Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.06.2016, 12:35   #1
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Frage

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Hallo,
vorgestern warnte mich facebook, dass eine facebook-Veranstaltung, die ich teilen wollte, Malware enthielte. Da mehrere meiner Bekannten bereits daran teilnehmen/ sie geteilt haben, dachte ich, dass es eine fehlerhafte Meldung ist und habe es noch einmal probiert. Es erschien dieselbe Meldung und im Anschluss wurde ich von facebook ausgeloggt, allerdings ziemlich instabil, da mir erst gesagt wurde, ich sei ausgeloggt, ich dann nocheinmal auf eine Nachricht zugreifen konnte und dann endgültig ausgeloggt wurde. Jedes Mal, wenn ich jetzt versuche, mich von dem PC aus wieder einzuloggen, erscheint dieser Text:

"Dein Computer muss gereinigt werden Offenbar ist dein Computer von Malware beeinträchtigt. Wir unterstützen dich bei dabei, das Problem zu beheben, um dein Konto zu schützen und zu verhindern, dass sich das Malware-Problem auch auf die Konten deiner Freunde überträgt. Bei Malware handelt es sich um eine Schadsoftware, die versucht, deine persönlichen Informationen zu stehlen und Probleme bei der Nutzung von Facebook zu verursachen. Durch das Klicken auf bzw. das Teilen von Links, die Spam enthalten, kann dein Computer mit Malware infiziert werden."

Die Seite verlangt von mir, dass ich den ab jetzt von facebook zur Verfügung gestellten Anti-Malware/Virus-Scanner herunterlade, um meinen PC zu überprüfen. Alternativ kann ich mich nur Abmelden, ein Zugriff auf den Account ist nicht möglich.

Mit einem kurzfristig erstellten Neuaccount konnte ich mich ohne Probleme auf dem PC einloggen. Der Zugang zum alten facebook-Account ist mir von meinem Handy aus möglich, ich konnte jedoch manchmal keine Beiträge teilen. Dann erschien ebenfalls eine Nachricht, dass mein PC möglicherweise infiziert sei und ich mich dort einloggen und den Anleitungsschritten folgen solle. In derselben Meldung wurde mir jedoch auch die Möglichkeit angeboten, mich zu beschweren, dass die Sperrung ungerechtfertigt sei, die ich genutzt habe. Eine Antwort kam bisher nicht. Den genauen Wortlaut der Fehlermeldung beim Beitrag teilen kann ich leider nicht mehr angeben, da es jetzt (vom Handy aus) bei allen Beiträgen funktioniert (letzte Fehlermeldung war vor ca. 20h). Am PC besteht das Einloggproblem weiterhin.

Was kann ich jetzt tun? Den Virenscanner würde ich mir über facebook ungern aufzwingen lassen, selbst, wenn die Anzeige echt ist.

Liebe Grüße & vielen Dank!
Mira

Hier sind die mit FRST erstellten Logfiles:
(Edit: Addition als Anhang, da der Beitrag ansonsten zu groß war)

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
durchgeführt von Mira (Administrator) auf JAMIE (11-06-2016 02:03:22)
Gestartet von C:\Users\Mira\Downloads
Geladene Profile: UpdatusUser & Mira (Verfügbare Profile: UpdatusUser & Mira & Mia & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\conathst.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [22912 2012-10-01] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-17] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [562544 2016-05-10] ()
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-10-05] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [839648 2016-03-10] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377936 2016-05-10] ()
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-03-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-03-24] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-04-18] (Glarysoft Ltd)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {7843c043-e6a7-11e4-8059-6c71d929bdb6} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {b41c3cc8-2ed9-11e6-825a-806e6f6e6963} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {e64af5b0-3905-11e5-80c4-6c71d929bdb6} - "F:\WD Drive Unlock.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164696 2016-04-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} =>  Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} =>  Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2016-06-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Tcpip\..\Interfaces\{2C655153-8DA1-473A-912B-E3091839733C}: [NameServer] 139.30.8.7,139.30.8.8
Tcpip\..\Interfaces\{96684D29-698D-40F5-B943-F3B269F660E4}: [DhcpNameServer] 139.30.8.7 139.30.8.8
Tcpip\..\Interfaces\{AD674BBB-4BDC-4BF8-AAC6-C8116D423017}: [DhcpNameServer] 139.30.8.7 139.30.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
IE Session Restore: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> ist aktiviert.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default
FF DefaultSearchEngine: Ecosia
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2226888768-1864803197-2813516363-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\benefind.xml [2014-03-22]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-images.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-maps.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\norton-safe-search.xml [2015-11-07]
FF Extension: NoScript - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Avira Browser Safety - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\abs@avira.com [2016-05-14]
FF Extension: Ghostery - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\firefox@ghostery.com.xpi [2016-05-04]
