0492 0x15b0 SessionEnv - ok
19:16:13.0505 0x15b0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:16:13.0521 0x15b0 sffdisk - ok
19:16:13.0535 0x15b0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:16:13.0568 0x15b0 sffp_mmc - ok
19:16:13.0588 0x15b0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:16:13.0621 0x15b0 sffp_sd - ok
19:16:13.0635 0x15b0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:16:13.0664 0x15b0 sfloppy - ok
19:16:13.0718 0x15b0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
19:16:13.0789 0x15b0 SharedAccess - ok
19:16:13.0837 0x15b0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:16:13.0885 0x15b0 ShellHWDetection - ok
19:16:13.0926 0x15b0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:16:13.0941 0x15b0 SiSRaid2 - ok
19:16:13.0962 0x15b0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:16:13.0976 0x15b0 SiSRaid4 - ok
19:16:14.0003 0x15b0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:16:14.0041 0x15b0 Smb - ok
19:16:14.0079 0x15b0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:16:14.0117 0x15b0 SNMPTRAP - ok
19:16:14.0138 0x15b0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
19:16:14.0150 0x15b0 spldr - ok
19:16:14.0195 0x15b0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
19:16:14.0267 0x15b0 Spooler - ok
19:16:14.0405 0x15b0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
19:16:14.0587 0x15b0 sppsvc - ok
19:16:14.0619 0x15b0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:16:14.0668 0x15b0 sppuinotify - ok
19:16:14.0718 0x15b0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
19:16:14.0772 0x15b0 srv - ok
19:16:14.0797 0x15b0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:16:14.0853 0x15b0 srv2 - ok
19:16:14.0878 0x15b0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:16:14.0912 0x15b0 srvnet - ok
19:16:14.0958 0x15b0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:16:15.0020 0x15b0 SSDPSRV - ok
19:16:15.0042 0x15b0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
19:16:15.0080 0x15b0 SstpSvc - ok
19:16:15.0103 0x15b0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
19:16:15.0115 0x15b0 stexstor - ok
19:16:15.0155 0x15b0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
19:16:15.0208 0x15b0 stisvc - ok
19:16:15.0223 0x15b0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:16:15.0245 0x15b0 swenum - ok
19:16:15.0277 0x15b0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
19:16:15.0338 0x15b0 swprv - ok
19:16:15.0430 0x15b0 [ A2B1D227193BE8A07B7F5FDB9D5DEA6E, 5540CBDDE3DDF6560B8266A3C71550BAD6AC4E2C2B28658AA054CD29CAD7A7AE ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:16:15.0502 0x15b0 SynTP - ok
19:16:15.0602 0x15b0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
19:16:15.0712 0x15b0 SysMain - ok
19:16:15.0735 0x15b0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
19:16:15.0756 0x15b0 TabletInputService - ok
19:16:15.0785 0x15b0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
19:16:15.0849 0x15b0 TapiSrv - ok
19:16:15.0872 0x15b0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
19:16:15.0911 0x15b0 TBS - ok
19:16:15.0999 0x15b0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:16:16.0097 0x15b0 Tcpip - ok
19:16:16.0162 0x15b0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:16:16.0224 0x15b0 TCPIP6 - ok
19:16:16.0256 0x15b0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:16:16.0299 0x15b0 tcpipreg - ok
19:16:16.0336 0x15b0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:16:16.0371 0x15b0 TDPIPE - ok
19:16:16.0393 0x15b0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:16:16.0426 0x15b0 TDTCP - ok
19:16:16.0498 0x15b0 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:16:16.0534 0x15b0 tdx - ok
19:16:16.0541 0x15b0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:16:16.0554 0x15b0 TermDD - ok
19:16:16.0603 0x15b0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
19:16:16.0658 0x15b0 TermService - ok
19:16:16.0675 0x15b0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
19:16:16.0694 0x15b0 Themes - ok
19:16:16.0726 0x15b0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
19:16:16.0764 0x15b0 THREADORDER - ok
19:16:16.0777 0x15b0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
19:16:16.0816 0x15b0 TrkWks - ok
19:16:16.0866 0x15b0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:16:16.0905 0x15b0 TrustedInstaller - ok
