Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win ME - AV-Programm meldet Trojaner auf externer FP

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.05.2016, 17:02   #1
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Hallo TB-Community,

da ich ein Notebook entsorgen wollte, dessen Netzteil schon Ewigkeiten nicht mehr verfügbar war, habe ich die FP ausgebaut und diese nun an ein anderes Gerät angeschlossen, um die vorhandenen Daten zu kopieren und anschließend zu löschen.

Der erste Virenscan mit Avira ergab, dass sich 4 Trojaner auf der externen FP befinden. Ein weiterer Virenscan mit Bitdefender auf einem anderen Gerät meldete 6 Funde. Schock! Um das Bitdefender-Gerät nicht zu verseuchen, habe ich nun die Trojaner-Beseitigung auf dem Gerät, auf dem Avira installiert ist, fortgeführt und die Trojaner in die Quarantäne verschoben. Hier ein Teil des Berichts:

Code:
ATTFilter
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: ShlExt
Konfigurationsdatei...................: C:\Users\*****\AppData\Local\Temp\0312ca1a.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: G:, 
Durchsuche aktive Programme...........: aus
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Auszulassende Dateien.................: 

Beginn des Suchlaufs: Freitag, 13. Mai 2016  11:08

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'G:\' <WIN_ME>
    [0] Archivtyp: RSRC
    --> G:\WINDOWS\TEMP\winad2.cab.vir
        [1] Archivtyp: CAB (Microsoft)
      --> winad2.dll
          [FUND]      Ist das Trojanische Pferd TR/Tinytest.Dld.3
          [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
G:\WINDOWS\TEMP\winad2.cab.vir
  [FUND]      Ist das Trojanische Pferd TR/Tinytest.Dld.3
    --> G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
        [1] Archivtyp: CAB (Microsoft)
      --> YSBactivex.dll
          [FUND]      Ist das Trojanische Pferd TR/Dldr.IstBar.FA
          [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
  [FUND]      Ist das Trojanische Pferd TR/Dldr.IstBar.FA

Beginne mit der Desinfektion:
G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
  [FUND]      Ist das Trojanische Pferd TR/Dldr.IstBar.FA
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a8f2928.qua' verschoben!
G:\WINDOWS\TEMP\winad2.cab.vir
  [FUND]      Ist das Trojanische Pferd TR/Tinytest.Dld.3
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '18e47337.qua' verschoben!


Ende des Suchlaufs: Freitag, 13. Mai 2016  12:01
Benötigte Zeit: 52:33 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

    548 Verzeichnisse wurden überprüft
 148449 Dateien wurden geprüft
      4 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      2 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 148445 Dateien ohne Befall
   1994 Archive wurden durchsucht
      2 Warnungen
      2 Hinweise
         
Der letzte ESET-Lauf ergab folgendes Ergebnis:

Code:
ATTFilter
G:\WINDOWS\Temporary Internet Files\Content.IE5\WLAV05AV\Angst_lyrics[1].htm	HTML/ScrInject.B Trojaner	gelöscht
G:\WINDOWS\Temporary Internet Files\Content.IE5\OHQJWHU7\cab_refreshing_chat[1].htm	JS/Tivso.Gen Trojaner	Gesäubert durch Löschen
         
Da die Virenscanner jedoch nach wie vor einen Befall melden, wende ich mich nun mit der Bitte um Hilfe an dieses Forum.

Auf der externen FP ist Win ME installiert gewesen. Angeschlossen ist diese an ein Gerät, auf dem Win 7 SP 1 läuft.

Die Anleitung für Hilfesuchende bei Trojaner- und Virenbefall habe ich mir durchgelesen.

1. Frage: soll jetzt trotz Befalls der ext. FP ein Systemscan mit Farbar's Recovery Scan Tool durchgeführt werden?

Für Antwort und Hilfe bedanke ich mich im Voraus bereits recht herzlich,

vG
ratte

Geändert von ratte98 (15.05.2016 um 18:02 Uhr)

Alt 16.05.2016, 13:03   #2
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 16.05.2016, 14:00   #3
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Hallo Matthias,

vielen Dank, dass Du Dich meines Problems annimmst. Ich bin Andrea.

Anbei die Datei (meinen Namen habe ich durch *** ersetzt):

Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-05-2016
durchgeführt von *** (2016-05-16 14:22:52)
Gestartet von C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-15 18:18:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3147491749-1704817828-3195401907-500 - Administrator - Disabled)
Gast (S-1-5-21-3147491749-1704817828-3195401907-501 - Limited - Disabled)
*** (S-1-5-21-3147491749-1704817828-3195401907-1000 - Administrator - Enabled) => C:\Users\***