FF Extension: YouTube mp3 - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: Video DownloadHelper - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-23]
FF Extension: Adblock Plus - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon [2016-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-05-10] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-06-09] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [37760 2012-10-01] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe [289080 2016-02-26] (Symantec Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [Datei ist nicht signiert]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160601.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-11] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-06-09] (Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-05-30] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160609.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-06-09] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-06-09] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-06-09] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-06-09] (Acronis International GmbH)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-07-21] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-11 02:03 - 2016-06-11 02:03 - 00034166 _____ C:\Users\Mira\Downloads\FRST.txt
2016-06-11 02:02 - 2016-06-11 02:03 - 00000000 ____D C:\FRST
2016-06-11 02:00 - 2016-06-11 02:00 - 02385408 _____ (Farbar) C:\Users\Mira\Downloads\FRST64.exe
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\system32\NV
2016-06-11 01:37 - 2016-06-11 01:37 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-11 01:32 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-11 01:32 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-11 01:31 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-11 01:31 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-11 01:31 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-11 01:31 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-11 01:31 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-11 01:31 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-11 01:31 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-11 01:31 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-11 01:31 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-06-11 01:31 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-11 01:31 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-06-11 01:31 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-11 01:31 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-11 01:31 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-06-11 01:31 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-11 01:31 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-11 01:31 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-11 01:31 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-06-11 01:31 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-06-11 01:31 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-11 01:31 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-06-11 01:31 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-11 01:31 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-11 01:31 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-11 01:31 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-11 01:31 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-11 01:31 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-11 01:31 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-11 01:31 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-11 01:31 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-11 01:31 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-11 01:31 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-10 12:19 - 2016-06-10 12:26 - 00000000 ____D C:\Users\Mira\Desktop\Hörbücher
2016-06-10 11:26 - 2016-06-10 11:27 - 00000000 ____D C:\Users\Mira\Documents\Sprachen
2016-06-10 10:46 - 2016-06-10 10:57 - 00000000 ____D C:\Users\Mira\Documents\Tests
2016-06-10 10:45 - 2016-06-10 10:45 - 00000000 ____D C:\Users\Mira\Documents\Von Papa Psychologie etc
2016-06-10 10:43 - 2016-06-10 11:51 - 00000000 ____D C:\Users\Mira\Desktop\Wichtige Dokumente
2016-06-09 23:27 - 2016-06-09 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00002171 _____ C:\Users\Public\Desktop\WD Backup.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001190 _____ C:\Users\Public\Desktop\WD Security.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001135 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-06-09 23:25 - 2016-06-09 23:25 - 00000000 ____D C:\Users\Mira\AppData\Local\Western Digital
2016-06-09 23:15 - 2016-06-09 23:15 - 01267552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00601432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00339800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00279392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00193376 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-06-09 23:14 - 2016-06-09 23:14 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-06-09 23:14 - 2016-06-09 23:14 - 00001219 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-06-09 23:13 - 2016-06-10 01:19 - 00000000 ____D C:\ProgramData\Acronis
2016-06-09 22:58 - 2016-06-09 22:58 - 00001164 _____ C:\Users\Public\Desktop\Acronis Drive Monitor.lnk
2016-06-09 22:55 - 2016-06-09 22:55 - 18992072 _____ C:\Users\Mira\Downloads\ADM_de-DE.exe