19:16:16.0941 0x15b0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:16:16.0955 0x15b0 tssecsrv - ok
19:16:16.0976 0x15b0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:16:17.0011 0x15b0 TsUsbFlt - ok
19:16:17.0032 0x15b0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:16:17.0063 0x15b0 TsUsbGD - ok
19:16:17.0094 0x15b0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:16:17.0147 0x15b0 tunnel - ok
19:16:17.0165 0x15b0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:16:17.0179 0x15b0 uagp35 - ok
19:16:17.0206 0x15b0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:16:17.0262 0x15b0 udfs - ok
19:16:17.0291 0x15b0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
19:16:17.0306 0x15b0 UI0Detect - ok
19:16:17.0331 0x15b0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:16:17.0344 0x15b0 uliagpkx - ok
19:16:17.0362 0x15b0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:16:17.0397 0x15b0 umbus - ok
19:16:17.0425 0x15b0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
19:16:17.0439 0x15b0 UmPass - ok
19:16:17.0602 0x15b0 [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:16:17.0707 0x15b0 UNS - ok
19:16:17.0747 0x15b0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
19:16:17.0816 0x15b0 upnphost - ok
19:16:17.0882 0x15b0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
19:16:17.0917 0x15b0 USBAAPL64 - ok
19:16:17.0958 0x15b0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:16:17.0989 0x15b0 usbccgp - ok
19:16:18.0037 0x15b0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
19:16:18.0058 0x15b0 usbcir - ok
19:16:18.0079 0x15b0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
19:16:18.0093 0x15b0 usbehci - ok
19:16:18.0127 0x15b0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:16:18.0167 0x15b0 usbhub - ok
19:16:18.0189 0x15b0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
19:16:18.0214 0x15b0 usbohci - ok
19:16:18.0251 0x15b0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:16:18.0285 0x15b0 usbprint - ok
19:16:18.0338 0x15b0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:16:18.0359 0x15b0 usbscan - ok
19:16:18.0383 0x15b0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:16:18.0411 0x15b0 USBSTOR - ok
19:16:18.0456 0x15b0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:16:18.0470 0x15b0 usbuhci - ok
19:16:18.0529 0x15b0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
19:16:18.0575 0x15b0 usbvideo - ok
19:16:18.0599 0x15b0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
19:16:18.0645 0x15b0 UxSms - ok
19:16:18.0665 0x15b0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\windows\system32\lsass.exe
19:16:18.0678 0x15b0 VaultSvc - ok
19:16:18.0711 0x15b0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:16:18.0724 0x15b0 vdrvroot - ok
19:16:18.0758 0x15b0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
19:16:18.0842 0x15b0 vds - ok
19:16:18.0861 0x15b0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:16:18.0877 0x15b0 vga - ok
19:16:18.0892 0x15b0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
19:16:18.0941 0x15b0 VgaSave - ok
19:16:18.0959 0x15b0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:16:18.0976 0x15b0 vhdmp - ok
19:16:19.0029 0x15b0 [ C2C95D62C90CA809240112B41C1765F2, FAFBA11CE7D273D28D1C27D01BEB4E62AB4ADA7517183F46E505D335E1117CA0 ] vhidmini C:\windows\system32\DRIVERS\walvhid.sys
19:16:19.0052 0x15b0 vhidmini - ok
19:16:19.0080 0x15b0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
19:16:19.0091 0x15b0 viaide - ok
19:16:19.0149 0x15b0 [ B977390908F5FC42B66E74D1E96843E6, 16FE34AB2BDF1F3798439D837ECA2E1D3DEDC6B71141C3F77B80181EAE715554 ] vm331avs C:\windows\system32\Drivers\vm331avs.sys
19:16:19.0189 0x15b0 vm331avs - ok
19:16:19.0207 0x15b0 [ 40C39413A2458016FF43444750F467CA, 7753B8C622F15D851FC65851586E8C0FDDD0B00D66C54C5222BB1BD06DCD2A90 ] vmuvcflt C:\windows\system32\Drivers\vmuvcflt.sys
19:16:19.0218 0x15b0 vmuvcflt - ok
19:16:19.0245 0x15b0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:16:19.0277 0x15b0 volmgr - ok
19:16:19.0307 0x15b0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:16:19.0330 0x15b0 volmgrx - ok
19:16:19.0370 0x15b0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
19:16:19.0391 0x15b0 volsnap - ok
19:16:19.0425 0x15b0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:16:19.0441 0x15b0 vsmraid - ok