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 EasyLogin (HKLM-x32\...\1&1 EasyLogin) (Version:  - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Anti-Twin (Installation 10.05.2015) (HKLM-x32\...\Anti-Twin 2015-05-10 17.09.17) (Version:  - Joerg Rosenthal, Germany)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.260 - ArcSoft)
ARIS Express (HKLM-x32\...\{1252F398-5142-4D81-AD31-8B0204C26E8C}) (Version: 1.00 - Ihr Firmenname)
ARIS Express 2.3 (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\ARIS Express 2.3) (Version:  - Software AG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{68201122-5B1D-70CF-6B4B-AB7732A782A5}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006203630.48.56.5901682 - Audible, Inc.)
Beetle Ju 3 (VOLLVERSION) (HKLM-x32\...\Beetle Ju 3 (VOLLVERSION)) (Version: 1.0.0.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
ccc-core-static (x32 Version: 2009.1124.2131.38610 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
EaseUS Todo Backup Free 5.8 (HKLM-x32\...\EaseUS Todo Backup Free 5.8_is1) (Version: 5.8 - CHENGDU YIWO Tech Development Co., Ltd)
eDocPrintPro v3.17.5 (HKLM\...\{2F592033-5008-4011-8CC1-7F57531BDE5F}) (Version: 3.17.5 - MAY-Computer)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Excel Protection Remover (HKLM-x32\...\ST6UNST #2) (Version:  - )
FiBu on Screen (HKLM-x32\...\{DAB590AF-7C64-4D52-BED0-1ED962230D2A}) (Version:  - )
FreeFileSync 6.15 (HKLM-x32\...\FreeFileSync) (Version: 6.15 - www.FreeFileSync.org)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Gpg4win (2.1.0-rc2) (HKLM-x32\...\GPG4Win) (Version: 2.1.0-rc2 - The Gpg4win Project)
gs_x64 (HKLM\...\{2E415339-7210-4A3B-84EA-E50FE7565F0D}) (Version: 9.00 - MAY-Computer)
gs_x64 (HKLM\...\{BB41FF1B-4D74-496E-91CE-E6AB8EB58215}) (Version: 8.71 - MAY-Computer)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.17.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP User Guides  (HKLM-x32\...\{4D5927FF-F3A0-4E03-9DE9-8265499164CF}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{F9A43C0C-F274-4EC0-B02E-202C15C09C00}) (Version: 3.50.12.1 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.0.01.09151 - Sony Corporation)
inSSIDer (HKLM-x32\...\{C7DEE429-4C9B-4126-894F-50B4F54FF196}) (Version: 1.2.8 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet-Radio Player Version 2.01.5 (HKLM-x32\...\Internet-Radio Player_is1) (Version:  - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Kinder des Mondes (HKLM-x32\...\Kinder des Mondes) (Version: 1.0.0.0 - INTENIUM GmbH)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
MAGIX Foto Manager 10 deluxe Download-Version (HKLM-x32\...\MAGIX_MSI_Digital_Foto_Maker_10) (Version: 8.0.1.147 - MAGIX AG)
MAGIX Foto Manager 10 deluxe Download-Version (x32 Version: 8.0.1.147 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{17ADCD9C-F753-47A1-A50D-19C69EDD4C2B}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{DF95EAF0-9C2D-4DD7-824F-FC2A6FBF8C18}) (Version: 7.0.2.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Project 2000 (HKLM-x32\...\{1E9678A0-B4C1-11D2-863F-00C04F6E09F2}) (Version: 9.00.3818 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd)
Moorhuhn Schatzjäger 3 (HKLM-x32\...\Moorhuhn Schatzjäger 3) (Version: 1.00 - phenomedia publishing gmbh)
Mountain Crime: Die Vergeltung (HKLM-x32\...\Mountain Crime: Die Vergeltung) (Version: 1.0.0.0 - INTENIUM GmbH)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 5.1.0.5314 - MyHeritage.com)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
Neptunia Vollversion (HKLM-x32\...\Neptunia Vollversion) (Version:  - )
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Phantasmat Sammleredition (HKLM-x32\...\BFG-Phantasmat Sammleredition) (Version:  - )
Photo Loader 3.0G (HKLM-x32\...\{70B45586-B51E-4947-A258-A895596C5CED}) (Version:  - )
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
R für Windows (HKLM-x32\...\R für Windows) (Version:  - )
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version:  - Tobit.Software)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version:  - )
Sandman (HKLM-x32\...\Sandman) (Version: 1.0.0.0 - INTENIUM GmbH)
scilab-5.4.1 (64-bit) (HKLM\...\scilab-5.4.1 (64-bit)_is1) (Version:  - Scilab Enterprises)
Self-Service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Sherlock Holmes und der Hund der Baskervilles (HKLM-x32\...\Sherlock Holmes und der Hund der Baskervilles) (Version: 1.0.0.0 - INTENIUM GmbH)
soft Xpansion Perfect PDF 5 Premium (HKLM-x32\...\{1FD1567B-0129-4FA0-914C-F3E02833F77B}) (Version: 5.0 - )
SPIRIT Bauteile 2013 (HKLM-x32\...\SPIRIT Bauteile 2013_is1) (Version: 2013.01 - SOFTTECH GmbH)
SpyOFF (HKLM-x32\...\{926D963B-C5AB-4988-8415-62889073F0B2}) (Version: 1.0.1.14 - Sareta S.r.l.)
Statistiklabor 3 (HKLM-x32\...\Statistiklabor 3) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Studio C++ 9.0 Runtime (HKLM-x32\...\{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}) (Version: 1.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WISO Steuer 2013 (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer 2014 (HKLM-x32\...\{2AE0DAFD-7FDA-4B35-80D1-6BBEB3747CD8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Xpress 7.3 (HKLM-x32\...\{A25BDF4B-9CA5-4202-8541-EEB245F14862}) (Version: 7.3 - FICO)
Zeta Producer 11 11.2.3 (nur entfernen) (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\ZetaProducer11) (Version: 11.2.3 - Zeta Software GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02C68EBA-91D2-4BAA-A103-6E069BD4A122} - System32\Tasks\{955570D2-5F44-4E34-911C-6A5FA2791E4C} => F:\ETS2204\Install.exe
Task: {03678F24-21E8-4E67-9030-CA31A0D20908} - System32\Tasks\{B55DAB1B-0C85-4130-9815-C8CEDC8A397A} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {044D7E3D-1956-446A-8994-1429582B8C87} - System32\Tasks\{BEC046BA-EE44-49CD-8325-E8CD58257BA7} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {061021F8-5705-4CCA-BCDC-C9267AD5CB1B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {072CCBD9-BECB-4034-94B6-6F4C6E7E50EF} - System32\Tasks\{E9A582AB-32A3-44EE-A3AA-A103E6285603} => pcalua.exe -a C:\Users\***\Downloads\EX-Z750_102.exe -d C:\Users\***\Downloads
Task: {09B8CE39-737C-4F90-B0FB-9106F7541B84} - System32\Tasks\{536CBBA3-B1BF-4996-9B81-13906773F958} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {0D0C9567-9827-4C93-8AF2-7E9E076FED52} - System32\Tasks\{8ED7DDBB-A116-4934-9E29-60BE6398A48D} => F:\SETUP.EXE
Task: {0D4C11C3-3A27-4342-910B-EF22997C9C8E} - System32\Tasks\{37937F6C-60AA-45BB-AC4F-B16731550678} => F:\SETUP.EXE
Task: {120D22AE-5489-420D-91B0-4202255F1478} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {1620A232-F6F8-4B63-9026-1AACC38ED32B} - System32\Tasks\{9F099718-DC6B-4B20-883D-B3D72C5F133C} => C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe [2009-01-09] (ArcSoft, Inc.)
Task: {1A00FFBF-2895-4D4C-A8CD-71B8D3C9CCED} - System32\Tasks\{9B21145B-4564-4E03-8932-8397392894B0} => F:\SETUP.EXE
Task: {1BCD1E06-7186-4830-834C-E67DDCBE4B81} - System32\Tasks\{7B7D10B3-A22F-4483-AD6D-F94861E2A7E7} => F:\ETS2204\Install.exe
Task: {2092E184-8031-4103-8AF3-683DE7A5AF36} - System32\Tasks\{E84ABE35-4142-4E76-A8C2-891CAEE6EDA6} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {24EADC05-2238-4CEC-B4ED-7EB54E839E3E} - System32\Tasks\{CB64D34E-91EF-4B33-AD6E-71E3E6C23597} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {260CF82A-1311-4866-A58F-CA5FC336E52C} - System32\Tasks\{B48CD537-D176-42F1-AB15-65F60BDEFA9F} => pcalua.exe -a C:\Users\***\Downloads\Authorware_Web_Player_Plugin.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {2C62B602-6DA7-4CD7-BE8B-634E41AD24BE} - System32\Tasks\{91C25797-9CFF-4CC9-ABEB-48D162218EBE} => F:\SETUP.EXE
Task: {302A10D7-A09A-4C72-90F5-7041129B36D7} - System32\Tasks\{3C4D6DE5-56A1-466F-9D25-0CECB847E3A3} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {32ACAD8A-9FE2-4478-B848-C35D4DBC9FF5} - System32\Tasks\{25716C9B-9323-48EE-B736-02259F8BA4E7} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {3369E11B-3A47-4721-AA54-216335A6B2A2} - System32\Tasks\{77BADCFB-0A89-4C35-ABEB-3AFBB265AB89} => pcalua.exe -a C:\Users\***\Downloads\mmswbila.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {35734605-3310-4FFC-A56A-EED274CCD0FB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3147491749-1704817828-3195401907-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {40638962-45FB-4C75-B032-ECB11B3015CA} - System32\Tasks\{4E797F87-C934-452B-9EB4-B3405210B16B} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {41ED893B-2B89-4E5B-93D6-E53B2CF04641} - System32\Tasks\{BF8D48B6-A9CB-40EB-916C-08FD942B2FFA} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {435015B0-6A7C-42B9-AE4C-5470B231ECBC} - System32\Tasks\{19FBDFA0-C3A2-46FE-A166-975E07D399D9} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {44A8A50B-EDC7-42C7-97B7-C74AA869FFE2} - System32\Tasks\{450AE944-7C6B-408D-81C3-F331C8A81CC5} => F:\ETS2204\Install.exe
Task: {44EC511B-0E95-47E2-BBF5-707CADF87C4D} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-05-14] (RealNetworks, Inc.)
Task: {488DE9B8-C9DA-49E1-A011-9FCEA436B634} - System32\Tasks\{0E658B51-B7DF-4D24-B86A-0F5C71888BFD} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {49F1F93D-988D-4D6F-8EAA-2CB2A364E796} - System32\Tasks\{E42DB200-73FC-461B-81E2-18AE22F099D0} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {4A91E392-F4D6-4B6C-A347-8B6ADDCC4852} - System32\Tasks\{120FA4BF-2B18-40B0-B15B-865CB3AB6759} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {4AAACCF6-C732-4102-B32B-EC0C9635499C} - System32\Tasks\{AE2AE7A2-A1CC-40BB-BCA4-A072BAFE8004} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {4B081A34-0E43-4ECB-A01B-5B7565981457} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {4BB74F0E-8173-494D-BF71-87C37973E4AB} - System32\Tasks\{4F0DC2CE-4A1A-42CE-82B7-591A1557AD11} => pcalua.exe -a F:\fibusetup.exe -d F:\
Task: {5090A572-5F7C-4A26-BD1E-35725BBC2739} - System32\Tasks\{EDF3F5D1-F465-4344-B9CC-BDF5073E9DA5} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {539D3A04-18E1-4D46-B510-CC8DA262B0F1} - System32\Tasks\{2C4A2476-AAC1-430F-A578-707677548D32} => pcalua.exe -a "C:\Program Files (x86)\OXXOGames\GPlayer\\MyInstall.exe" -c ScriptUInst "C:\Program Files (x86)\OXXOGames\GPlayer\Install\\Game_Die4Elemente2.log"
Task: {548A99CE-B83E-4923-BE6D-60F50C97F7F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {55C38FD8-77C8-45F6-B301-ED3097055D71} - System32\Tasks\{39CFF968-807B-4198-B6D9-175798939346} => pcalua.exe -a C:\Users\***\Desktop\SoftonicToolbar.exe -d C:\Users\***\Desktop <==== ACHTUNG
Task: {586599BF-F92A-4D95-ADCB-600D252B48CA} - System32\Tasks\{174BD41F-5DE5-4895-9CDB-DA7EFAF2AE22} => Firefox.exe 
Task: {58C99680-50CE-4BC1-8D7E-AD08319A6178} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {5B546275-E70E-4B68-980D-6178DF8A473A} - System32\Tasks\{CDECEBD1-D4FF-4B9C-817E-E71027B35BE6} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {63B28470-51AF-46D6-8D7A-A0D1923EB34B} - System32\Tasks\{EC737A9D-A344-42E9-A430-9FAE8B0C93F3} => F:\SETUP.EXE
Task: {6436AB49-FC75-4751-B12F-A63F9F62460B} - System32\Tasks\{6B542FF7-C5C5-49E9-BA6D-5E8C1E7702DA} => F:\SETUP.EXE
Task: {655D0720-1FA2-4C0E-A797-3FBFEDBE76DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {6599C2F8-4E0E-4A0E-8435-0521EC213A7E} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {69A5FA5C-8640-49F3-94DD-5E4FEE7FFFBE} - System32\Tasks\{001B7076-6095-431C-ACED-3F5A59D16A44} => F:\SETUP.EXE
Task: {6E86F686-D50A-4FC9-A80C-4C18325BE8ED} - System32\Tasks\{15654592-E61D-4B39-83F3-EC8EDE7A0F5D} => F:\SETUP.EXE
Task: {701822AC-E59B-41EE-B27E-656B2FEEB6A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {70CF44DA-E7D6-46C2-92D6-79FD9E91FE2C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {74412BCC-451E-4B34-8E86-046DDFF3F86D} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {7609F695-3BED-4956-A1DA-2B7658993433} - System32\Tasks\{E418731C-A50D-47BE-95CB-B37DA0D4CB1B} => pcalua.exe -a C:\Users\***\Downloads\digitaleditions_172.exe -d C:\Users\***\Downloads
Task: {78B6EF22-DD39-4711-B89D-00FE3B4511DB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3147491749-1704817828-3195401907-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A035F24-B927-4CF1-949F-E620C9EA512D} - System32\Tasks\{EDD69F6D-5046-467F-87CE-DF303CE07D47} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7B250953-67DB-4E13-BC02-0540EB36D0A1} - System32\Tasks\{C8A0FB54-AC4C-4996-9975-9455C49001E4} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7BA44B0B-643B-4C2C-BAE4-8CE80039A345} - System32\Tasks\{7345E4F7-75AB-4C5A-A0F3-2780040F6331} => pcalua.exe -a C:\Users\***\Downloads\jre.exe -d C:\Users\***\Downloads
Task: {7C496898-0394-4EFD-AA4C-DA668CD6C192} - System32\Tasks\{4A42890E-ED34-4945-B047-6E9D27D0C8EB} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7F34DBC0-6407-46F9-BD16-1E5E43FE1F0E} - System32\Tasks\{7DDEE26D-9ADD-46AA-BAFE-0885B461830E} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {80E2CA56-0DA5-420A-8026-8824B02E228B} - System32\Tasks\{B3F97CBF-3AFE-4BE3-9916-422FFA8836D2} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {8A3C6B70-DE14-4295-9AA0-A922C57BC39B} - System32\Tasks\{FC2F4E7A-43F5-4E11-9032-9562F8C2C606} => Firefox.exe 
Task: {933B94FE-43CD-44C6-A54C-5307C0A72FE8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {94172650-D64C-4A02-8BBE-44EC7A71D922} - System32\Tasks\{4419CDF5-8BA9-466F-8742-C59E1ECFB88A} => F:\SETUP.EXE
Task: {95DB24F4-2837-4873-AEF7-D06C6CBF2E8B} - System32\Tasks\{C2BE814C-2980-4FCF-9A19-453D59220250} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9640A57A-9848-4719-B659-466C880483BB} - System32\Tasks\{BB045A00-962D-4AEF-A7FF-A19FB36496DB} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe"
Task: {96DE29A2-DDC2-479D-836B-4BDAA9103706} - System32\Tasks\{983E7244-1A4E-4275-B63D-DBA7BC88D9D1} => pcalua.exe -a F:\start.exe -d F:\
Task: {98053BB0-FB13-4D3B-AD1A-EC0EDB029638} - System32\Tasks\{2CCD5BE6-B439-4C8B-B100-142CBBB2D481} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {980934E1-201A-4821-A662-E0D5EF22EA5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {987BB664-FBED-4F7D-A9FE-8AC6F3AF3E82} - System32\Tasks\{0DD9FE5E-71C5-403B-9003-CC3C04FAA301} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Skype\Phone\Skype.exe"
Task: {98A68AD1-ABFC-4F03-8835-1FA998ADD75A} - System32\Tasks\{35292543-D197-4719-A29D-8037C408EB29} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9B91305F-4DFC-4718-98C5-1103374886B7} - System32\Tasks\{92223E9D-65F5-4070-BD3E-D42B203E6E34} => F:\ETS2204\Install.exe
Task: {9D59B2D4-4177-43EA-8902-25838591A47E} - System32\Tasks\{F859BA81-36EF-4289-84FD-B235388A665F} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9F7C03DC-2A39-45A5-AA94-334A596EF8B4} - System32\Tasks\{FB2C8A83-81F2-426B-AF64-1FFC679C18D9} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {A551FAD1-F3BD-4211-9E5B-20FFFE0401BF} - System32\Tasks\{6BE74B63-B296-4AD1-ACB3-F5F7FD82144A} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {A606D093-E49B-4D47-9E34-D6786044FBF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A6BFDBE2-724C-417F-86EE-2C2456BCF9C2} - System32\Tasks\{8DE9EABE-9C0C-4A83-9540-63BCAEC628F2} => F:\SETUP.EXE
Task: {A7CDB3B3-179C-4C01-B1D5-78D370975816} - System32\Tasks\{DDDB3642-8E31-4E7D-A2C0-AAF691A3F398} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {AD2E2C0E-0748-45B1-A0AF-665A42E80AA2} - System32\Tasks\{8B6493A6-C86E-4D8E-9ACA-867487666EE8} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {B066712A-282D-416A-8320-7AEBEA21E6F9} - System32\Tasks\{5DCDEA97-F9BF-4682-B61C-59F2703D3EC8} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {B25CEC1A-B261-45E5-B9F3-F3073DE8A538} - System32\Tasks\{0BC1A2AF-12A7-40E6-93B7-62FDF3ED44A5} => F:\INSTALL\START.EXE
Task: {B4FA9BD0-15AC-488B-B0EA-524CD0907C7A} - System32\Tasks\{0A2B9BF4-C887-48B7-B638-8D5A1D117DED} => F:\SETUP.EXE
Task: {BA347D1A-FEC5-48C1-8794-AFE3E72B3236} - System32\Tasks\{9283EDF0-DA7A-4975-AAA5-8F4AD52B9689} => F:\SETUP.EXE
Task: {BC768571-F11B-435B-B5BB-3F8043827E46} - System32\Tasks\{3840312C-A1C6-4BDC-8C18-EB3E9EFC3002} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {BF41916F-7C0D-4D4C-8D5D-43EB0231E82C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {C1B6991A-4936-4195-BCEF-98E79AFFA0E3} - System32\Tasks\{38A13B52-DBAD-418F-B3B1-2EC60D46AD2B} => F:\ETS2204\Install.exe
Task: {C1EDF6F2-7AAB-44C3-BC6A-2CC9AB850F8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-01-06] (HP Inc.)
Task: {C4530DDC-0273-48CF-A5E4-F2CC3E104685} - System32\Tasks\{DCB65088-84E3-4A8D-8410-637E169EA40B} => pcalua.exe -a "C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe" -d C:\Users\***\Desktop
Task: {C48DA263-546A-490E-A333-5EFB9620B98D} - System32\Tasks\{FCF601C3-3DC8-4AA2-828E-DF3084F385F4} => F:\SETUP.EXE
Task: {CD4AA4C1-0554-40AD-8D30-88CF3CA78602} - System32\Tasks\{E36C2F24-CEA4-446C-A0DD-8A18D5E87AB6} => F:\SETUP.EXE
Task: {D18B4B1E-F5C9-4F14-B215-A03E92D0266F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {D1EFE84D-BCC3-46D8-86C3-B569F6C0819D} - System32\Tasks\{AF03B8DB-EE2F-4EEF-A8C8-A3BB3CC2CED9} => F:\SETUP.EXE
Task: {D3F37B6A-F036-40F7-9F0E-BEF9D00BAE62} - System32\Tasks\{7AA278AD-2BDB-4E96-9EB3-1F88950C0C1B} => F:\SETUP.EXE
Task: {D6D06B38-758C-49EE-897D-74EA193C8694} - System32\Tasks\{40237B5D-9EB5-40CB-8804-45B68CF5605B} => pcalua.exe -a "C:\Program Files (x86)\Zylom Games\UninstallPlugin.exe" -d "C:\Program Files (x86)\Zylom Games"
Task: {D732B75B-8B2B-4FAA-B3D9-052052F728E7} - System32\Tasks\{6F769306-CA22-482D-A965-355C63E3309C} => F:\SETUP.EXE
Task: {D778B6ED-6615-4059-A150-8DB55EB66093} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3147491749-1704817828-3195401907-1000
Task: {DB754D56-76CC-4590-911D-B49883B74927} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {DB8459AD-BFE9-4734-94C5-AD2BD475161A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {E0B38C90-F57E-46C1-AEFE-F430B7C50DE1} - System32\Tasks\{9580C869-DDE0-46C4-86C8-D4AA893EF5E2} => pcalua.exe -a C:\Users\***\Downloads\pl302g.exe -d C:\Users\***\Downloads
Task: {E26A19B4-E786-48FE-AEA0-5C3CC5AB3E4F} - System32\Tasks\{376788F5-FDCC-4FCD-878A-8EEEBCDB2F14} => F:\SETUP.EXE
Task: {E65EB961-331D-4B33-B4B9-AA34F03BB888} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {E6E1AB3C-5B24-408C-AAA5-57A58A94F0D6} - System32\Tasks\{18127638-ECBB-4524-A942-47C59AE5146B} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {E79C90BA-582D-4D6C-8ADC-F4FBAFC457B5} - System32\Tasks\{6081ACFB-6C04-41FA-9C30-E9C5752D4C94} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {E7A6BE4F-ACEB-42A3-83E3-2C8D3C75397B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {E7E3F7C2-1E2B-4BC2-8D3E-B0BFA6D8DF82} - System32\Tasks\{2256D4AC-3424-4468-95F8-2A73C65F8593} => F:\SETUP.EXE
Task: {EBD22F96-9990-4D4B-95C7-E59058FE1899} - System32\Tasks\{FFFB84F1-91A1-4802-A28E-37F97A7188FF} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {ECD0CCBD-41FA-46CD-BAE5-3E88162CD8CF} - System32\Tasks\{714733C6-981E-4AE1-8DF5-3AE03C49617B} => pcalua.exe -a C:\Users\***\Downloads\GameCenterAktualisierung.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {EF342DCD-DDF0-442F-B2E2-15674B09E6AD} - System32\Tasks\{0DD0CCED-FCA1-4678-8013-4704FA598345} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {F2C67801-3010-4683-A859-DBC257946D42} - System32\Tasks\{B219FF33-53C8-4308-966C-F7483FA8D446} => F:\SETUP.EXE
Task: {F36B5A63-97A1-4649-8EEA-44D3FE36EC9D} - System32\Tasks\{7DDA0713-B2CA-4D5B-83E5-7B1F18378A21} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {F3DC503B-7D11-428C-B4EB-7639C2D1F0F9} - System32\Tasks\{DA9C65AF-9022-481A-969E-2E4B234D05C0} => F:\SETUP.EXE
Task: {F3F35BB4-CE29-4CCB-9C23-D55174564DB5} - System32\Tasks\{1E5E6DD4-83C7-4702-A3D6-7DB47A6962DF} => pcalua.exe -a "C:\Program Files (x86)\Common Files\MAYComputer\eDocPrintPro\UnInstallDriver.exe" -d "C:\Program Files (x86)\Common Files\MAYComputer\eDocPrintPro"
Task: {F5D51D4B-6051-4BF2-8BA3-8091E9472276} - System32\Tasks\{F20FCAB3-53BF-49BC-A41E-87A0DE5962F5} => Firefox.exe 
Task: {F5E09347-7B65-4464-BBEB-009B8B4D9BC1} - System32\Tasks\{528C7D2C-E419-4188-946D-A050A74A7435} => pcalua.exe -a "C:\Program Files (x86)\OXXOGames\GPlayer\MyInstall.exe" -d "C:\Program Files (x86)\TuneUp Utilities 2011" -c ScriptUInst "C:\Program Files (x86)\OXXOGames\GPlayer\Install\\Game_OxxoBJ2CD.log"
Task: {F6409CE2-9CAC-40A1-8D46-56E707B419A6} - System32\Tasks\{DD55237C-81CC-460B-B4AE-7BE6AA66C676} => pcalua.exe -a F:\Titelthema\GER_R_FUL_CBE_IS.exe -d F:\Titelthema
Task: {F6586D77-6438-437D-8218-AAAFFC1C3D21} - System32\Tasks\{4E81B9A1-FD99-44B9-9BB0-C120E584D673} => F:\SETUP.EXE
Task: {FC7B090C-2A72-4978-AD74-D2D2EB444932} - System32\Tasks\{142E177A-6577-4047-9B82-AD2C4A7D555D} => F:\SETUP.EXE
Task: {FF9E1E68-B13B-4510-B21A-6EE23C5E6076} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-06-30 18:59 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-12-06 20:01 - 2016-03-20 13:10 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2011-02-04 18:53 - 2011-02-04 18:53 - 00224256 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-12-16 18:03 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2011-02-04 18:48 - 2011-02-04 18:48 - 00208384 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2011-02-04 18:45 - 2011-02-04 18:45 - 00048640 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2011-02-04 18:43 - 2011-02-04 18:43 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2011-02-04 18:48 - 2011-02-04 18:48 - 00073216 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2011-02-04 18:49 - 2011-02-04 18:49 - 00603136 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-05-15 09:29 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-05-15 09:29 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00090696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00022088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:53B8C5D2 [215]
AlternateDataStreams: C:\ProgramData\Temp:9D03192E [218]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A3EAEBAB-86DB-46E1-B430-5149755515DF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{DC7BAFD3-57F8-48FD-87E2-337C69B8CF47}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{415322A8-1080-4CB2-8815-A3B492786EB1}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{B023DA4A-B1E1-41CA-B5C4-88E13C78895A}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [TCP Query User{B242C674-D800-4822-A9D0-4C2E09AEB970}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{BDA80B4B-A37A-4AA1-A9BA-D5956919E6A0}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{C20B4234-DF39-47A3-9A81-81C386C91B04}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{2D3F988A-61BE-4AB0-BC07-9B19A90298AF}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{17622597-1D5A-4FD5-B92C-53BCFA73388C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{9EDD052D-4AAB-4741-8AFC-F0804325C7E1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{F715F9F8-5ED6-47DF-9786-EECD78771C4D}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{E81BDDFB-5279-414D-A345-2EC349D72C97}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{DE31AD98-8F62-46F5-8EE1-F038A8D72544}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{F8FC600A-35BD-4100-A2F6-54638EB55F1F}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{AE1238B0-E04F-4D59-A79D-531F7D2F23C7}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{6FCB5F5F-8821-473C-B2FD-E634764D76CE}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{6CF0E793-B7C7-422B-9DDF-B7C5C6340B65}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{FE5ED5CB-91D4-4E1B-A8B2-F206AABA8CD2}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{262DA29F-EA8D-4897-B277-29E0A98BAFAB}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{6F8168DB-9AD4-4AFC-B95A-FC935F9C8FCB}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{67D66C6B-477A-4F06-B693-41A5EED6978A}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{D3F4D384-C333-4405-9C0D-2431CFF05DAA}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{CCECB8F9-E346-448A-BD17-67CDB83EDE19}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{AA41BF8D-8A0F-4C79-8FFB-F1D8AE881B5C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{13BB8D08-676F-45BA-AA7D-7A7F46411210}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{4076A440-19A2-4775-8F1C-50F1ACEF7BD0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{BDAA014F-B126-480A-A084-F763EE410BB5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{23B7C80E-DF51-4F84-8B83-6CEE2A61616A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{FFA68774-4EC0-455C-921C-ACEBC16155DC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{9A25588F-3BA4-4263-A57B-2731A2CE41F3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{622156C4-FCEC-4695-A6E9-EEFB0BF86832}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A42D28E9-0945-4364-8E90-0C4B80FB50E5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{052E6BE7-800D-41BE-AC49-B66EB59413C6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{6A9B2A5C-96F2-4925-9694-834045B81943}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{24883906-68AA-492B-B0EB-5BC9D589ABE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF470072-0CBE-47EE-AB63-632E848136AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3D60294-99D1-4D2C-BB1A-EA40036DCC96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{400FFF54-ACE6-4B41-A657-A6A697813279}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1450C767-8731-4D45-B534-8C5D5D16B2DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BB24727B-835D-4640-9EE8-A23CC1461F93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9DD9EEC0-3DA0-43F9-961D-06E6E6ED43C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{22EC75C2-3FA1-4D50-A888-25FB9A5C1D75}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