2016-06-09 22:54 - 2016-06-09 22:54 - 00001251 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-06-09 22:48 - 2016-06-09 23:04 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Acronis
2016-06-09 22:47 - 2016-06-09 23:15 - 00340312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-06-09 22:47 - 2016-06-09 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-06-09 22:47 - 2016-06-09 22:47 - 00163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-06-09 22:46 - 2016-06-09 22:58 - 00000000 ____D C:\Program Files (x86)\Acronis
2016-06-09 16:38 - 2016-06-09 16:38 - 01473544 _____ C:\Users\Mira\Downloads\AntiVir Avira Free Antivirus - CHIP-Installer.exe
2016-06-09 16:35 - 2016-06-09 16:35 - 00001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-09 16:33 - 2016-06-09 16:33 - 00242344 _____ C:\Users\Mira\Downloads\Firefox Setup Stub 47.0.exe
2016-06-08 09:37 - 2016-06-08 09:37 - 32127420 _____ C:\Users\Mira\Downloads\KFT(2).pdf
2016-06-07 12:02 - 2016-06-07 12:02 - 00422043 _____ C:\Users\Mira\Downloads\7. Kapitel_ Sonderpadagogische Begutachtung(1).pdf
2016-06-07 11:55 - 2016-06-07 11:55 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi(1).pdf
2016-06-07 11:53 - 2016-06-07 11:53 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14(1).pdf
2016-06-05 16:13 - 2016-06-05 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-01 19:55 - 2016-06-01 19:55 - 00044579 _____ C:\Users\Mira\Downloads\Forschungs-_und_Prüfungskolloquium_SoSe_2016.pdf
2016-05-31 18:13 - 2016-05-31 18:13 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016(1).xlsx
2016-05-30 22:44 - 2016-05-30 22:44 - 01512457 _____ C:\Users\Mira\Downloads\Drucker Rechnung.pdf
2016-05-30 22:08 - 2016-05-30 22:08 - 00922685 _____ C:\Users\Mira\Downloads\Drucker Rechnung Mira_1.pdf
2016-05-28 23:39 - 2016-05-28 23:40 - 00010233 _____ C:\Users\Mira\Documents\Sev.odt
2016-05-28 23:38 - 2016-05-28 23:38 - 02041978 _____ C:\Users\Mira\Downloads\Für_alle__drei_Sitzungen_Kapital_49-99.pdf
2016-05-28 19:15 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-28 19:13 - 2016-06-05 16:11 - 00000000 ____D C:\Users\Mira\AppData\Roaming\HpUpdate
2016-05-28 19:13 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00002222 _____ C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\Program Files\HP
2016-05-28 19:13 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM7112.dll
2016-05-28 19:10 - 2016-05-28 19:10 - 00000057 _____ C:\ProgramData\Ament.ini
2016-05-25 20:39 - 2016-05-25 21:24 - 00020878 _____ C:\Users\Mira\Downloads\Kieler Leseaufbau_Morawiak.odp
2016-05-24 20:05 - 2016-05-24 20:05 - 00016085 _____ C:\Users\Mira\Downloads\Anleitung zur Erstellung des Portfolios (Modulprufung).pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00126402 _____ C:\Users\Mira\Downloads\Text zur Testtheorie.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00124223 _____ C:\Users\Mira\Downloads\Einverstandniserklarung fur Eltern.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00013188 _____ C:\Users\Mira\Downloads\Ablaufschema zur Gutachtenerstellung.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00005576 _____ C:\Users\Mira\Downloads\Bewertung der Portfolios.pdf
2016-05-23 22:36 - 2016-05-28 19:15 - 00000000 ____D C:\Users\Mira\AppData\Local\HP
2016-05-20 12:13 - 2016-05-20 12:13 - 38222710 _____ C:\Users\Mira\Downloads\download.zip
2016-05-20 12:02 - 2016-05-20 12:02 - 133294414 _____ C:\Users\Mira\Downloads\bundjugendnrw_skill-sharing-camp-mastamo-2016_72157668514772735.zip
2016-05-19 18:26 - 2016-05-19 18:26 - 00154621 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau-Handout.pdf
2016-05-18 21:50 - 2016-05-18 21:50 - 02348032 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau_+_Rechtschreibaufbau.ppt
2016-05-18 10:11 - 2016-05-18 10:11 - 01621996 _____ C:\Users\Mira\Downloads\PPP_Lese-_Rechtschreibförderung.pdf
2016-05-16 14:26 - 2016-05-16 14:26 - 00028003 _____ C:\Users\Mira\Documents\Thematisierung von Drogen mit Kindern und Jugendlichen.odt
2016-05-16 12:32 - 2016-05-16 12:32 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1005
2016-05-16 12:26 - 2016-05-16 12:26 - 00000429 _____ C:\Users\Mia\AppData\Roaming\sp_data.sys
2016-05-16 12:25 - 2016-05-16 12:31 - 00000000 ____D C:\Users\Mia\AppData\Local\Packages
2016-05-16 12:25 - 2016-05-16 12:25 - 00001456 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-16 12:25 - 2016-05-16 12:25 - 00000020 ___SH C:\Users\Mia\ntuser.ini
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Vorlagen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Startmenü
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Netzwerkumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Lokale Einstellungen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Eigene Dateien
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Druckumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Videos
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Musik
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Bilder
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Verlauf
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Roaming\Adobe
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\VirtualStore
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\NVIDIA
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\ASUS
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia
2016-05-16 12:25 - 2014-09-11 11:41 - 00000000 ____D C:\Users\Mia\AppData\Local\Microsoft Help