19:16:19.0517 0x15b0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
19:16:19.0639 0x15b0 VSS - ok
19:16:19.0653 0x15b0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:16:19.0669 0x15b0 vwifibus - ok
19:16:19.0710 0x15b0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:16:19.0749 0x15b0 vwififlt - ok
19:16:19.0773 0x15b0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
19:16:19.0805 0x15b0 vwifimp - ok
19:16:19.0845 0x15b0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
19:16:19.0894 0x15b0 W32Time - ok
19:16:19.0924 0x15b0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:16:19.0955 0x15b0 WacomPen - ok
19:16:19.0981 0x15b0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:16:20.0039 0x15b0 WANARP - ok
19:16:20.0045 0x15b0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:16:20.0081 0x15b0 Wanarpv6 - ok
19:16:20.0158 0x15b0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
19:16:20.0245 0x15b0 wbengine - ok
19:16:20.0267 0x15b0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:16:20.0292 0x15b0 WbioSrvc - ok
19:16:20.0317 0x15b0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
19:16:20.0364 0x15b0 wcncsvc - ok
19:16:20.0381 0x15b0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:16:20.0414 0x15b0 WcsPlugInService - ok
19:16:20.0445 0x15b0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
19:16:20.0457 0x15b0 Wd - ok
19:16:20.0527 0x15b0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:16:20.0591 0x15b0 Wdf01000 - ok
19:16:20.0622 0x15b0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
19:16:20.0645 0x15b0 WdiServiceHost - ok
19:16:20.0650 0x15b0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
19:16:20.0676 0x15b0 WdiSystemHost - ok
19:16:20.0719 0x15b0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\windows\System32\webclnt.dll
19:16:20.0755 0x15b0 WebClient - ok
19:16:20.0784 0x15b0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
19:16:20.0830 0x15b0 Wecsvc - ok
19:16:20.0847 0x15b0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:16:20.0904 0x15b0 wercplsupport - ok
19:16:20.0935 0x15b0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
19:16:20.0998 0x15b0 WerSvc - ok
19:16:21.0031 0x15b0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:16:21.0080 0x15b0 WfpLwf - ok
19:16:21.0104 0x15b0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:16:21.0115 0x15b0 WIMMount - ok
19:16:21.0146 0x15b0 WinDefend - ok
19:16:21.0161 0x15b0 WinHttpAutoProxySvc - ok
19:16:21.0222 0x15b0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:16:21.0281 0x15b0 Winmgmt - ok
19:16:21.0372 0x15b0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
19:16:21.0512 0x15b0 WinRM - ok
19:16:21.0555 0x15b0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
19:16:21.0571 0x15b0 WinUsb - ok
19:16:21.0653 0x15b0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
19:16:21.0770 0x15b0 Wlansvc - ok
19:16:21.0837 0x15b0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:16:21.0858 0x15b0 wlcrasvc - ok
19:16:21.0993 0x15b0 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:16:22.0104 0x15b0 wlidsvc - ok
19:16:22.0142 0x15b0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
19:16:22.0171 0x15b0 WmiAcpi - ok
19:16:22.0207 0x15b0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:16:22.0228 0x15b0 wmiApSrv - ok
19:16:22.0270 0x15b0 WMPNetworkSvc - ok
19:16:22.0306 0x15b0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
19:16:22.0341 0x15b0 WPCSvc - ok
19:16:22.0360 0x15b0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:16:22.0413 0x15b0 WPDBusEnum - ok
19:16:22.0443 0x15b0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:16:22.0481 0x15b0 ws2ifsl - ok
19:16:22.0506 0x15b0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
19:16:22.0542 0x15b0 wscsvc - ok
19:16:22.0545 0x15b0 WSearch - ok
19:16:22.0600 0x15b0 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
19:16:22.0614 0x15b0 wsvd - ok
19:16:22.0659 0x15b0 WTService - ok
19:16:22.0788 0x15b0 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\windows\system32\wuaueng.dll
19:16:22.0947 0x15b0 wuauserv - ok
19:16:22.0991 0x15b0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:16:23.0029 0x15b0 WudfPf - ok
19:16:23.0051 0x15b0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:16:23.0070 0x15b0 WUDFRd - ok