==================== Wiederherstellungspunkte =========================

05-05-2016 19:48:46 Windows Update
13-05-2016 13:25:46 Windows Update
16-05-2016 00:05:54 Windows Update
16-05-2016 10:29:16 Removed Java 8 Update 45 (64-bit)
16-05-2016 10:31:00 Removed Adobe Reader XI (11.0.16) - Deutsch.
16-05-2016 13:07:48 JRT Pre-Junkware Removal
16-05-2016 13:10:52 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/16/2016 02:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 01:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 12:38:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 10:41:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 08:21:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 08:21:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 08:21:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/16/2016 08:21:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/15/2016 11:59:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/15/2016 11:59:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (05/16/2016 11:04:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/16/2016 11:02:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/16/2016 10:37:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/16/2016 10:35:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/16/2016 10:35:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/16/2016 10:27:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\***\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/16/2016 10:27:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\***\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3957.86 MB
Verfügbarer physikalischer RAM: 2131.83 MB
Summe virtueller Speicher: 7913.9 MB
Verfügbarer virtueller Speicher: 6003.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:452.56 GB) (Free:318.56 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:12.91 GB) (Free:2.12 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (WIN_ME) (Fixed) (Total:9.35 GB) (Free:2.79 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CB0F1A13)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 9.4 GB) (Disk ID: 9163607E)
Partition 1: (Active) - (Size=9.4 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
FRST wird im nachfolgenden Beitrag gesendet.
__________________

Alt 16.05.2016, 14:04   #4
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016
durchgeführt von *** (Administrator) auf HP (16-05-2016 14:21:52)
Gestartet von C:\Users\***\Desktop
Geladene Profile: *** (Verfügbare Profile: ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2009-10-13] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [225280 2011-07-18] (MyHeritage)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [RfxSrvTray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [1und1Agent] => C:\Program Files (x86)\Internetradio Player\ps_agent.exe [98304 2009-05-13] (phonostar)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [] => [X]
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {8935c541-cfda-11e1-9719-c80aa95dbcad} - G:\AutoRun.exe
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {8935c55c-cfda-11e1-9719-c80aa95dbcad} - G:\AutoRun.exe
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {948e3ef8-ca84-11e2-bb00-c80aa95dbcad} - G:\AutoRun.exe
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {b56bd0c6-d25f-11e2-8ae8-c80aa95dbcad} - G:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-12-01]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Easy2Sync für Outlook.lnk [2015-05-20]
ShortcutTarget: Easy2Sync für Outlook.lnk -> C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook64Bit.exe (Keine Datei)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-07-09]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{01E50E22-2BA6-4EDE-877A-50F5A334DF24}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{7F95DCEE-D149-42A9-9E13-FC7C90DD770C}: [NameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{A4F53183-18BE-4CA2-A21B-D115A4CB03C9}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CC0C0B6F-555E-4180-B3DB-4811229516B5}: [NameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{F07BB68B-F2F0-4C35-929E-CD2F9183D997}: [NameServer] 139.7.30.125 139.7.30.126

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 - (Kein Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-05] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-05] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-14] (RealPlayer)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-05] (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-05] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-05] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll [2009-10-16] (soft Xpansion)
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\6xjs6gaw.default-1463129004491
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-06-02] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-12-14] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-06-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-02] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-05-14] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-05-14] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-05-14] (RealPlayer)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-01-29] [ist nicht signiert]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-01-29] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-07-13] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Kein Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-04-24] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [224256 2011-02-04] () [Datei ist nicht signiert]
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Datei ist nicht signiert]
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [58952 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-03-16] () [Datei ist nicht signiert]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2012-07-17] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-05-16] (Sony Ericsson Mobile Communications)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
U3 DfSdkS; kein ImagePath
U4 eabfiltr; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-16 14:21 - 2016-05-16 14:22 - 00027665 _____ C:\Users\***\Desktop\FRST.txt
2016-05-16 14:21 - 2016-05-16 14:21 - 00000000 ____D C:\FRST
2016-05-16 14:20 - 2016-05-16 14:20 - 02382336 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2016-05-16 13:09 - 2016-05-16 13:12 - 00000554 _____ C:\Users\***\Desktop\JRT.txt
2016-05-16 13:05 - 2016-05-16 13:05 - 01610816 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe
2016-05-16 11:01 - 2016-05-16 11:01 - 00000022 _____ C:\Windows\S.dirmngr
2016-05-16 10:42 - 2016-05-16 13:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-16 10:42 - 2016-05-16 10:42 - 00001066 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-16 10:42 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-16 10:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-16 10:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-16 10:40 - 2016-05-16 10:40 - 22851472 _____ (Malwarebytes ) C:\Users\***\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-16 08:19 - 2016-05-16 11:01 - 00003194 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3147491749-1704817828-3195401907-1000
2016-05-16 08:18 - 2016-05-16 11:01 - 00003328 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3147491749-1704817828-3195401907-1000
2016-05-16 00:01 - 2016-05-16 00:01 - 03651136 _____ C:\Users\***\Downloads\adwcleaner_5.117.exe
2016-05-15 16:37 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-15 16:37 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-15 16:37 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-15 16:37 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-15 16:37 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-15 16:37 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-15 16:37 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-15 16:37 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-15 16:37 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-15 16:37 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-15 16:37 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-15 16:37 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-15 16:37 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-15 16:37 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-15 16:37 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-15 16:37 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-15 16:37 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-15 16:37 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-15 16:37 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-15 16:37 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-15 16:37 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-15 16:37 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-15 16:37 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-15 16:37 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-15 16:37 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-15 16:37 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-15 16:37 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-15 16:37 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-15 16:37 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-15 16:37 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-15 16:37 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-15 16:37 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-15 16:37 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-15 16:37 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-15 16:37 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-15 16:37 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-15 16:37 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-15 16:37 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-15 16:37 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-15 16:37 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-15 16:37 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-15 16:37 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-15 16:37 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-15 16:37 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-15 16:37 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-15 16:37 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-15 16:37 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-15 16:37 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-15 16:37 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-15 16:37 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-15 16:37 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-15 16:37 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-15 16:37 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-15 16:37 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-15 16:37 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-15 16:37 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-15 16:37 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-15 16:37 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-15 16:37 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-15 16:37 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-15 16:37 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-15 16:37 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-15 16:37 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-15 16:37 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-15 16:37 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-15 16:37 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-15 16:37 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-15 16:37 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-15 16:37 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-15 16:37 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-15 16:37 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-15 16:37 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-15 16:37 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-15 16:37 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-15 16:37 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-15 16:37 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-15 16:37 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-15 16:37 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-15 16:36 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-15 16:36 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-15 16:36 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-15 16:36 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-15 16:36 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-15 16:36 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-15 16:36 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-15 16:36 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-15 16:36 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-15 16:36 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-15 16:36 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-15 16:36 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-15 16:36 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-15 16:36 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-15 16:36 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-15 16:36 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-15 16:36 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-15 16:36 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-15 16:36 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-15 16:36 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-15 16:36 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-15 16:36 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-15 16:36 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-15 16:36 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-15 16:36 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-15 16:36 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-15 16:36 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-15 16:35 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-15 16:35 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-15 16:17 - 2016-05-15 16:17 - 19942080 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-15 15:03 - 2016-05-16 12:38 - 00000000 ____D C:\AdwCleaner
2016-05-15 14:40 - 2016-05-15 14:40 - 02870984 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2016-05-13 13:07 - 2016-05-13 13:07 - 09794170 _____ C:\Users\***\Downloads\word_password_recovery_trial.exe
2016-05-13 12:47 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-05-13 12:47 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-05-13 12:47 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-05-13 12:47 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-05-13 12:47 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-05-13 12:47 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-05-13 12:47 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-05-13 12:47 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-05-13 12:47 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-05-13 12:47 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-05-13 12:45 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-13 12:45 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-13 12:45 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-13 12:45 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-13 12:45 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-13 12:45 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-13 12:45 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-13 12:45 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-13 12:45 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-13 12:45 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-05-13 12:45 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-05-13 12:45 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-05-13 12:45 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-05-13 12:45 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-05-13 12:45 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-05-13 12:45 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-05-13 10:43 - 2016-05-13 10:43 - 00000000 ____D C:\Users\***\Desktop\Alte Firefox-Daten
2016-05-05 19:18 - 2016-05-05 19:18 - 00000000 ___HT C:\Windows\wusa.lock
2016-05-05 19:18 - 2016-05-05 19:18 - 00000000 ____D C:\cb99f3c23440f7dbdcea1c9b