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-05-15 22:09 - 2016-05-15 22:09 - 03679943 _____ C:\Users\Mira\Downloads\Falter_Campaufruf-2016.druck(1).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00060974 _____ C:\Users\Mira\Downloads\Kontostand Sonderpädagogik (31.12.2015).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00052254 _____ C:\Users\Mira\Downloads\Sonderpädagogik.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00623769 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S27_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00456900 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S26_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00149302 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_SIII_Kontext.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00145248 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S25_Sachkunde.pdf
2016-05-15 20:52 - 2016-05-15 20:52 - 20723386 _____ C:\Users\Mira\Downloads\taz_2016_04_30.pdf
2016-05-15 20:37 - 2016-05-15 20:37 - 24846636 _____ C:\Users\Mira\Downloads\taz_2016_05_07.pdf
2016-05-15 19:31 - 2016-05-15 19:31 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016.xlsx
2016-05-14 20:09 - 2016-05-14 20:09 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-11 01:54 - 2014-03-23 21:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1002
2016-06-11 01:49 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Skype
2016-06-11 01:49 - 2014-03-18 12:03 - 00338278 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-11 01:49 - 2014-03-18 11:25 - 12310652 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-11 01:49 - 2014-03-18 11:25 - 04099916 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-11 01:49 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-11 01:48 - 2014-03-20 23:54 - 00000408 _____ C:\Users\Mira\AppData\Roaming\sp_data.sys
2016-06-11 01:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-11 01:42 - 2013-01-23 19:42 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-11 01:40 - 2015-04-16 13:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-11 01:40 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Local\Skype
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\ProgramData\Skype
2016-06-11 01:36 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-11 01:33 - 2013-01-23 19:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-11 01:26 - 2014-09-11 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-11 01:09 - 2014-09-21 22:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-11 01:07 - 2014-03-22 20:32 - 00000000 ____D C:\Users\Mira\AppData\Roaming\vlc
2016-06-10 23:54 - 2014-08-13 11:56 - 00000000 ____D C:\Users\Mira
2016-06-10 23:44 - 2014-07-12 18:16 - 00000000 ____D C:\Users\Mira\AppData\Local\ElevatedDiagnostics
2016-06-10 23:42 - 2014-03-22 18:16 - 00000000 ____D C:\Users\Mira\AppData\Roaming\GlarySoft
2016-06-10 23:38 - 2016-01-08 21:50 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2016-06-10 23:38 - 2014-08-28 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-10 23:24 - 2014-05-29 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-06-10 23:23 - 2016-02-17 01:00 - 00000000 ____D C:\Users\Mira\AppData\Roaming\TS3Client
2016-06-10 11:47 - 2013-11-27 21:27 - 00000000 ____D C:\Users\Mira\Documents\Friri
2016-06-10 11:44 - 2015-11-07 20:14 - 00000000 ____D C:\Users\Mira\Documents\Unterrichtsmaterial
2016-06-10 11:27 - 2014-03-20 23:57 - 00000000 __RSD C:\Users\Mira\Desktop\ASUS
2016-06-10 11:27 - 2014-01-09 20:51 - 00000000 ____D C:\Users\Mira\Documents\ASUS
2016-06-10 11:01 - 2013-11-09 12:25 - 00000000 ____D C:\Users\Mira\Documents\Unfall
2016-06-10 09:05 - 2014-05-07 11:52 - 00000000 ____D C:\Program Files\WinRAR
2016-06-10 00:00 - 2015-12-30 16:51 - 00000000 ____D C:\Users\Mira\AppData\Local\Ubisoft Game Launcher
2016-06-10 00:00 - 2013-01-23 19:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-09 23:58 - 2015-04-05 22:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-09 23:55 - 2014-04-08 17:19 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DVDVideoSoft
2016-06-09 23:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-06-09 23:27 - 2014-09-13 14:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-09 16:35 - 2016-05-04 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 16:35 - 2014-03-21 11:30 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-09 15:51 - 2014-03-22 18:15 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DiskDefrag
2016-06-08 14:49 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2016-06-07 19:13 - 2014-03-22 14:24 - 00000000 ____D C:\Users\Mira\AppData\Local\CrashDumps
2016-06-07 17:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-06 22:27 - 2015-09-02 02:59 - 00000000 ____D C:\Users\Mira\Documents\Sonderfall
2016-06-05 16:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-05 16:13 - 2015-10-14 09:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-05 16:07 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-31 18:02 - 2013-04-02 20:32 - 00000000 ____D C:\Users\Mira\AppData\Local\Packages
2016-05-30 21:17 - 2013-01-23 19:42 - 00000000 ____D C:\temp