19:16:23.0124 0x15b0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:16:23.0141 0x15b0 wudfsvc - ok
19:16:23.0203 0x15b0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
19:16:23.0259 0x15b0 WwanSvc - ok
19:16:23.0280 0x15b0 ================ Scan global ===============================
19:16:23.0310 0x15b0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
19:16:23.0359 0x15b0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\windows\system32\winsrv.dll
19:16:23.0381 0x15b0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\windows\system32\winsrv.dll
19:16:23.0435 0x15b0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
19:16:23.0484 0x15b0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
19:16:23.0494 0x15b0 [ Global ] - ok
19:16:23.0495 0x15b0 ================ Scan MBR ==================================
19:16:23.0508 0x15b0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:16:23.0988 0x15b0 \Device\Harddisk0\DR0 - ok
19:16:23.0988 0x15b0 ================ Scan VBR ==================================
19:16:23.0991 0x15b0 [ 2E6FC43D1D60AF94ABC9CDF308E68E04 ] \Device\Harddisk0\DR0\Partition1
19:16:23.0994 0x15b0 \Device\Harddisk0\DR0\Partition1 - ok
19:16:23.0998 0x15b0 [ 14584205BC8B6E4A5FE79AD3CF2270D7 ] \Device\Harddisk0\DR0\Partition2
19:16:24.0001 0x15b0 \Device\Harddisk0\DR0\Partition2 - ok
19:16:24.0015 0x15b0 [ A0B044E6CD669DE134553FAF1B6F6446 ] \Device\Harddisk0\DR0\Partition3
19:16:24.0018 0x15b0 \Device\Harddisk0\DR0\Partition3 - ok
19:16:24.0018 0x15b0 ================ Scan generic autorun ======================
19:16:24.0060 0x15b0 [ 8B123B4EA20E18758482000149FEF3B4, AA9E5217761D288FD69E4D2FF5F058F3D153B13169744DF8601F0B1949FCE0D3 ] C:\windows\system32\igfxtray.exe
19:16:24.0074 0x15b0 IgfxTray - ok
19:16:24.0093 0x15b0 [ A7B4F5886745246DE4CA4C3A7DC1EA1D, BC6C8C1C76FC6F3617EACA52C0B9E9D0453557381A28E0FEE4611147FFB39C2F ] C:\windows\system32\hkcmd.exe
19:16:24.0113 0x15b0 HotKeysCmds - ok
19:16:24.0143 0x15b0 [ 3433C7D4EA35E9709430CA126C979AFE, AAE4D056FF69DD140675C57E3207883B4310F86111020B177DC6B1E1F73E9943 ] C:\windows\system32\igfxpers.exe
19:16:24.0163 0x15b0 Persistence - ok
19:16:24.0565 0x15b0 [ EB7E02337F8586E48D544CD3FC6CEE62, DFA784EBA795656D2E9EC9346ADC815FFB0BE3CC333FF581FCE9CE6CD6BB9288 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:16:24.0937 0x15b0 RtHDVCpl - ok
19:16:24.0947 0x15b0 SynTPEnh - ok
19:16:25.0016 0x15b0 [ 03998CA1B0F0B50A5062A38D35CFDB4D, 359907A8B7EC0C693FA95F296DF7BB70451EBA865C0CF5BB9C55720FEFB5936E ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
19:16:25.0039 0x15b0 Lenovo EE Boot Optimizer - detected UnsignedFile.Multi.Generic ( 1 )
19:16:27.0879 0x15b0 Detect skipped due to KSN trusted
19:16:27.0879 0x15b0 Lenovo EE Boot Optimizer - ok
19:16:27.0962 0x15b0 [ 7F29CEE9BCDE3210DB0FDD6E1B1076A9, 8D72B91CB329D24EDFA74DA3E628E5E13F91B678EF6C33F6C144F4C92C82AE3F ] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
19:16:27.0990 0x15b0 OnekeyStudio - ok
19:16:28.0341 0x15b0 [ 79FE52037E84582800D7E9E6CD505F6C, EB42F4421A0A60478F9CE274C10783357AA02B924AD9189226BD603656624589 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
19:16:28.0644 0x15b0 Energy Management - ok
19:16:28.0841 0x15b0 [ 3C489726BD233D2D251AAC6121AB2A14, 89A6931879565F65BAF84F5DA11280E2A86387E7817AF71BD639212DEE791412 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
19:16:28.0998 0x15b0 EnergyUtility - ok
19:16:29.0123 0x15b0 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
19:16:29.0233 0x15b0 IntelliPoint - ok
19:16:29.0508 0x15b0 [ AA89A62619AD4BAA9F8EFE781A619A57, D1D0D647F13B2BFDB9AF1E1DBBF30625265646418852FF6C07EED9E00ED8F93D ] C:\windows\system32\WTMKM.exe
19:16:29.0735 0x15b0 MacrokeyManager - detected UnsignedFile.Multi.Generic ( 1 )
19:16:32.0573 0x15b0 MacrokeyManager ( UnsignedFile.Multi.Generic ) - warning
19:16:35.0420 0x15b0 [ D3BA2D9CA8905B07907024A394D1BE8B, 384EC5984DCD62724261F1A465036F8B68727D69BAB9690F7B28D7CED22FA493 ] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe
19:16:35.0479 0x15b0 MuteSync - detected UnsignedFile.Multi.Generic ( 1 )
19:16:38.0241 0x15b0 Detect skipped due to KSN trusted
19:16:38.0241 0x15b0 MuteSync - ok
19:16:38.0328 0x15b0 [ 4E2C658B409984B1018524BBF6A04052, E27B0895F63FB5BA2C7A17AFBAF314EC7E280711B7C2A614797AAEAEBE7B8050 ] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
19:16:38.0368 0x15b0 331BigDog - ok