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-16 14:17 - 2012-05-19 10:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-16 13:39 - 2012-01-30 20:18 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-16 13:21 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-16 13:21 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-16 12:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-16 11:39 - 2015-09-19 12:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-16 11:35 - 2010-01-24 00:31 - 00519626 _____ C:\Windows\system32\perfh007.dat
2016-05-16 11:35 - 2010-01-24 00:31 - 00153336 _____ C:\Windows\system32\perfc007.dat
2016-05-16 11:35 - 2009-07-14 07:13 - 01453264 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-16 11:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-16 11:02 - 2010-05-15 20:31 - 00000183 _____ C:\ProgramData\HPWALog.txt
2016-05-16 11:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-16 10:37 - 2014-12-06 19:17 - 00000000 ____D C:\ProgramData\Avira
2016-05-16 10:37 - 2014-03-14 18:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-16 10:32 - 2014-12-06 19:18 - 00000000 ____D C:\Users\***\AppData\Roaming\Avira
2016-05-16 10:31 - 2012-01-31 14:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-16 10:31 - 2010-01-23 17:16 - 00000000 ____D C:\ProgramData\Adobe
2016-05-16 08:15 - 2013-11-18 07:48 - 00502048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-16 08:13 - 2015-04-18 17:55 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-16 08:13 - 2015-04-18 17:55 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-16 08:13 - 2014-12-21 14:32 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-16 00:22 - 2013-08-15 20:09 - 00000000 ____D C:\Windows\system32\MRT
2016-05-16 00:06 - 2010-05-16 10:00 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-15 16:17 - 2012-05-19 10:39 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-15 16:17 - 2012-05-19 10:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-15 16:17 - 2012-01-31 14:37 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 13:20 - 2010-05-17 18:36 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2016-05-13 12:17 - 2014-12-25 18:35 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieBrowserModeList
2016-05-13 12:17 - 2014-07-10 11:37 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieUserList
2016-05-13 12:17 - 2014-05-08 17:25 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieSiteList
2016-05-13 11:34 - 2015-09-19 12:17 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-13 11:34 - 2012-01-30 20:18 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-05 19:18 - 2013-12-27 18:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-05 19:12 - 2010-01-23 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-05 18:59 - 2015-09-26 13:37 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-21 15:05 - 2010-05-15 20:51 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-09-02 11:44 - 2011-05-03 10:18 - 0003709 _____ () C:\Program Files (x86)\001MarkSchl.ini
2011-09-02 11:44 - 2011-07-08 15:41 - 4234064 _____ () C:\Program Files (x86)\BKRKstPlan.exe
2011-09-02 11:43 - 2008-04-07 13:59 - 0727552 _____ (EC Software) C:\Program Files (x86)\HHReg.exe
2011-09-02 11:44 - 2011-09-02 11:44 - 0014587 _____ () C:\Program Files (x86)\InstClient.LOG
2011-09-02 11:43 - 2010-09-09 17:26 - 0021504 _____ () C:\Program Files (x86)\rbDADE.deu
2011-09-02 11:43 - 2010-09-09 17:26 - 0048128 _____ () C:\Program Files (x86)\rbIDE.deu
2011-09-02 11:43 - 2010-09-09 17:26 - 0024064 _____ () C:\Program Files (x86)\rbPrint.deu
2011-09-02 11:43 - 2010-09-09 17:26 - 0017920 _____ () C:\Program Files (x86)\rbRAP.deu
2011-09-02 11:42 - 2011-08-26 10:15 - 0000007 _____ () C:\Program Files (x86)\Release.txt
2011-09-02 11:43 - 2010-05-18 12:57 - 0200704 _____ (DATEV eG Nürnberg) C:\Program Files (x86)\Self32.dll
2011-09-02 11:43 - 2010-05-18 12:57 - 0013778 _____ () C:\Program Files (x86)\Self32.ini
2011-09-02 11:44 - 2010-05-18 12:57 - 0020864 _____ () C:\Program Files (x86)\Self32.tlb
2011-09-02 11:44 - 2010-12-09 18:49 - 3625824 _____ () C:\Program Files (x86)\TeamViewerQS_de.exe
2012-05-03 20:19 - 2012-05-04 08:21 - 0000084 _____ () C:\Users\***\AppData\Roaming\DAXACHRT.INI
2014-05-03 20:26 - 2014-05-03 20:26 - 0000000 _____ () C:\Users\***\AppData\Roaming\gdfw.log
2014-05-03 20:26 - 2014-05-03 20:26 - 0000779 _____ () C:\Users\***\AppData\Roaming\gdscan.log
2011-01-09 10:53 - 2011-06-07 19:57 - 0001854 _____ () C:\Users\***\AppData\Roaming\GhostObjGAFix.xml
2002-07-01 16:13 - 2002-07-01 16:13 - 0000228 ___SH () C:\Users\***\AppData\Roaming\hjuytr.dat
2010-06-02 12:50 - 2010-06-02 12:51 - 0024209 _____ () C:\Users\***\AppData\Roaming\UserTile.png
2011-11-02 20:19 - 2012-04-22 17:20 - 0000424 _____ () C:\Users\***\AppData\Roaming\wklnhst.dat
2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\AtStart.txt
2011-07-21 12:35 - 2011-12-04 13:12 - 0001188 _____ () C:\Users\***\AppData\Local\crc32list11.txt
2010-05-30 12:39 - 2012-01-24 14:08 - 0027136 _____ () C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\DSwitch.txt
2011-09-01 10:27 - 2011-09-01 10:27 - 0004096 ____H () C:\Users\***\AppData\Local\keyfile3.drm
2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\QSwitch.txt
2012-04-21 11:22 - 2012-04-21 11:22 - 0007605 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2012-05-08 11:44 - 2012-05-08 11:44 - 0017408 _____ () C:\Users\***\AppData\Local\WebpageIcons.db
2012-01-20 14:13 - 2012-01-20 14:13 - 0001188 _____ () C:\ProgramData\crc32list11.txt
2010-05-15 20:31 - 2016-05-16 11:02 - 0000183 _____ () C:\ProgramData\HPWALog.txt
2010-02-11 02:28 - 2010-02-11 02:28 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-01-23 17:41 - 2010-01-23 17:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-02-11 02:27 - 2010-02-11 02:27 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-01-23 17:38 - 2010-01-23 17:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-02-11 02:27 - 2010-02-11 02:27 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-02-11 02:28 - 2010-02-11 02:28 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-01-23 17:37 - 2010-01-23 17:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-01-23 17:38 - 2010-01-23 17:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-02-11 02:28 - 2010-02-11 02:28 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\avgnt.exe
C:\Users\***\AppData\Local\Temp\NOSEventMessages.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\OnLineIDCpl.dll
C:\Windows\System32\BDSandBoxUISkin32.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-16 12:14

==================== Ende von FRST.txt ============================
         
Nun hoffe ich mal, dass sich keine Leichen mehr im Keller finden... ;-)

TDSS folgt.

Geändert von ratte98 (16.05.2016 um 14:12 Uhr)

Alt 16.05.2016, 14:15   #5
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



TDSS:

Code:
ATTFilter
14:44:56.0298 0x0ff0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:45:03.0927 0x0ff0  ============================================================
14:45:03.0927 0x0ff0  Current date / time: 2016/05/16 14:45:03.0927
14:45:03.0927 0x0ff0  SystemInfo:
14:45:03.0927 0x0ff0  
14:45:03.0927 0x0ff0  OS Version: 6.1.7601 ServicePack: 1.0
14:45:03.0927 0x0ff0  Product type: Workstation
14:45:03.0927 0x0ff0  ComputerName: HP
14:45:03.0927 0x0ff0  UserName: ***
14:45:03.0927 0x0ff0  Windows directory: C:\Windows
14:45:03.0927 0x0ff0  System windows directory: C:\Windows
14:45:03.0927 0x0ff0  Running under WOW64
14:45:03.0927 0x0ff0  Processor architecture: Intel x64
14:45:03.0927 0x0ff0  Number of processors: 4
14:45:03.0927 0x0ff0  Page size: 0x1000
14:45:03.0927 0x0ff0  Boot type: Normal boot
14:45:03.0942 0x0ff0  ============================================================
14:45:04.0332 0x0ff0  KLMD registered as C:\Windows\system32\drivers\92311409.sys
14:45:04.0722 0x0ff0  System UUID: {292BA9A1-77FC-8F6E-1D95-BD831EA83914}
14:45:05.0612 0x0ff0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:45:05.0627 0x0ff0  Drive \Device\Harddisk1\DR2 - Size: 0x257646000 ( 9.37 Gb ), SectorSize: 0x200, Cylinders: 0x4C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:45:06.0017 0x0ff0  ============================================================
14:45:06.0017 0x0ff0  \Device\Harddisk0\DR0:
14:45:06.0017 0x0ff0  MBR partitions:
14:45:06.0017 0x0ff0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:45:06.0017 0x0ff0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3891C800
14:45:06.0017 0x0ff0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38980800, BlocksNum 0x19D1800
14:45:06.0017 0x0ff0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:45:06.0017 0x0ff0  \Device\Harddisk1\DR2:
14:45:06.0017 0x0ff0  MBR partitions:
14:45:06.0017 0x0ff0  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x12B8D07
14:45:06.0017 0x0ff0  ============================================================
14:45:06.0048 0x0ff0  C: <-> \Device\Harddisk0\DR0\Partition2
14:45:06.0095 0x0ff0  D: <-> \Device\Harddisk0\DR0\Partition3
14:45:06.0095 0x0ff0  E: <-> \Device\Harddisk0\DR0\Partition4
14:45:06.0111 0x0ff0  G: <-> \Device\Harddisk1\DR2\Partition1
14:45:06.0111 0x0ff0  ============================================================
14:45:06.0111 0x0ff0  Initialize success
14:45:06.0111 0x0ff0  ============================================================
14:47:19.0382 0x10f8  ============================================================
14:47:19.0382 0x10f8  Scan started
14:47:19.0382 0x10f8  Mode: Manual; SigCheck; TDLFS; 
14:47:19.0382 0x10f8  ============================================================
14:47:19.0382 0x10f8  KSN ping started
14:47:32.0923 0x10f8  KSN ping finished: true
14:47:33.0968 0x10f8  ================ Scan system memory ========================
14:47:33.0968 0x10f8  System memory - ok
14:47:33.0968 0x10f8  ================ Scan services =============================
14:47:34.0108 0x10f8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:47:34.0202 0x10f8  1394ohci - ok
14:47:34.0280 0x10f8  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:47:34.0327 0x10f8  ACDaemon - ok
14:47:34.0358 0x10f8  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
14:47:34.0389 0x10f8  acedrv11 - ok
14:47:34.0405 0x10f8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:47:34.0436 0x10f8  ACPI - ok
14:47:34.0452 0x10f8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:47:34.0483 0x10f8  AcpiPmi - ok
14:47:34.0654 0x10f8  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:47:34.0686 0x10f8  AdobeFlashPlayerUpdateSvc - ok
14:47:34.0717 0x10f8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:47:34.0748 0x10f8  adp94xx - ok
14:47:34.0795 0x10f8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:47:34.0810 0x10f8  adpahci - ok
14:47:34.0873 0x10f8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:47:34.0888 0x10f8  adpu320 - ok
14:47:34.0935 0x10f8  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:47:34.0951 0x10f8  AeLookupSvc - ok
14:47:34.0982 0x10f8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:47:34.0998 0x10f8  AERTFilters - ok
14:47:35.0029 0x10f8  [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
14:47:35.0044 0x10f8  Afc - ok
14:47:35.0076 0x10f8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
14:47:35.0122 0x10f8  AFD - ok
14:47:35.0169 0x10f8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
14:47:35.0216 0x10f8  AgereSoftModem - ok
14:47:35.0232 0x10f8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:47:35.0247 0x10f8  agp440 - ok
14:47:35.0278 0x10f8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:47:35.0294 0x10f8  ALG - ok
14:47:35.0310 0x10f8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:47:35.0310 0x10f8  aliide - ok
14:47:35.0341 0x10f8  [ 1D317EA326423FF7630CF1DA3BD46A1C, 1C1D07927106F2D48820AD6E34F0A8137C12FF43C925F89320C3D82C9C786B21 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:47:35.0372 0x10f8  AMD External Events Utility - ok
14:47:35.0388 0x10f8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:47:35.0403 0x10f8  amdide - ok
14:47:35.0419 0x10f8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:47:35.0434 0x10f8  AmdK8 - ok
14:47:35.0450 0x10f8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:47:35.0466 0x10f8  AmdPPM - ok
14:47:35.0481 0x10f8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:47:35.0497 0x10f8  amdsata - ok
14:47:35.0512 0x10f8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:47:35.0528 0x10f8  amdsbs - ok
14:47:35.0528 0x10f8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:47:35.0544 0x10f8  amdxata - ok
14:47:35.0575 0x10f8  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
14:47:35.0575 0x10f8  AppID - ok
14:47:35.0637 0x10f8  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:47:35.0653 0x10f8  AppIDSvc - ok
14:47:35.0684 0x10f8  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
14:47:35.0700 0x10f8  Appinfo - ok
14:47:35.0715 0x10f8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:47:35.0715 0x10f8  arc - ok
14:47:35.0731 0x10f8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:47:35.0746 0x10f8  arcsas - ok
14:47:35.0824 0x10f8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:47:35.0871 0x10f8  aspnet_state - ok
14:47:35.0887 0x10f8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:47:35.0934 0x10f8  AsyncMac - ok
14:47:35.0949 0x10f8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:47:35.0965 0x10f8  atapi - ok
14:47:36.0074 0x10f8  [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:47:36.0168 0x10f8  athr - ok
14:47:36.0199 0x10f8  [ D481083348138B4933ACFE95812DB71C, 62B8B1C844FCF6CF3FC8987A3B0963FEB1DFD28D9F977BDFD04DA7F358CBF0F6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
14:47:36.0214 0x10f8  AtiHdmiService - ok
14:47:36.0448 0x10f8  [ 19B5C61CB09BFF2BD69E063EE54B56C3, EDA5897A58115ACCBB880EBAE1034E45AA0F2038A98C21E3A3CF1662C360408B ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:47:36.0651 0x10f8  atikmdag - ok
14:47:36.0729 0x10f8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:47:36.0760 0x10f8  AudioEndpointBuilder - ok
14:47:36.0792 0x10f8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:47:36.0823 0x10f8  AudioSrv - ok
14:47:36.0854 0x10f8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:47:36.0885 0x10f8  AxInstSV - ok
14:47:36.0916 0x10f8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:47:36.0948 0x10f8  b06bdrv - ok
14:47:36.0979 0x10f8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:47:36.0994 0x10f8  b57nd60a - ok
14:47:37.0026 0x10f8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:47:37.0041 0x10f8  BDESVC - ok
14:47:37.0041 0x10f8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:47:37.0088 0x10f8  Beep - ok
14:47:37.0135 0x10f8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:47:37.0166 0x10f8  BFE - ok
14:47:37.0228 0x10f8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:47:37.0322 0x10f8  BITS - ok
14:47:37.0353 0x10f8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:47:37.0353 0x10f8  blbdrive - ok
14:47:37.0369 0x10f8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:47:37.0384 0x10f8  bowser - ok
14:47:37.0416 0x10f8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:47:37.0431 0x10f8  BrFiltLo - ok
14:47:37.0431 0x10f8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:47:37.0447 0x10f8  BrFiltUp - ok
14:47:37.0478 0x10f8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:47:37.0494 0x10f8  Browser - ok
14:47:37.0525 0x10f8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:47:37.0540 0x10f8  Brserid - ok
14:47:37.0572 0x10f8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:47:37.0587 0x10f8  BrSerWdm - ok
14:47:37.0603 0x10f8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:47:37.0618 0x10f8  BrUsbMdm - ok
14:47:37.0634 0x10f8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:47:37.0634 0x10f8  BrUsbSer - ok
14:47:37.0665 0x10f8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:47:37.0681 0x10f8  BTHMODEM - ok
14:47:37.0696 0x10f8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:47:37.0743 0x10f8  bthserv - ok
14:47:37.0774 0x10f8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:47:37.0821 0x10f8  cdfs - ok
14:47:37.0852 0x10f8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:47:37.0868 0x10f8  cdrom - ok
14:47:37.0884 0x10f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:47:37.0930 0x10f8  CertPropSvc - ok
14:47:37.0946 0x10f8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:47:37.0962 0x10f8  circlass - ok
14:47:37.0993 0x10f8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
14:47:38.0008 0x10f8  CLFS - ok
14:47:38.0289 0x10f8  [ A4797D56322F64F5A9823363A7644C4D, 673BD9E509B934BA22E056221A0D0E7CBBB5DCA4ECC6947BDD1E05EDA8B432EC ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
14:47:38.0383 0x10f8  ClickToRunSvc - ok
14:47:38.0445 0x10f8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:47:38.0461 0x10f8  clr_optimization_v2.0.50727_32 - ok
14:47:38.0476 0x1438  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
14:47:38.0492 0x10f8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:47:38.0508 0x10f8  clr_optimization_v2.0.50727_64 - ok
14:47:38.0554 0x10f8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:47:38.0586 0x10f8  clr_optimization_v4.0.30319_32 - ok
14:47:38.0601 0x10f8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:47:38.0617 0x10f8  clr_optimization_v4.0.30319_64 - ok
14:47:38.0648 0x10f8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:47:38.0648 0x10f8  CmBatt - ok
14:47:38.0679 0x10f8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:47:38.0679 0x10f8  cmdide - ok
14:47:38.0757 0x10f8  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:47:38.0804 0x10f8  CNG - ok
14:47:38.0898 0x10f8  [ C7A0E61D5714AC20DE52D4F66EC773B8, 53F0C91FD62E6787221EFB4BFDB087C2087CACD6B0C0605F58FC391F546EBA7A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:47:38.0913 0x10f8  Com4QLBEx - ok
14:47:38.0929 0x10f8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:47:38.0944 0x10f8  Compbatt - ok
14:47:38.0960 0x10f8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:47:38.0991 0x10f8  CompositeBus - ok
14:47:38.0991 0x10f8  COMSysApp - ok
14:47:39.0007 0x10f8  CpqDfw - ok
14:47:39.0022 0x10f8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:47:39.0038 0x10f8  crcdisk - ok
14:47:39.0085 0x10f8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:47:39.0100 0x10f8  CryptSvc - ok
14:47:39.0147 0x10f8  [ C20E2A7A29F06A69C40E949255257B01, 309044604363E563A32086770AECCD99C6BF20925E4EB404604E88E5393F5F6B ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
14:47:39.0163 0x10f8  ctxusbm - ok
14:47:39.0241 0x10f8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:47:39.0272 0x10f8  DcomLaunch - ok
14:47:39.0303 0x10f8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:47:39.0366 0x10f8  defragsvc - ok
14:47:39.0397 0x10f8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:47:39.0444 0x10f8  DfsC - ok
14:47:39.0475 0x10f8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:47:39.0506 0x10f8  Dhcp - ok
14:47:39.0631 0x10f8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:47:39.0709 0x10f8  DiagTrack - ok
14:47:39.0756 0x10f8  [ A329AD5743569ADE20B2AE419A86A3C2, AA7D50787506BAB486F94698311C852FD3B44B022A47E3A095570432533E87F4 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:47:39.0787 0x10f8  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
14:47:41.0456 0x1438  Object send P2P result: true
14:47:42.0298 0x10f8  Detect skipped due to KSN trusted
14:47:42.0314 0x10f8  DirMngr - ok
14:47:42.0361 0x10f8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:47:42.0439 0x10f8  discache - ok
14:47:42.0454 0x10f8  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
14:47:42.0470 0x10f8  Disk - ok
14:47:42.0501 0x10f8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:47:42.0517 0x10f8  Dnscache - ok
14:47:42.0548 0x10f8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:47:42.0595 0x10f8  dot3svc - ok
14:47:42.0626 0x10f8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:47:42.0673 0x10f8  DPS - ok
14:47:42.0688 0x10f8  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:47:42.0704 0x10f8  drmkaud - ok
14:47:42.0782 0x10f8  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:47:42.0860 0x10f8  DXGKrnl - ok
14:47:42.0891 0x10f8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:47:42.0938 0x10f8  EapHost - ok
14:47:43.0000 0x10f8  [ 5F697C5802709FF9A8CEA22D088E7806, 97809460FE6F6D7CEC3531227B78893D4F7076221A0262687FE460BF9F221F3F ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
14:47:43.0032 0x10f8  EaseUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:47:45.0528 0x10f8  Detect skipped due to KSN trusted
14:47:45.0528 0x10f8  EaseUS Agent - ok
14:47:45.0730 0x10f8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:47:45.0902 0x10f8  ebdrv - ok
14:47:45.0918 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS             C:\Windows\System32\lsass.exe
14:47:45.0949 0x10f8  EFS - ok
14:47:46.0027 0x10f8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:47:46.0089 0x10f8  ehRecvr - ok
14:47:46.0120 0x10f8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:47:46.0136 0x10f8  ehSched - ok
14:47:46.0198 0x10f8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:47:46.0230 0x10f8  elxstor - ok
14:47:46.0261 0x10f8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:47:46.0276 0x10f8  ErrDev - ok
14:47:46.0308 0x10f8  [ A0D10DF690BED80FA9726FBDA8FF4831, 37A7EDEBF2883D7E6D95DB41D81B751D929D015ABE4136107371FA50F0A5C05F ] EUBAKUP         C:\Windows\system32\drivers\eubakup.sys
14:47:46.0308 0x10f8  EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
14:47:48.0804 0x10f8  Detect skipped due to KSN trusted
14:47:48.0804 0x10f8  EUBAKUP - ok
14:47:48.0835 0x10f8  [ BBEB9CF16B9FF7D7B4D31CCD922D8DB3, 7EF21E3A7123944B6B364098FA319262C0C550112C36FFD6A38D6ADACD032218 ] EUBKMON         C:\Windows\system32\drivers\EUBKMON.sys
14:47:48.0850 0x10f8  EUBKMON - detected UnsignedFile.Multi.Generic ( 1 )
14:47:51.0346 0x10f8  Detect skipped due to KSN trusted
14:47:51.0346 0x10f8  EUBKMON - ok
14:47:51.0393 0x10f8  [ 9407CB35AB614D8FD06E965E012FE1D4, 93C2452B5F87A445E4C8EE47CBD072000798432DD108394D809169C9A67B87AE ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
14:47:51.0409 0x10f8  EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
14:47:53.0905 0x10f8  Detect skipped due to KSN trusted
14:47:53.0905 0x10f8  EUDSKACS - ok
14:47:53.0936 0x10f8  [ D6E1E51338F8C80AFF3B688AA1BBA879, F949433A959DFFFD942938EE9CAA97183752F9CFD5605097AF5FF00778EDBE4A ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
14:47:53.0952 0x10f8  EUFDDISK - detected UnsignedFile.Multi.Generic ( 1 )
14:47:56.0494 0x10f8  Detect skipped due to KSN trusted
14:47:56.0494 0x10f8  EUFDDISK - ok
14:47:56.0572 0x10f8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:47:56.0635 0x10f8  EventSystem - ok
14:47:56.0666 0x10f8  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:47:56.0697 0x10f8  ew_hwusbdev - ok
14:47:56.0713 0x10f8  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:47:56.0728 0x10f8  ew_usbenumfilter - ok
14:47:56.0760 0x10f8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:47:56.0822 0x10f8  exfat - ok
14:47:56.0822 0x10f8  ezSharedSvc - ok
14:47:56.0853 0x10f8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:47:56.0900 0x10f8  fastfat - ok
14:47:56.0947 0x10f8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:47:56.0994 0x10f8  Fax - ok
14:47:57.0009 0x10f8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:47:57.0025 0x10f8  fdc - ok
14:47:57.0040 0x10f8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:47:57.0072 0x10f8  fdPHost - ok
14:47:57.0087 0x10f8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:47:57.0134 0x10f8  FDResPub - ok
14:47:57.0134 0x10f8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:47:57.0150 0x10f8  FileInfo - ok
14:47:57.0165 0x10f8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:47:57.0196 0x10f8  Filetrace - ok
14:47:57.0228 0x10f8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:47:57.0243 0x10f8  flpydisk - ok
14:47:57.0259 0x10f8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:47:57.0274 0x10f8  FltMgr - ok
14:47:57.0337 0x10f8  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
14:47:57.0415 0x10f8  FontCache - ok
14:47:57.0462 0x10f8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:47:57.0477 0x10f8  FontCache3.0.0.0 - ok
14:47:57.0493 0x10f8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:47:57.0508 0x10f8  FsDepends - ok
14:47:57.0524 0x10f8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:47:57.0540 0x10f8  Fs_Rec - ok
14:47:57.0571 0x10f8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:47:57.0602 0x10f8  fvevol - ok
14:47:57.0618 0x10f8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:47:57.0633 0x10f8  gagp30kx - ok
14:47:57.0664 0x10f8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:47:57.0742 0x10f8  gpsvc - ok
14:47:57.0774 0x10f8  [ 3B56627C838CFB7314570A7FCBC83C04, 798A96665D71D99B8D1D8AF431016A4A205C0487CDD376B805C1DE8A1A160F0A ] Guard Agent     C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
14:47:57.0774 0x10f8  Guard Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:48:00.0332 0x10f8  Detect skipped due to KSN trusted
14:48:00.0332 0x10f8  Guard Agent - ok
14:48:00.0394 0x10f8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:48:00.0426 0x10f8  gupdate - ok
14:48:00.0426 0x10f8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:48:00.0441 0x10f8  gupdatem - ok
14:48:00.0457 0x10f8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:48:00.0472 0x10f8  hcw85cir - ok
14:48:00.0504 0x10f8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:48:00.0550 0x10f8  HdAudAddService - ok
14:48:00.0566 0x10f8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:48:00.0597 0x10f8  HDAudBus - ok
14:48:00.0613 0x10f8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:48:00.0628 0x10f8  HECIx64 - ok
14:48:00.0644 0x10f8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:48:00.0660 0x10f8  HidBatt - ok
14:48:00.0722 0x10f8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:48:00.0738 0x10f8  HidBth - ok
14:48:00.0753 0x10f8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:48:00.0784 0x10f8  HidIr - ok
14:48:00.0784 0x10f8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:48:00.0831 0x10f8  hidserv - ok
14:48:00.0862 0x10f8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:48:00.0894 0x10f8  HidUsb - ok