2016-05-28 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-16 13:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-14 21:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 20:09 - 2014-09-21 22:05 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-12 21:19 - 2016-02-17 01:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-12 21:04 - 2013-08-22 16:44 - 00539912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-12 00:20 - 2014-03-23 15:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 00:13 - 2014-03-23 15:33 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files\changelog.txt
2015-10-22 13:22 - 2015-10-22 13:22 - 0375544 _____ () C:\Program Files\createfileassoc.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files\msvcr120.dll
2015-08-27 10:07 - 2015-08-27 10:07 - 1704176 _____ (Overwolf) C:\Program Files\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files\ssleay32.dll
2015-10-22 13:21 - 2015-10-22 13:21 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files\ts3client_win64.exe
2016-02-17 01:00 - 2016-02-17 01:00 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files\Uninstall.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files\usb.ids
2014-03-20 23:54 - 2016-06-11 01:48 - 0000408 _____ () C:\Users\Mira\AppData\Roaming\sp_data.sys
2014-06-30 12:39 - 2015-11-26 22:56 - 0005120 _____ () C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 01:40 - 2015-12-07 01:41 - 0000000 _____ () C:\Users\Mira\AppData\Local\{25C194DB-0F40-47C9-8C89-1DBFE8ABDA98}
2015-11-16 16:51 - 2015-11-16 16:52 - 0000000 _____ () C:\Users\Mira\AppData\Local\{90A87F66-C76B-4B0F-A8C8-AAAA4D94149D}
2016-05-28 19:10 - 2016-05-28 19:10 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-10 21:13

==================== Ende von FRST.txt ============================
         

Alt 11.06.2016, 14:18   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-06-2016
durchgeführt von Mira (2016-06-11 02:04:07)
Gestartet von C:\Users\Mira\Downloads
Windows 8.1 (Update) (X64) (2014-08-13 15:25:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2226888768-1864803197-2813516363-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2226888768-1864803197-2813516363-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2226888768-1864803197-2813516363-1004 - Limited - Enabled)
Mia (S-1-5-21-2226888768-1864803197-2813516363-1005 - Limited - Enabled) => C:\Users\Mia
Mira (S-1-5-21-2226888768-1864803197-2813516363-1002 - Administrator - Enabled) => C:\Users\Mira
UpdatusUser (S-1-5-21-2226888768-1864803197-2813516363-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image (HKLM-x32\...\{43B5FB0A-9900-43B0-BD46-9E7F89C88A98}Visible) (Version: 19.0.6571 - Acronis)
Acronis True Image (x32 Version: 19.0.6571 - Acronis) Hidden
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3270 - Acronis)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Product Demo Movie  (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0006 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.22 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.00096 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.00096 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Glary Utilities 5.49 (HKLM-x32\...\Glary Utilities 5) (Version: 5.49.0.69 - Glarysoft Ltd)
Goldfinger Junior (HKLM-x32\...\{04FA5E93-3366-4CA0-9EAF-D31772998350}) (Version:  - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{F6EC89A8-5C2B-4C87-B296-A4AAB473DA1A}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 5.1.2.2 (HKLM\...\{7A6851F9-0867-4CB4-9017-35ECA0CBA162}) (Version: 5.1.2.2 - The Document Foundation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MyFreeCodec) (Version:  - ) <==== ACHTUNG
Nero 2015 (HKLM-x32\...\{EF09AC51-1657-4A06-9449-B2BF1C4FB608}) (Version: 16.0.05500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.6.0.142 - Symantec Corporation)
NVIDIA Grafiktreiber 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.)
WD Backup (x32 Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
XSBoxGO 1.0.0.0 (HKLM-x32\...\XSBoxGO 1.0.0.0) (Version: 1.0.0.0 - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00F09D76-D7AB-4491-A52F-D463D028A963} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0D877F8E-4543-4919-86FA-09FA6CA85E96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {1B9CBCCA-6F84-4F4B-8852-7A6208450063} - System32\Tasks\{3EC74F90-59AA-411A-BFA5-69D7D3BDF8C6} => pcalua.exe -a E:\INSTALL.EXE -d E:\
Task: {2BB6F745-19C4-4043-BF53-1434377512CB} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-10-17] (ASUS)
Task: {2E0F9D83-81DC-4C5A-92F3-2960462C79E7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {73639546-571E-482A-80AD-ADA9B6343C98} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-03-01] (DivX, LLC)
Task: {75412052-0C70-44C9-A705-9570F46A0903} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {836C8B27-E377-4FC7-81D2-EDDAFD613707} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {868C2CC6-6EBF-46F1-943E-8D504ADD91F0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-12] (Microsoft Corporation)
Task: {918A5E43-E613-4958-B84C-60F7367BE83B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {9CCBE2F2-A906-4D3B-A321-B4E2328EFDC8} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {A4C55AFE-BFAA-4BAC-A7C0-3490B7CCF5C9} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek)
Task: {A4E04CAC-15FE-42EB-9FDA-9C212E9F41CE} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-04-18] (Glarysoft Ltd)
Task: {B36C1459-0536-41E0-A872-44EF35DD8AD3} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {B452FB3B-3B89-4D90-85D4-43616B9DE2A7} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-11-21] (ASUSTeK Computer Inc.)