19:16:38.0433 0x15b0 [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
19:16:38.0465 0x15b0 YouCam Mirage - ok
19:16:38.0537 0x15b0 [ 14C9432B5D0C82296A768C9F04FEA95B, 981FB41106CD9D94208B5307051B8CC26992A5E18C4617FFF6244C66B32E86FD ] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
19:16:38.0554 0x15b0 VeriFaceManager - ok
19:16:38.0610 0x15b0 [ A01FB0B0C58319FB350A53EDAA947D36, F096607CEA3EB1D569B9767B98C1409F54332A97B78848BC3CBEB92FDFAAB787 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
19:16:38.0624 0x15b0 UpdateP2GShortCut - ok
19:16:38.0705 0x15b0 [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
19:16:38.0732 0x15b0 UpdatePRCShortCut - ok
19:16:38.0780 0x15b0 [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
19:16:38.0838 0x15b0 PMBVolumeWatcher - ok
19:16:38.0931 0x15b0 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
19:16:38.0963 0x15b0 avgnt - ok
19:16:39.0084 0x15b0 [ 83962E9BA6FFE8C8A03356459FAB8FF5, 0CB2A889E07410D7E410CC36F081351506BADD441FECCE9E5AA6FE37C68AC6E4 ] C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe
19:16:39.0142 0x15b0 Bonus.SSR.FR12 - ok
19:16:39.0330 0x15b0 [ 3D1D33DE714636AEAB4AC18291D254F6, 8C9ECD5818F48B90FAEFBEC896F795DDE45CCE73BB11901E90E035F179037117 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
19:16:39.0426 0x15b0 Adobe Creative Cloud - ok
19:16:39.0429 0x15b0 Web Companion - ok
19:16:39.0462 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0507 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64 - ok
19:16:39.0524 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0567 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64 - ok
19:16:39.0583 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0625 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64 - ok
19:16:39.0640 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0682 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64 - ok
19:16:39.0698 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0740 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64 - ok
19:16:39.0755 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0798 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64 - ok
19:16:39.0813 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0855 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64 - ok
19:16:39.0871 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0913 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64 - ok
19:16:39.0928 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:39.0970 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64 - ok
19:16:39.0985 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0028 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64 - ok
19:16:40.0043 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0085 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64 - ok
19:16:40.0100 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0142 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64 - ok
19:16:40.0157 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0199 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64 - ok
19:16:40.0214 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0257 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64 - ok
19:16:40.0272 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0314 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64 - ok
19:16:40.0329 0x15b0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
19:16:40.0371 0x15b0 Uninstall C:\Users\Isabell\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 - ok
19:16:40.0372 0x15b0 Waiting for KSN requests completion. In queue: 25
19:16:41.0372 0x15b0 Waiting for KSN requests completion. In queue: 25
19:16:42.0372 0x15b0 Waiting for KSN requests completion. In queue: 25
19:16:43.0422 0x15b0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
19:16:43.0427 0x15b0 Win FW state via NFP2: enabled ( trusted )
19:16:57.0179 0x15b0 ============================================================
19:16:57.0179 0x15b0 Scan finished
19:16:57.0179 0x15b0 ============================================================
19:16:57.0194 0x15fc Detected object count: 1
19:16:57.0194 0x15fc Actual detected object count: 1
19:17:25.0900 0x15fc MacrokeyManager ( UnsignedFile.Multi.Generic ) - skipped by user
19:17:25.0901 0x15fc MacrokeyManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________