14:48:00.0909 0x10f8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:48:01.0003 0x10f8  hkmsvc - ok
14:48:01.0034 0x10f8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:48:01.0050 0x10f8  HomeGroupListener - ok
14:48:01.0081 0x10f8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:48:01.0096 0x10f8  HomeGroupProvider - ok
14:48:01.0143 0x10f8  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:48:01.0159 0x10f8  HP Support Assistant Service - ok
14:48:01.0190 0x10f8  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:48:01.0206 0x10f8  HpqKbFiltr - ok
14:48:01.0268 0x10f8  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:48:01.0315 0x10f8  hpqwmiex - ok
14:48:01.0346 0x10f8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:48:01.0362 0x10f8  HpSAMD - ok
14:48:01.0408 0x10f8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:48:01.0471 0x10f8  HTTP - ok
14:48:01.0502 0x10f8  [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm   C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:48:01.0518 0x10f8  huawei_cdcacm - ok
14:48:01.0533 0x10f8  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:48:01.0549 0x10f8  huawei_enumerator - ok
14:48:01.0564 0x10f8  [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:48:01.0596 0x10f8  huawei_ext_ctrl - ok
14:48:01.0611 0x10f8  [ 962032D69A8CA503F030F311CF4487B7, 1E4009A0CA6F73D02171D14FDCC875E5AD36C6CE50F1F1B1642741A0914703EB ] huawei_wwanecm  C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
14:48:01.0642 0x10f8  huawei_wwanecm - ok
14:48:01.0705 0x10f8  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
14:48:01.0752 0x10f8  HWDeviceService64.exe - ok
14:48:01.0783 0x10f8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:48:01.0783 0x10f8  hwpolicy - ok
14:48:01.0830 0x10f8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:48:01.0845 0x10f8  i8042prt - ok
14:48:01.0876 0x10f8  [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:48:01.0908 0x10f8  iaStor - ok
14:48:01.0954 0x10f8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:48:01.0986 0x10f8  iaStorV - ok
14:48:02.0079 0x10f8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:48:02.0220 0x10f8  idsvc - ok
14:48:02.0235 0x10f8  IEEtwCollectorService - ok
14:48:02.0485 0x10f8  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:48:02.0781 0x10f8  igfx - ok
14:48:02.0797 0x10f8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:48:02.0812 0x10f8  iirsp - ok
14:48:02.0859 0x10f8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:48:02.0922 0x10f8  IKEEXT - ok
14:48:03.0000 0x10f8  [ 181E4FF75674A7105ECD0A02C35EF43A, 4316523F23C591B9314DC087256D44F96D2C3543D6F84F3D662C466D744FA86A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:48:03.0109 0x10f8  IntcAzAudAddService - ok
14:48:03.0124 0x10f8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:48:03.0140 0x10f8  intelide - ok
14:48:03.0156 0x10f8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:48:03.0171 0x10f8  intelppm - ok
14:48:03.0202 0x10f8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:48:03.0249 0x10f8  IPBusEnum - ok
14:48:03.0280 0x10f8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:48:03.0312 0x10f8  IpFilterDriver - ok
14:48:03.0358 0x10f8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:48:03.0405 0x10f8  iphlpsvc - ok
14:48:03.0436 0x10f8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:48:03.0452 0x10f8  IPMIDRV - ok
14:48:03.0483 0x10f8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:48:03.0530 0x10f8  IPNAT - ok
14:48:03.0546 0x10f8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:48:03.0561 0x10f8  IRENUM - ok
14:48:03.0577 0x10f8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:48:03.0577 0x10f8  isapnp - ok
14:48:03.0608 0x10f8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:48:03.0639 0x10f8  iScsiPrt - ok
14:48:03.0655 0x10f8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:48:03.0655 0x10f8  kbdclass - ok
14:48:03.0670 0x10f8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:48:03.0686 0x10f8  kbdhid - ok
14:48:03.0702 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso          C:\Windows\system32\lsass.exe
14:48:03.0717 0x10f8  KeyIso - ok
14:48:03.0733 0x10f8  [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:48:03.0748 0x10f8  KSecDD - ok
14:48:03.0764 0x10f8  [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:48:03.0780 0x10f8  KSecPkg - ok
14:48:03.0811 0x10f8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:48:03.0842 0x10f8  ksthunk - ok
14:48:03.0889 0x10f8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:48:03.0951 0x10f8  KtmRm - ok
14:48:03.0982 0x10f8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:48:04.0045 0x10f8  LanmanServer - ok
14:48:04.0060 0x10f8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:48:04.0107 0x10f8  LanmanWorkstation - ok
14:48:04.0170 0x10f8  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:48:04.0170 0x10f8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
14:48:06.0697 0x10f8  Detect skipped due to KSN trusted
14:48:06.0697 0x10f8  LightScribeService - ok
14:48:06.0759 0x10f8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:48:06.0822 0x10f8  lltdio - ok
14:48:06.0853 0x10f8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:48:06.0978 0x10f8  lltdsvc - ok
14:48:06.0993 0x10f8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:48:07.0040 0x10f8  lmhosts - ok
14:48:07.0102 0x10f8  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:48:07.0149 0x10f8  LMS - ok
14:48:07.0180 0x10f8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:48:07.0196 0x10f8  LSI_FC - ok
14:48:07.0212 0x10f8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:48:07.0227 0x10f8  LSI_SAS - ok
14:48:07.0227 0x10f8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:48:07.0243 0x10f8  LSI_SAS2 - ok
14:48:07.0258 0x10f8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:48:07.0274 0x10f8  LSI_SCSI - ok
14:48:07.0290 0x10f8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:48:07.0336 0x10f8  luafv - ok
14:48:07.0368 0x10f8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:48:07.0368 0x10f8  MBAMProtector - ok
14:48:07.0492 0x10f8  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:48:07.0570 0x10f8  MBAMScheduler - ok
14:48:07.0633 0x10f8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
14:48:07.0680 0x10f8  MBAMService - ok
14:48:07.0726 0x10f8  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:48:07.0742 0x10f8  MBAMSwissArmy - ok
14:48:07.0758 0x10f8  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:48:07.0773 0x10f8  MBAMWebAccessControl - ok
14:48:07.0804 0x10f8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:48:07.0820 0x10f8  Mcx2Svc - ok
14:48:07.0820 0x10f8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:48:07.0836 0x10f8  megasas - ok
14:48:07.0867 0x10f8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:48:07.0882 0x10f8  MegaSR - ok
14:48:07.0914 0x10f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:48:07.0960 0x10f8  MMCSS - ok
14:48:07.0976 0x10f8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:48:08.0023 0x10f8  Modem - ok
14:48:08.0038 0x10f8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:48:08.0054 0x10f8  monitor - ok
14:48:08.0070 0x10f8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:48:08.0085 0x10f8  mouclass - ok
14:48:08.0101 0x10f8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:48:08.0101 0x10f8  mouhid - ok
14:48:08.0132 0x10f8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:48:08.0148 0x10f8  mountmgr - ok
14:48:08.0194 0x10f8  [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:48:08.0210 0x10f8  MozillaMaintenance - ok
14:48:08.0241 0x10f8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:48:08.0257 0x10f8  mpio - ok
14:48:08.0272 0x10f8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:48:08.0304 0x10f8  mpsdrv - ok
14:48:08.0366 0x10f8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:48:08.0444 0x10f8  MpsSvc - ok
14:48:08.0491 0x10f8  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:48:08.0538 0x10f8  MRxDAV - ok
14:48:08.0569 0x10f8  [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:48:08.0600 0x10f8  mrxsmb - ok
14:48:08.0631 0x10f8  [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:48:08.0678 0x10f8  mrxsmb10 - ok
14:48:08.0709 0x10f8  [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:48:08.0725 0x10f8  mrxsmb20 - ok
14:48:08.0756 0x10f8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:48:08.0756 0x10f8  msahci - ok
14:48:08.0772 0x10f8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:48:08.0787 0x10f8  msdsm - ok
14:48:08.0803 0x10f8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:48:08.0834 0x10f8  MSDTC - ok
14:48:08.0850 0x10f8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:48:08.0896 0x10f8  Msfs - ok
14:48:08.0896 0x10f8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:48:08.0943 0x10f8  mshidkmdf - ok
14:48:08.0959 0x10f8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:48:08.0959 0x10f8  msisadrv - ok
14:48:08.0990 0x10f8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:48:09.0037 0x10f8  MSiSCSI - ok
14:48:09.0037 0x10f8  msiserver - ok
14:48:09.0052 0x10f8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:48:09.0099 0x10f8  MSKSSRV - ok
14:48:09.0115 0x10f8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:48:09.0146 0x10f8  MSPCLOCK - ok
14:48:09.0162 0x10f8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:48:09.0208 0x10f8  MSPQM - ok
14:48:09.0240 0x10f8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:48:09.0271 0x10f8  MsRPC - ok
14:48:09.0286 0x10f8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:48:09.0302 0x10f8  mssmbios - ok
14:48:09.0318 0x10f8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:48:09.0364 0x10f8  MSTEE - ok
14:48:09.0380 0x10f8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:48:09.0396 0x10f8  MTConfig - ok
14:48:09.0411 0x10f8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:48:09.0427 0x10f8  Mup - ok
14:48:09.0458 0x10f8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:48:09.0520 0x10f8  napagent - ok
14:48:09.0552 0x10f8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:48:09.0583 0x10f8  NativeWifiP - ok
14:48:09.0661 0x10f8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:48:09.0723 0x10f8  NDIS - ok
14:48:09.0754 0x10f8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:48:09.0786 0x10f8  NdisCap - ok
14:48:09.0801 0x10f8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:48:09.0848 0x10f8  NdisTapi - ok
14:48:09.0864 0x10f8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:48:09.0910 0x10f8  Ndisuio - ok
14:48:09.0926 0x10f8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:48:09.0973 0x10f8  NdisWan - ok
14:48:10.0004 0x10f8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:48:10.0035 0x10f8  NDProxy - ok
14:48:10.0051 0x10f8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:48:10.0098 0x10f8  NetBIOS - ok
14:48:10.0113 0x10f8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:48:10.0176 0x10f8  NetBT - ok
14:48:10.0191 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon        C:\Windows\system32\lsass.exe
14:48:10.0191 0x10f8  Netlogon - ok
14:48:10.0238 0x10f8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:48:10.0300 0x10f8  Netman - ok
14:48:10.0378 0x10f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0410 0x10f8  NetMsmqActivator - ok
14:48:10.0441 0x10f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0456 0x10f8  NetPipeActivator - ok
14:48:10.0472 0x10f8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:48:10.0550 0x10f8  netprofm - ok
14:48:10.0550 0x10f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0566 0x10f8  NetTcpActivator - ok
14:48:10.0581 0x10f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0597 0x10f8  NetTcpPortSharing - ok
14:48:10.0815 0x10f8  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:48:11.0112 0x10f8  netw5v64 - ok
14:48:11.0143 0x10f8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:48:11.0158 0x10f8  nfrd960 - ok
14:48:11.0190 0x10f8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:48:11.0221 0x10f8  NlaSvc - ok
14:48:11.0236 0x10f8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:48:11.0283 0x10f8  Npfs - ok
14:48:11.0299 0x10f8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:48:11.0330 0x10f8  nsi - ok
14:48:11.0346 0x10f8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:48:11.0392 0x10f8  nsiproxy - ok
14:48:11.0502 0x10f8  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:48:11.0595 0x10f8  Ntfs - ok
14:48:11.0611 0x10f8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:48:11.0658 0x10f8  Null - ok
14:48:11.0673 0x10f8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:48:11.0689 0x10f8  nvraid - ok
14:48:11.0704 0x10f8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:48:11.0720 0x10f8  nvstor - ok
14:48:11.0751 0x10f8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:48:11.0767 0x10f8  nv_agp - ok
14:48:11.0782 0x10f8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:48:11.0798 0x10f8  ohci1394 - ok
14:48:11.0892 0x10f8  [ E72509DD11B2B4B8F9D629378D37571B, B5A803DF8685D6BFAD6B8AB9CC9F50055B5C50C84373AE5663A88CBB06F803CA ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:48:11.0938 0x10f8  ose - detected UnsignedFile.Multi.Generic ( 1 )
14:48:14.0559 0x10f8  ose ( UnsignedFile.Multi.Generic ) - warning
14:48:14.0559 0x10f8  Force sending object to P2P due to detect: ose
14:48:17.0071 0x10f8  Object send P2P result: true
14:48:19.0801 0x10f8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:48:19.0957 0x10f8  osppsvc - ok
14:48:20.0004 0x10f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:48:20.0050 0x10f8  p2pimsvc - ok
14:48:20.0097 0x10f8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:48:20.0128 0x10f8  p2psvc - ok
14:48:20.0144 0x10f8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:48:20.0160 0x10f8  Parport - ok
14:48:20.0191 0x10f8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:48:20.0206 0x10f8  partmgr - ok
14:48:20.0238 0x10f8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:48:20.0253 0x10f8  PcaSvc - ok
14:48:20.0284 0x10f8  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:48:20.0300 0x10f8  pccsmcfd - ok
14:48:20.0316 0x10f8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:48:20.0347 0x10f8  pci - ok
14:48:20.0362 0x10f8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:48:20.0378 0x10f8  pciide - ok
14:48:20.0394 0x10f8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:48:20.0409 0x10f8  pcmcia - ok
14:48:20.0440 0x10f8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:48:20.0440 0x10f8  pcw - ok
14:48:20.0487 0x10f8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:48:20.0534 0x10f8  PEAUTH - ok
14:48:20.0612 0x10f8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:48:20.0643 0x10f8  PerfHost - ok
14:48:20.0721 0x10f8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:48:20.0830 0x10f8  pla - ok
14:48:20.0862 0x10f8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:48:20.0908 0x10f8  PlugPlay - ok
14:48:20.0971 0x10f8  [ AE6C778717DE2F6B0C0B5335036D3363, AFFD0806CE14663FAEB64E6C8AC7D43FBC7A3160236DF49C54356E518F94032F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:48:21.0002 0x10f8  PMBDeviceInfoProvider - ok
14:48:21.0033 0x10f8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:48:21.0049 0x10f8  PNRPAutoReg - ok
14:48:21.0080 0x10f8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:48:21.0096 0x10f8  PNRPsvc - ok
14:48:21.0127 0x10f8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:48:21.0189 0x10f8  PolicyAgent - ok
14:48:21.0220 0x10f8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:48:21.0267 0x10f8  Power - ok
14:48:21.0298 0x10f8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:48:21.0345 0x10f8  PptpMiniport - ok
14:48:21.0361 0x10f8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:48:21.0376 0x10f8  Processor - ok
14:48:21.0408 0x10f8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:48:21.0439 0x10f8  ProfSvc - ok
14:48:21.0454 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:48:21.0470 0x10f8  ProtectedStorage - ok
14:48:21.0486 0x10f8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:48:21.0532 0x10f8  Psched - ok
14:48:21.0626 0x10f8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:48:21.0704 0x10f8  ql2300 - ok
14:48:21.0704 0x10f8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:48:21.0735 0x10f8  ql40xx - ok
14:48:21.0766 0x10f8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:48:21.0798 0x10f8  QWAVE - ok
14:48:21.0813 0x10f8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:48:21.0829 0x10f8  QWAVEdrv - ok
14:48:22.0016 0x10f8  [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx        C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
14:48:22.0219 0x10f8  Radio.fx - ok
14:48:22.0250 0x10f8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:48:22.0281 0x10f8  RasAcd - ok
14:48:22.0312 0x10f8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:48:22.0359 0x10f8  RasAgileVpn - ok
14:48:22.0375 0x10f8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:48:22.0422 0x10f8  RasAuto - ok
14:48:22.0437 0x10f8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:48:22.0484 0x10f8  Rasl2tp - ok
14:48:22.0531 0x10f8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:48:22.0609 0x10f8  RasMan - ok
14:48:22.0624 0x10f8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:48:22.0656 0x10f8  RasPppoe - ok
14:48:22.0671 0x10f8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:48:22.0718 0x10f8  RasSstp - ok
14:48:22.0749 0x10f8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:48:22.0812 0x10f8  rdbss - ok
14:48:22.0843 0x10f8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:48:22.0858 0x10f8  rdpbus - ok
14:48:22.0874 0x10f8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:48:22.0905 0x10f8  RDPCDD - ok
14:48:22.0921 0x10f8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:48:22.0968 0x10f8  RDPENCDD - ok
14:48:22.0983 0x10f8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:48:23.0014 0x10f8  RDPREFMP - ok
14:48:23.0046 0x10f8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:48:23.0092 0x10f8  RDPWD - ok
14:48:23.0108 0x10f8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:48:23.0139 0x10f8  rdyboost - ok
14:48:23.0170 0x10f8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:48:23.0217 0x10f8  RemoteAccess - ok
14:48:23.0248 0x10f8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:48:23.0295 0x10f8  RemoteRegistry - ok
14:48:23.0311 0x10f8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:48:23.0358 0x10f8  RpcEptMapper - ok
14:48:23.0358 0x10f8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:48:23.0373 0x10f8  RpcLocator - ok
14:48:23.0436 0x10f8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
14:48:23.0451 0x10f8  RpcSs - ok
14:48:23.0482 0x10f8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:48:23.0529 0x10f8  rspndr - ok
14:48:23.0545 0x10f8  [ 483DF0B58CA532E5240E59DC41F30AA2, 3A5AC91E5B57B671072A40F38DA1F804ECDE30FB4D9042FB3FE7B7CA10C0D0BC ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
14:48:23.0576 0x10f8  RSUSBSTOR - ok
14:48:23.0607 0x10f8  [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA     C:\Windows\system32\drivers\RTL2832UBDA.sys
14:48:23.0623 0x10f8  RTL2832UBDA - ok
14:48:23.0638 0x10f8  [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB     C:\Windows\system32\Drivers\RTL2832UUSB.sys
14:48:23.0638 0x10f8  RTL2832UUSB - ok
14:48:23.0670 0x10f8  [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID  C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