Task: {C1B6A9AA-DB6E-4CD6-A06D-774A79AAEE10} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {C3ACEA50-8CF4-46D9-A836-B886D748EDD3} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {CA3D40B2-56F7-48AE-82A6-CD054A306018} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe
Task: {CEBD5170-AFE3-49AD-ADC4-1BDF850A235F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-04-18] (Glarysoft Ltd)
Task: {D187CE65-8908-4CAB-806E-1DA0231F2681} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {E09D1216-960F-47F5-B4A1-5D49C34B7126} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {E229C0F8-C03F-4DD2-B3F9-2F55713AE2FD} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {ECECA832-D799-4FD0-8F98-4AA7BBE0FF0F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {F3D95595-BBD1-4C70-9210-3EB7BF7EBD69} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Premier\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {FECB8465-62A8-4C2F-BC14-3396D9DC247A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2012-12-07] (ASUSTek Computer INC.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Mira\Documents\URO\Sopäd\Einzelfall\SAT Vortrag\Material von Fr Eisfeld\﷬퐄\f4 Diagnoseprogramm.lnk -> C:\Program Files (x86)\f4\f4diag.bat (Keine Datei)
Shortcut: C:\Users\Mira\Documents\URO\Sopäd\Einzelfall\SAT Vortrag\Material von Fr Eisfeld\﷬퐄\f4.lnk -> C:\Program Files (x86)\f4\f4.bat (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-01-23 19:42 - 2016-02-15 09:26 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-10 15:51 - 2016-05-10 15:51 - 01195840 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-06-09 23:15 - 2016-06-09 23:15 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-04-16 12:56 - 2016-04-16 12:56 - 09698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-11-13 13:18 - 2012-11-13 13:18 - 00019296 _____ () C:\Program Files\ASUS\ASUS VivoBook\WMIProcX64.dll
2016-05-10 15:39 - 2016-05-10 15:39 - 00562544 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2016-05-10 16:23 - 2016-05-10 16:23 - 07377936 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2012-10-17 11:51 - 2012-10-17 11:51 - 00168664 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2012-12-13 04:33 - 2012-10-15 06:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-10-05 14:48 - 2015-10-05 14:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-08-11 15:36 - 2015-08-11 15:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll
2016-05-10 15:35 - 2016-05-10 15:35 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-05-10 16:25 - 2016-05-10 16:25 - 04490432 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2015-08-23 15:59 - 2015-08-23 15:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll
2016-05-10 15:36 - 2016-05-10 15:36 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-05-10 15:31 - 2016-05-10 15:31 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2013-01-23 19:45 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 00126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-05-10 15:37 - 2016-05-10 15:37 - 00333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-05-10 16:21 - 2016-05-10 16:21 - 20582752 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-05-10 15:35 - 2016-05-10 15:35 - 00050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 00248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2012-10-17 11:51 - 2012-10-17 11:51 - 00011776 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2226888768-1864803197-2813516363-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 139.30.8.7 - 139.30.