Alt 21.12.2015, 18:36   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Schritt 1

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 22.12.2015, 05:51   #5
Isssssaaaaaa
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Guten Morgen,

so alle Suchläufe sind nun durch und die Textdateien sind fertig. Hier sind sie:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 21.12.2015
Suchlaufzeit: 20:43
Protokolldatei: log.txt
Administrator: Ja

Version: 0.0.0.0000
Malware-Datenbank: v2015.12.21.05
Rootkit-Datenbank: v2015.12.18.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Isabell

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 383671
Abgelaufene Zeit: 40 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)


ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=012f7129293d18468933e86bba774d94
# end=init
# utc_time=2015-12-21 08:28:42
# local_time=2015-12-21 09:28:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27303
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=012f7129293d18468933e86bba774d94
# end=updated
# utc_time=2015-12-21 08:52:26
# local_time=2015-12-21 09:52:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=012f7129293d18468933e86bba774d94
# engine=27303
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-21 11:28:14
# local_time=2015-12-22 12:28:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 22615 202370344 0 0
# scanned=341319
# found=6
# cleaned=0
# scan_time=9347
sh=8561A47ACDFF62ADEDD7BD60FA1F01C177AD78E7 ft=1 fh=89663ba4713fc629 vn="Variante von Win32/Ponmocup.GR Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Isabell\AppData\Roaming\ir41_qc0.dll.vir"
sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Isabell\AppData\Local\Temp\DMR\dmr_72.exe"
sh=29F0595DC00230AA455671671F9B761BD0B51AE1 ft=1 fh=b782d462c39f7ca5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Isabell\Desktop\odp-3.2-bin-windows-en-US - CHIP-Installer.exe"
sh=563E1B707747F87BD96829B81E92CA1EE04E83FD ft=1 fh=421b349ff9c9cc9b vn="Win32/InstallMonetizer.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Isabell\Downloads\FreeOCR-5.02.exe"
sh=BB97229BE88951407043A967372E405D588A6924 ft=1 fh=ff0d0c5ba310116b vn="Variante von Win64/Packed.Komodia.A verdächtige Datei" ac=I fn="C:\Windows\System32\LavasoftTcpService64.dll"
sh=6AFB303638FCA3EE14457548C983789493C1B961 ft=1 fh=2815b10465bbf0ba vn="Variante von Win32/Packed.Komodia.A verdächtige Datei" ac=I fn="C:\Windows\SysWOW64\LavasoftTcpService.dll"