14:48:23.0670 0x10f8  RTL2832U_IRHID - ok
14:48:23.0701 0x10f8  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:48:23.0732 0x10f8  RTL8167 - ok
14:48:23.0748 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs           C:\Windows\system32\lsass.exe
14:48:23.0763 0x10f8  SamSs - ok
14:48:23.0794 0x10f8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:48:23.0810 0x10f8  sbp2port - ok
14:48:23.0826 0x10f8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:48:23.0872 0x10f8  SCardSvr - ok
14:48:23.0904 0x10f8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:48:23.0935 0x10f8  scfilter - ok
14:48:24.0013 0x10f8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
14:48:24.0091 0x10f8  Schedule - ok
14:48:24.0122 0x10f8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:48:24.0169 0x10f8  SCPolicySvc - ok
14:48:24.0184 0x10f8  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
14:48:24.0200 0x10f8  sdbus - ok
14:48:24.0231 0x10f8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:48:24.0247 0x10f8  SDRSVC - ok
14:48:24.0262 0x10f8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:48:24.0294 0x10f8  secdrv - ok
14:48:24.0325 0x10f8  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
14:48:24.0340 0x10f8  seclogon - ok
14:48:24.0356 0x10f8  [ EDE7A1D2715AAC2190D51DC07AFD44E3, 992EDC724AC30AAAA9164805F801A73483AC36E8D355CD523B69C4E544EB55CB ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
14:48:24.0387 0x10f8  seehcri - ok
14:48:24.0418 0x10f8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:48:24.0465 0x10f8  SENS - ok
14:48:24.0465 0x10f8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:48:24.0481 0x10f8  SensrSvc - ok
14:48:24.0512 0x10f8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:48:24.0512 0x10f8  Serenum - ok
14:48:24.0543 0x10f8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:48:24.0559 0x10f8  Serial - ok
14:48:24.0559 0x10f8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:48:24.0574 0x10f8  sermouse - ok
14:48:24.0668 0x10f8  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:48:24.0715 0x10f8  ServiceLayer - ok
14:48:24.0746 0x10f8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:48:24.0793 0x10f8  SessionEnv - ok
14:48:24.0808 0x10f8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:48:24.0824 0x10f8  sffdisk - ok
14:48:24.0824 0x10f8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:48:24.0840 0x10f8  sffp_mmc - ok
14:48:24.0855 0x10f8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:48:24.0871 0x10f8  sffp_sd - ok
14:48:24.0886 0x10f8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:48:24.0902 0x10f8  sfloppy - ok
14:48:24.0949 0x10f8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:48:25.0011 0x10f8  SharedAccess - ok
14:48:25.0042 0x10f8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:48:25.0120 0x10f8  ShellHWDetection - ok
14:48:25.0136 0x10f8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:48:25.0152 0x10f8  SiSRaid2 - ok
14:48:25.0167 0x10f8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:48:25.0183 0x10f8  SiSRaid4 - ok
14:48:25.0198 0x10f8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:48:25.0245 0x10f8  Smb - ok
14:48:25.0276 0x10f8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:48:25.0292 0x10f8  SNMPTRAP - ok
14:48:25.0308 0x10f8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:48:25.0323 0x10f8  spldr - ok
14:48:25.0354 0x10f8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:48:25.0401 0x10f8  Spooler - ok
14:48:25.0557 0x10f8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:48:25.0760 0x10f8  sppsvc - ok
14:48:25.0776 0x10f8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:48:25.0822 0x10f8  sppuinotify - ok
14:48:25.0854 0x10f8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:48:25.0900 0x10f8  srv - ok
14:48:25.0916 0x10f8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:48:25.0947 0x10f8  srv2 - ok
14:48:25.0978 0x10f8  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:48:26.0010 0x10f8  SrvHsfHDA - ok
14:48:26.0072 0x10f8  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:48:26.0150 0x10f8  SrvHsfV92 - ok
14:48:26.0197 0x10f8  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:48:26.0244 0x10f8  SrvHsfWinac - ok
14:48:26.0259 0x10f8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:48:26.0275 0x10f8  srvnet - ok
14:48:26.0290 0x10f8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:48:26.0337 0x10f8  SSDPSRV - ok
14:48:26.0368 0x10f8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:48:26.0415 0x10f8  SstpSvc - ok
14:48:26.0431 0x10f8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:48:26.0446 0x10f8  stexstor - ok
14:48:26.0462 0x10f8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:48:26.0493 0x10f8  StillCam - ok
14:48:26.0540 0x10f8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:48:26.0587 0x10f8  stisvc - ok
14:48:26.0618 0x10f8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:48:26.0618 0x10f8  swenum - ok
14:48:26.0649 0x10f8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:48:26.0712 0x10f8  swprv - ok
14:48:26.0758 0x10f8  [ DAEC63566C399E59B91F8993A491D5DB, 4F2DE1F0558975F1F2E4280D879983206474C393DD599243AE261B78C63FA6A8 ] SXDS10          C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe
14:48:26.0790 0x10f8  SXDS10 - detected UnsignedFile.Multi.Generic ( 1 )
14:48:29.0286 0x10f8  Detect skipped due to KSN trusted
14:48:29.0286 0x10f8  SXDS10 - ok
14:48:29.0395 0x10f8  [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:48:29.0457 0x10f8  SynTP - ok
14:48:29.0582 0x10f8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
14:48:29.0676 0x10f8  SysMain - ok
14:48:29.0691 0x10f8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:48:29.0722 0x10f8  TabletInputService - ok
14:48:29.0769 0x10f8  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:48:29.0785 0x10f8  tap0901 - ok
14:48:29.0816 0x10f8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:48:29.0894 0x10f8  TapiSrv - ok
14:48:29.0910 0x10f8  [ 4430E9B4C60AAB672D16E801BAD0555E, 9D9208FD66CF23BE03484C3C335E927D6914A405FED6A8D5B2878BA4F59203DE ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
14:48:29.0925 0x10f8  tbhsd - ok
14:48:30.0034 0x10f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:48:30.0128 0x10f8  Tcpip - ok
14:48:30.0206 0x10f8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:48:30.0268 0x10f8  TCPIP6 - ok
14:48:30.0300 0x10f8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:48:30.0315 0x10f8  tcpipreg - ok
14:48:30.0346 0x10f8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:48:30.0378 0x10f8  TDPIPE - ok
14:48:30.0409 0x10f8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:48:30.0409 0x10f8  TDTCP - ok
14:48:30.0456 0x10f8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:48:30.0471 0x10f8  tdx - ok
14:48:30.0502 0x10f8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:48:30.0518 0x10f8  TermDD - ok
14:48:30.0565 0x10f8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:48:30.0612 0x10f8  TermService - ok
14:48:30.0643 0x10f8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:48:30.0674 0x10f8  Themes - ok
14:48:30.0690 0x10f8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:48:30.0736 0x10f8  THREADORDER - ok
14:48:30.0768 0x10f8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:48:30.0814 0x10f8  TrkWks - ok
14:48:30.0877 0x10f8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:48:30.0939 0x10f8  TrustedInstaller - ok
14:48:30.0955 0x10f8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:48:30.0970 0x10f8  tssecsrv - ok
14:48:31.0002 0x10f8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:48:31.0033 0x10f8  TsUsbFlt - ok
14:48:31.0048 0x10f8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:48:31.0095 0x10f8  tunnel - ok
14:48:31.0126 0x10f8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:48:31.0142 0x10f8  uagp35 - ok
14:48:31.0158 0x10f8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:48:31.0220 0x10f8  udfs - ok
14:48:31.0251 0x10f8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:48:31.0267 0x10f8  UI0Detect - ok
14:48:31.0298 0x10f8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:48:31.0314 0x10f8  uliagpkx - ok
14:48:31.0314 0x10f8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:48:31.0329 0x10f8  umbus - ok
14:48:31.0360 0x10f8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:48:31.0376 0x10f8  UmPass - ok
14:48:31.0516 0x10f8  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:48:31.0594 0x10f8  UNS - ok
14:48:31.0626 0x10f8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:48:31.0688 0x10f8  upnphost - ok
14:48:31.0719 0x10f8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:48:31.0735 0x10f8  usbccgp - ok
14:48:31.0782 0x10f8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:48:31.0813 0x10f8  usbcir - ok
14:48:31.0828 0x10f8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:48:31.0844 0x10f8  usbehci - ok
14:48:31.0860 0x10f8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:48:31.0891 0x10f8  usbhub - ok
14:48:31.0922 0x10f8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:48:31.0938 0x10f8  usbohci - ok
14:48:31.0953 0x10f8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:48:31.0969 0x10f8  usbprint - ok
14:48:32.0000 0x10f8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:48:32.0016 0x10f8  usbscan - ok
14:48:32.0031 0x10f8  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\drivers\usbser.sys
14:48:32.0047 0x10f8  usbser - ok
14:48:32.0078 0x10f8  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:48:32.0094 0x10f8  USBSTOR - ok
14:48:32.0125 0x10f8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:48:32.0140 0x10f8  usbuhci - ok
14:48:32.0172 0x10f8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:48:32.0187 0x10f8  usbvideo - ok
14:48:32.0218 0x10f8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:48:32.0234 0x10f8  usb_rndisx - ok
14:48:32.0265 0x10f8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:48:32.0312 0x10f8  UxSms - ok
14:48:32.0328 0x10f8  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc        C:\Windows\system32\lsass.exe
14:48:32.0343 0x10f8  VaultSvc - ok
14:48:32.0359 0x10f8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:48:32.0359 0x10f8  vdrvroot - ok
14:48:32.0406 0x10f8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:48:32.0468 0x10f8  vds - ok
14:48:32.0484 0x10f8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:48:32.0499 0x10f8  vga - ok
14:48:32.0530 0x10f8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:48:32.0562 0x10f8  VgaSave - ok
14:48:32.0608 0x10f8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:48:32.0624 0x10f8  vhdmp - ok
14:48:32.0640 0x10f8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:48:32.0655 0x10f8  viaide - ok
14:48:32.0671 0x10f8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:48:32.0686 0x10f8  volmgr - ok
14:48:32.0718 0x10f8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:48:32.0764 0x10f8  volmgrx - ok
14:48:32.0796 0x10f8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:48:32.0827 0x10f8  volsnap - ok
14:48:32.0842 0x10f8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:48:32.0858 0x10f8  vsmraid - ok
14:48:32.0936 0x10f8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:48:33.0030 0x10f8  VSS - ok
14:48:33.0045 0x10f8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:48:33.0061 0x10f8  vwifibus - ok
14:48:33.0061 0x10f8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:48:33.0092 0x10f8  vwififlt - ok
14:48:33.0108 0x10f8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:48:33.0123 0x10f8  vwifimp - ok
14:48:33.0154 0x10f8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:48:33.0217 0x10f8  W32Time - ok
14:48:33.0248 0x10f8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:48:33.0248 0x10f8  WacomPen - ok
14:48:33.0279 0x10f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:48:33.0326 0x10f8  WANARP - ok
14:48:33.0326 0x10f8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:48:33.0373 0x10f8  Wanarpv6 - ok
14:48:33.0435 0x10f8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:48:33.0513 0x10f8  WatAdminSvc - ok
14:48:33.0576 0x10f8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:48:33.0654 0x10f8  wbengine - ok
14:48:33.0685 0x10f8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:48:33.0716 0x10f8  WbioSrvc - ok
14:48:33.0747 0x10f8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:48:33.0778 0x10f8  wcncsvc - ok
14:48:33.0794 0x10f8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:48:33.0810 0x10f8  WcsPlugInService - ok
14:48:33.0825 0x10f8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:48:33.0841 0x10f8  Wd - ok
14:48:33.0888 0x10f8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:48:33.0934 0x10f8  Wdf01000 - ok
14:48:33.0966 0x10f8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:48:33.0981 0x10f8  WdiServiceHost - ok
14:48:33.0997 0x10f8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:48:34.0012 0x10f8  WdiSystemHost - ok
14:48:34.0059 0x10f8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
14:48:34.0106 0x10f8  WebClient - ok
14:48:34.0122 0x10f8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:48:34.0184 0x10f8  Wecsvc - ok
14:48:34.0200 0x10f8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:48:34.0246 0x10f8  wercplsupport - ok
14:48:34.0262 0x10f8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:48:34.0309 0x10f8  WerSvc - ok
14:48:34.0340 0x10f8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:48:34.0371 0x10f8  WfpLwf - ok
14:48:34.0387 0x10f8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:48:34.0402 0x10f8  WIMMount - ok
14:48:34.0418 0x10f8  WinDefend - ok
14:48:34.0434 0x10f8  WinHttpAutoProxySvc - ok
14:48:34.0496 0x10f8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:48:34.0543 0x10f8  Winmgmt - ok
14:48:34.0636 0x10f8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
14:48:34.0808 0x10f8  WinRM - ok
14:48:34.0855 0x10f8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
14:48:34.0902 0x10f8  WinUsb - ok
14:48:34.0933 0x10f8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:48:34.0995 0x10f8  Wlansvc - ok
14:48:35.0026 0x10f8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:48:35.0042 0x10f8  WmiAcpi - ok
14:48:35.0058 0x10f8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:48:35.0089 0x10f8  wmiApSrv - ok
14:48:35.0089 0x10f8  WMPNetworkSvc - ok
14:48:35.0120 0x10f8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:48:35.0136 0x10f8  WPCSvc - ok
14:48:35.0167 0x10f8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:48:35.0182 0x10f8  WPDBusEnum - ok
14:48:35.0198 0x10f8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:48:35.0245 0x10f8  ws2ifsl - ok
14:48:35.0276 0x10f8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:48:35.0292 0x10f8  wscsvc - ok
14:48:35.0323 0x10f8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:48:35.0338 0x10f8  WSDPrintDevice - ok
14:48:35.0338 0x10f8  WSearch - ok
14:48:35.0463 0x10f8  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:48:35.0572 0x10f8  wuauserv - ok
14:48:35.0588 0x10f8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:48:35.0619 0x10f8  WudfPf - ok
14:48:35.0650 0x10f8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:48:35.0682 0x10f8  WUDFRd - ok
14:48:35.0697 0x10f8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:48:35.0728 0x10f8  wudfsvc - ok
14:48:35.0760 0x10f8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:48:35.0791 0x10f8  WwanSvc - ok
14:48:35.0838 0x10f8  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
14:48:35.0869 0x10f8  yukonw7 - ok
14:48:35.0931 0x10f8  ================ Scan global ===============================
14:48:35.0978 0x10f8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:48:36.0025 0x10f8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:48:36.0072 0x10f8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:48:36.0118 0x10f8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:48:36.0165 0x10f8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:48:36.0181 0x10f8  [ Global ] - ok
14:48:36.0181 0x10f8  ================ Scan MBR ==================================
14:48:36.0196 0x10f8  [ F3762FDAE6B2B75AA424708C4FED6C35 ] \Device\Harddisk0\DR0
14:48:36.0633 0x10f8  \Device\Harddisk0\DR0 - ok
14:48:37.0023 0x10f8  [ 75D861A48D52D779EBF21D7E273F97F9 ] \Device\Harddisk1\DR2
14:48:37.0242 0x10f8  \Device\Harddisk1\DR2 - ok
14:48:37.0242 0x10f8  ================ Scan VBR ==================================
14:48:37.0257 0x10f8  [ 8B3A32359983AA58805F39BDB29ADE76 ] \Device\Harddisk0\DR0\Partition1
14:48:37.0257 0x10f8  \Device\Harddisk0\DR0\Partition1 - ok
14:48:37.0257 0x10f8  [ 3E67E22F4A223FD548ACCF2B4B7A7491 ] \Device\Harddisk0\DR0\Partition2
14:48:37.0257 0x10f8  \Device\Harddisk0\DR0\Partition2 - ok
14:48:37.0273 0x10f8  [ 338608BF66038F59D29D7749C20C8C88 ] \Device\Harddisk0\DR0\Partition3
14:48:37.0273 0x10f8  \Device\Harddisk0\DR0\Partition3 - ok
14:48:37.0288 0x10f8  [ 8DDA9ACA91E730198BAC845A2D5CD3D6 ] \Device\Harddisk0\DR0\Partition4
14:48:37.0288 0x10f8  \Device\Harddisk0\DR0\Partition4 - ok
14:48:37.0288 0x10f8  [ AF23DDFB415139E54B886C6981FE958D ] \Device\Harddisk1\DR2\Partition1
14:48:37.0288 0x10f8  \Device\Harddisk1\DR2\Partition1 - ok
14:48:37.0288 0x10f8  ================ Scan generic autorun ======================
14:48:37.0320 0x10f8  SynTPEnh - ok
14:48:37.0382 0x10f8  [ 0262F66606ECB969B4CAD491BD3F6F88, 0036D02639AF96015A3C33BF8BB622DB1E6FC2C5ED52D721D6EE0774C97FC14F ] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
14:48:37.0429 0x10f8  RtkOSD - detected UnsignedFile.Multi.Generic ( 1 )
14:48:47.0444 0x10f8  RtkOSD ( UnsignedFile.Multi.Generic ) - warning
14:48:51.0032 0x10f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:48:51.0126 0x10f8  Sidebar - ok
14:48:51.0141 0x10f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:48:51.0172 0x10f8  mctadmin - ok
14:48:51.0219 0x10f8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:48:51.0266 0x10f8  Sidebar - ok
14:48:51.0282 0x10f8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:48:51.0297 0x10f8  mctadmin - ok
14:48:51.0406 0x10f8  [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
14:48:51.0500 0x10f8  RfxSrvTray - ok
14:48:51.0656 0x10f8  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
14:48:51.0781 0x10f8  LightScribe Control Panel - ok
14:48:51.0828 0x10f8  [ D81E34DB95C0A83859704FB5C0319EF4, DAD022965C56F82568D8ACDC57A4CD0CE5BE05694E85105BF5965166CCBF3BD6 ] C:\Program Files (x86)\Internetradio Player\ps_agent.exe
14:48:51.0828 0x10f8  1und1Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:48:54.0901 0x10f8  Detect skipped due to KSN trusted
14:48:54.0901 0x10f8  1und1Agent - ok
14:48:54.0901 0x10f8  Waiting for KSN requests completion. In queue: 6
14:48:55.0915 0x10f8  Waiting for KSN requests completion. In queue: 6
14:48:56.0929 0x10f8  Waiting for KSN requests completion. In queue: 6
14:48:57.0974 0x10f8  Win FW state via NFP2: enabled ( trusted )
14:49:00.0439 0x10f8  ============================================================
14:49:00.0439 0x10f8  Scan finished
14:49:00.0439 0x10f8  ============================================================
14:49:00.0439 0x17b0  Detected object count: 2
14:49:00.0439 0x17b0  Actual detected object count: 2
14:50:04.0165 0x17b0  ose ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:04.0165 0x17b0  ose ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:04.0165 0x17b0  RtkOSD ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:04.0165 0x17b0  RtkOSD ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Besagte verseuchte FP ist auf Laufwerk G angeschlossen.