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "icq"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F036ED61-6A37-48BD-B914-F2F11CF49D73}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F878FB44-2EA7-4AFB-B9B3-9A289A4A85BB}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8EF7718A-EDA5-4D1B-B408-D728784688FA}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3765E59A-B7AB-4931-9830-52D641DC1B9C}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{FAB2D762-85FB-4224-8F5B-F8D8187FFC97}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{19E9B41E-A663-4341-9D25-4C65088469D5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{25D7A4EF-564E-448A-92F9-2D711A87D413}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{79CE3D2B-DEFD-40AD-9CF3-B4CCBCBA8EF1}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{435F8D47-6DBC-4769-B4CD-3A5ACFBAAEDE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4C62FD40-1101-42A4-A470-88B8B59CA7DD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9C197A82-7AEE-483B-86A9-18D3DC1E7182}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{00B4034E-FA2C-428B-A47E-94A33DA60CD2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C214D11B-4851-4F4F-8B5F-8E3675833018}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B948071A-AB4B-4366-A6DC-F989E4592EBB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{5729D285-26DD-4E57-97E9-C3930563BCD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{380D05AF-4089-47CC-90E1-2FB138A39467}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7F7F45E2-24DE-4618-8A9A-0BF6A9EABD00}] => (Allow) C:\Program Files\KMSpico\Y0ZDQ3INEJA.exe
FirewallRules: [{21BD98AA-B5EB-46BB-A9A1-AE0BE7DA7EB7}] => (Allow) C:\Program Files\KMSpico\Y0ZDQ3INEJA.exe
FirewallRules: [{58CDF033-03FC-4260-8D70-C290E0B1DC6C}] => (Allow) C:\Program Files\KMSpico\NWGDRYUZPI4.exe
FirewallRules: [{F74D718B-B74C-4970-8B15-A2FEE7DF661C}] => (Allow) C:\Program Files\KMSpico\NWGDRYUZPI4.exe
FirewallRules: [{17AAE873-C8D4-424F-8C90-9DB37F16A5F0}] => (Allow) C:\Program Files\KMSpico\4INF4E78LFS.exe
FirewallRules: [{01D5C396-D4F7-40AA-99E4-0A1785E1903B}] => (Allow) C:\Program Files\KMSpico\4INF4E78LFS.exe
FirewallRules: [{01D18E40-28EB-4F00-9096-C41CADAB0A42}] => (Allow) C:\Program Files\KMSpico\I60Q03B017U.exe
FirewallRules: [{1F6B01EB-E470-45D3-BEF2-E7C0171B0548}] => (Allow) C:\Program Files\KMSpico\I60Q03B017U.exe
FirewallRules: [{CE77C962-3B54-41BB-A269-22487D3B5AC6}] => (Allow) C:\Program Files\KMSpico\LVCSA6GSP2Y.exe
FirewallRules: [{95000A97-B668-4685-B36A-FFE4EAADAE86}] => (Allow) C:\Program Files\KMSpico\LVCSA6GSP2Y.exe
FirewallRules: [{0BA65633-70A1-46C8-A301-65A695F1EF6E}] => (Allow) C:\Program Files\KMSpico\NEA5PIGTVS3.exe
FirewallRules: [{4DB829B5-672C-459C-AE95-7145AD68DC0C}] => (Allow) C:\Program Files\KMSpico\NEA5PIGTVS3.exe
FirewallRules: [{7579BE7C-E1C3-42F6-93DB-9AF14F0D8B17}] => (Allow) C:\Program Files\KMSpico\JQOSNVLMO7Z.exe
FirewallRules: [{A49E4E79-B6F6-4923-B3DC-BE8715BA696B}] => (Allow) C:\Program Files\KMSpico\JQOSNVLMO7Z.exe
FirewallRules: [{94AD100B-B65E-47B6-A8DE-2F1C75534D58}] => (Allow) C:\Program Files\KMSpico\2RO3HWT0LHM.exe
FirewallRules: [{3AE36EB4-E6FF-4B3F-BBF8-E0FF0767D1AF}] => (Allow) C:\Program Files\KMSpico\2RO3HWT0LHM.exe
FirewallRules: [{C77AB8D0-D0AE-4920-8A78-E8E19C52AAB3}] => (Allow) C:\Program Files\KMSpico\OV6LWNNTLCV.exe
FirewallRules: [{F233CD62-009C-4A84-81E9-7877AF2A8E21}] => (Allow) C:\Program Files\KMSpico\OV6LWNNTLCV.exe
FirewallRules: [{91BE90E4-08EF-43E3-A11F-5E8974765D16}] => (Allow) C:\Program Files\KMSpico\ZJI0CWNJ3FY.exe
FirewallRules: [{B2BC6320-AA94-4349-94A6-5948B316E091}] => (Allow) C:\Program Files\KMSpico\ZJI0CWNJ3FY.exe
FirewallRules: [{334B110E-D762-453A-816C-C1F5BBCA299D}] => (Allow) C:\Program Files\KMSpico\91B3IJYUQRI.exe