Viele Grüße,
Isa


Alt 22.12.2015, 19:53   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Aktive Malware wurde keine gefunden. Welches Konto wurde denn gehackt? Geschieht ja v.a. online und weniger über den PC...
__________________
--> Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware

Alt 23.12.2015, 19:59   #7
Isssssaaaaaa
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Mein Zalando-Konto wurde gehackt und eine Bestellung in meinem Namen aufgegeben. Sehr ärgerlich.
Aber es ist doch schon mal ein gutes Zeichen, dass keine Malware gefunden wurde, oder?

Alt 24.12.2015, 18:21   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Standard

Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware



Frohe Weihnachten!

War es ein einfaches Passwort oder hast Du die Zugangsdaten mal bei einer dubiosen Seite eingegeben? Wenn in Deinem Namen bestellt wurde, was war dann die Lieferadresse?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware
antivir, avira, bonjour, combofix, converter, cpu, device driver, dnsapi.dll, firefox, flash player, google, home, homepage, installation, launch, mozilla, mp3, onedrive, prozesse, realtek, registry, scan, software, spyware, svchost.exe, system, trojaner, udp, web companion, windows



Ähnliche Themen: Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware


  1. Verdacht auf Keyloger oder Spyware, Windows 10
    Plagegeister aller Art und deren Bekämpfung - 15.09.2015 (5)
  2. Email- Konto gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (26)
  3. Email-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (2)
  4. Email-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (1)
  5. E-Mail Konto gehackt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (11)
  6. T-Online Account gehackt? Mahn-Emails aus meinem Postfach - Windows Vista
    Log-Analyse und Auswertung - 13.01.2014 (7)
  7. mail gehackt - ebay-Konto missbraucht, Scans erhärten den Verdacht - System befallen!
    Log-Analyse und Auswertung - 06.01.2014 (15)
  8. win7 Internet: bei fast jedem klick öffnet sich leeres Fenster mit JVL LIBPACK.NET Verdacht auf Spyware oder Virus!
    Log-Analyse und Auswertung - 16.09.2013 (8)
  9. Verdacht auf spyware oder malware
    Log-Analyse und Auswertung - 12.08.2013 (3)
  10. E-Mail Konto (Trojaner oder Hacker) ?
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (33)
  11. Verdacht auf Keylogger oder Spyware (Email hat mehrere Fehlgeschlagene Logins verzeichnet).
    Log-Analyse und Auswertung - 16.10.2012 (10)
  12. PayPal Konto gehackt!
    Log-Analyse und Auswertung - 08.10.2012 (23)
  13. Hotmail Konto gesperrt nach Spam Mail Versand / Trojaner Verdacht!
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (4)
  14. Online-Banking wurde Gehackt, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (19)
  15. paypal konto gehackt?
    Überwachung, Datenschutz und Spam - 26.06.2010 (1)
  16. Langsamer Pc verdacht auf malware oder spyware
    Mülltonne - 24.11.2008 (0)
  17. Online Banking gehackt durch Trojaner !!!!!!!!
    Plagegeister aller Art und deren Bekämpfung - 24.01.2006 (9)

Zum Thema Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware - Hallo an alle! Leider ist mir am Wochenende eines meiner Online-Konten gehackt worden und ich bin Opfer eines Betruges geworden. Nun liegt der Gedanke nahe, dass ich mir einen Trojaner - Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware...
Archiv
Du betrachtest: Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.