VG,
Andrea


Alt 17.05.2016, 09:11   #6
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Servus,


haben AdwCleaner und/oder MBAM etwas gefunden?



Du könntest mit MBAM auch deine externe Festplatte überprüfen lassen, schon getan?

Alt 17.05.2016, 20:17   #7
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Moin,

ja, aber nicht komplett.
Den ersten Scann mit MBAM hatte ich am Sonntag nach ca. 2 Std abgebrochen, da ich davon ausging, dass dies nicht richtig sein kann - die alte FP hat schließlich nur 10 GB.

Ich lasse die FP aber jetzt nochmals prüfen. Nach wieviel Stunden sollte / kann die Prüfung ggf. abgebrochen werden?

Alt 17.05.2016, 20:41   #8
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Servus,



ich würde MBAM schon komplett durchlaufen lassen, dazu ebenso ESET:



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Alt 20.05.2016, 23:04   #9
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Alt 22.05.2016, 16:08   #10
ratte98
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Hallo Matthias,

entschuldige bitte die späte Reaktion auf Deinen post.

MBAM habe ich komplett durchlaufen lassen. Ergebnis negativ.
(Allerdings hatte ich am 15.05. schon mal MBAM installiert und besagte Festplatte prüfen lassen. Dabei wurden - soweit ich mich erinnere - auch Dateien in Quarantäne verschoben und gelöscht. Allerdings hatte ich anschließend MBAM wieder deinstalliert, so dass ich diese Protokolldatei nicht mehr habe.)
Aktuell - wie gesagt - ohne Fund:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.05.2016
Suchlaufzeit: 19:46
Protokolldatei: Protokoll AMWB vom 17.05.2016.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.17.05
Rootkit-Datenbank: v2016.05.06.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ***

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 162654
Abgelaufene Zeit: 1 Std., 56 Min., 1 Sek.

Speicher: Deaktiviert
Start: Deaktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ESET protokolliert ebenfalls keinen Fund:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# end=init
# utc_time=2016-05-21 02:00:23
# local_time=2016-05-21 04:00:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29545
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# end=updated
# utc_time=2016-05-21 02:03:46
# local_time=2016-05-21 04:03:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# engine=29545
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-05-21 03:17:23
# local_time=2016-05-21 05:17:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 336495 215473693 0 0
# scanned=162655
# found=0
# cleaned=0
# scan_time=4416
         
Bei der erneuten Prüfung mit Bitdefender wird mir zwar auch kein Fund mehr gemeldet, allerdings konnten 14 passwortgeschützte Archive nicht geöffnet werden. Auch werden im Verlauf der Suche immer wieder "outlook.pst.vir"-Dateien angezeigt. Mir scheint das Problem ist noch nicht ausgestanden, wenn ich die Dateien wirklich auf meinen neuen Rechner überspielen möchte.

Oder wie siehst Du das?

VG, Andrea

Alt 23.05.2016, 10:04   #11
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Servus,


meiner Meinung nach hast du halt in deinem E-Mail Postfach von Outlook ein paar infizierte Anhänge. Durch das bloße Überspielen werden diese aber nicht gestartet.

Ich würde meine Daten auf den neuen Rechner übertragen, aber zuvor alle E-Mails checken und unbekannte E-Mails bzw. E-Mail Anhänge löschen.

Wenn keine infizierten E-Mail-Anhänge mehr in Outlook vorhanden sind, wird auch Bitdefender nicht mehr anschlagen.

Das wars dann eigentlich auch schon.

Alt 26.05.2016, 21:21   #12
M-K-D-B
/// TB-Ausbilder
 
Win ME - AV-Programm meldet Trojaner auf externer FP - Standard

Win ME - AV-Programm meldet Trojaner auf externer FP



Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu Win ME - AV-Programm meldet Trojaner auf externer FP
anderen, anderes, anleitung, avira, befall, bitdefender, daten, defender, frage, geschlossen, installiert, kopieren, meldet, netzteil, nicht mehr, notebook, recht, recovery, scan, tool, trojaner, trotz, verfügbar, virenscan, win



Ähnliche Themen: Win ME - AV-Programm meldet Trojaner auf externer FP


  1. Kaspersky meldet: Legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen
    Plagegeister aller Art und deren Bekämpfung - 06.07.2015 (16)
  2. Malwarebytes findet mehrere PUP.'s + Winpatrol meldet ständig ein namenloses Programm, das sich ausführen will
    Log-Analyse und Auswertung - 31.12.2014 (13)
  3. Windows 7: Avira Antivirus meldet Virus oder unerwünschtes Programm 'EXP/SWF.ExKit.aer.1' gefunden
    Log-Analyse und Auswertung - 26.08.2014 (5)
  4. Win32:Evo-gen (Susp) wenn ich ein bestimmtes Programm öffne meldet sich Avast
    Log-Analyse und Auswertung - 24.07.2014 (7)
  5. Verdacht: Trojaner auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 09.04.2014 (17)
  6. Avast Free Antivirus 2014 meldet Win32:Evo-gen [Susp] Programm GeForce Experience
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (14)
  7. Avira meldet Virus oder unerwünschtes Programm 'APPL/BProtector.A' [program]
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (9)
  8. Trojaner Sirefef.Ag.9/Pidief.hck auf 2 PCs + externer Festplatte
    Log-Analyse und Auswertung - 26.02.2013 (3)
  9. Verschlüsselungs-Trojaner auf Win 7 mit verschwundenen Daten auf externer Platte
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (7)
  10. Trojaner versteckt Dateien auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 21.05.2012 (1)
  11. Programm meldet HDD FEHLER
    Plagegeister aller Art und deren Bekämpfung - 04.03.2012 (28)
  12. 20TAN-Trojaner auf externer Platte
    Plagegeister aller Art und deren Bekämpfung - 14.12.2010 (9)
  13. Trojaner nach Formatierung immer noch vorhanden- Trojaner auf externer HD?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2009 (11)
  14. Trojaner (trojan.downloader) auf externer Festplatte.
    Log-Analyse und Auswertung - 18.05.2009 (0)
  15. Trojaner auf externer Festplatte
    Mülltonne - 03.07.2008 (0)
  16. Nach Trojaner-Befall Problem mit externer HDD
    Plagegeister aller Art und deren Bekämpfung - 25.07.2006 (6)

Zum Thema Win ME - AV-Programm meldet Trojaner auf externer FP - Hallo TB-Community, da ich ein Notebook entsorgen wollte, dessen Netzteil schon Ewigkeiten nicht mehr verfügbar war, habe ich die FP ausgebaut und diese nun an ein anderes Gerät angeschlossen, um - Win ME - AV-Programm meldet Trojaner auf externer FP...
Archiv
Du betrachtest: Win ME - AV-Programm meldet Trojaner auf externer FP auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.