FirewallRules: [{CFDD093E-8C10-4D8C-8B8B-3482612CB9D8}] => (Allow) C:\Program Files\KMSpico\91B3IJYUQRI.exe
FirewallRules: [{50A9C970-DF33-4F87-B3DD-4458C413127B}] => (Allow) C:\Program Files\KMSpico\ISLZM24KP2C.exe
FirewallRules: [{8D563F8C-06D4-41A2-BB9D-1C59E192B3A1}] => (Allow) C:\Program Files\KMSpico\ISLZM24KP2C.exe
FirewallRules: [{7072926B-1F46-46A7-8001-343734994D35}] => (Allow) C:\Program Files\KMSpico\NK4O6Q2H43S.exe
FirewallRules: [{D947DB30-70AA-4016-989F-3C379087F034}] => (Allow) C:\Program Files\KMSpico\NK4O6Q2H43S.exe
FirewallRules: [{099F69D6-3FE6-4ACF-8E37-64064348E557}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C88D9D86-2086-4CB1-AAC8-AC65F64C1A55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D44BF189-3E57-4965-B70E-401636386377}] => (Allow) C:\Program Files\KMSpico\DIOMWL3XND3.exe
FirewallRules: [{48E558B6-4EB5-46B3-8DE4-1CD381466ADE}] => (Allow) C:\Program Files\KMSpico\DIOMWL3XND3.exe
FirewallRules: [{BD1B6902-B1DC-4D34-AE03-AC75BFFA2252}] => (Allow) C:\Program Files\KMSpico\2M3GXAL0YDN.exe
FirewallRules: [{BF28FFED-87F0-4369-8F79-E2B9570BB986}] => (Allow) C:\Program Files\KMSpico\2M3GXAL0YDN.exe
FirewallRules: [{7C8C45B0-BD49-4027-AC5E-76C73322382E}] => (Allow) C:\Program Files\KMSpico\ZRA2NTHKWNO.exe
FirewallRules: [{7795FB88-233A-4CED-AA6E-73B601E5DF67}] => (Allow) C:\Program Files\KMSpico\ZRA2NTHKWNO.exe
FirewallRules: [{56E41164-18D7-4455-8207-36D1D2066C84}] => (Allow) C:\Program Files\KMSpico\84DVBHGKLZS.exe
FirewallRules: [{17A87830-ECE9-4366-96C3-2FDF04CE1514}] => (Allow) C:\Program Files\KMSpico\84DVBHGKLZS.exe
FirewallRules: [{0E0D168B-AF2F-4856-B810-D35CE3569D20}] => (Allow) C:\Program Files\KMSpico\EMDNJ8L60IS.exe
FirewallRules: [{48CB6C0B-37F1-48A9-A502-052346C52693}] => (Allow) C:\Program Files\KMSpico\EMDNJ8L60IS.exe
FirewallRules: [{8837A233-C14F-4547-B2B6-5051121F98C1}] => (Allow) C:\Program Files\KMSpico\CLX3QPLKBOD.exe
FirewallRules: [{E82D5D59-9E5E-44B8-8632-94E9B023FF14}] => (Allow) C:\Program Files\KMSpico\CLX3QPLKBOD.exe
FirewallRules: [{0C5C073F-8E39-452C-B8D7-6647E1675DAE}] => (Allow) C:\Program Files\KMSpico\9O0GZMU7DY2.exe
FirewallRules: [{8E810147-A3E4-4CAC-9ED0-F9E1EBA62357}] => (Allow) C:\Program Files\KMSpico\9O0GZMU7DY2.exe
FirewallRules: [{75790195-671A-413C-9CD5-A602FA598431}] => (Allow) C:\Program Files\KMSpico\BNQEH0HR19F.exe
FirewallRules: [{C9B56653-F8F6-4F05-8BEB-6CCC1C2CEAF0}] => (Allow) C:\Program Files\KMSpico\BNQEH0HR19F.exe
FirewallRules: [{57013F4C-FED5-4359-A8C2-D0020CDC3462}] => (Allow) C:\Program Files\KMSpico\7RSBCQYJWED.exe
FirewallRules: [{BE032266-8CF7-42B0-AA6D-F66E9102FDB1}] => (Allow) C:\Program Files\KMSpico\7RSBCQYJWED.exe
FirewallRules: [{B06A9E7D-DC8F-43BF-82E7-8810EBE9337A}] => (Allow) C:\Program Files\KMSpico\F7L2E4M9TT1.exe
FirewallRules: [{40A49E70-98E9-4776-B2A9-8F499F121E1F}] => (Allow) C:\Program Files\KMSpico\F7L2E4M9TT1.exe
FirewallRules: [{4284392A-CFE1-49A6-8526-5E41C05C633A}] => (Allow) C:\Program Files\KMSpico\IV4GAVANLCP.exe
FirewallRules: [{5C1D5871-7772-473E-8704-9373CB5B05EC}] => (Allow) C:\Program Files\KMSpico\IV4GAVANLCP.exe
FirewallRules: [{30636EAE-8481-445D-A6B7-8BBFEF4724CB}] => (Allow) C:\Program Files\KMSpico\F7400GB6Y4W.exe
FirewallRules: [{C5574019-C85D-483B-BDD6-266479E5F791}] => (Allow) C:\Program Files\KMSpico\F7400GB6Y4W.exe
FirewallRules: [{200E64CD-93B2-4A13-B471-C9E87989EB90}] => (Allow) C:\Program Files\KMSpico\AAN1J2EJ98C.exe
FirewallRules: [{45FA88CD-5719-492D-8084-A58827589EBA}] => (Allow) C:\Program Files\KMSpico\AAN1J2EJ98C.exe
FirewallRules: [{12C78C42-1987-4A83-9625-E9C8CC60A7D3}] => (Allow) C:\Program Files\KMSpico\KMWFKN38GEO.exe
FirewallRules: [{BD1E3842-7B54-4E07-BCE3-E6C4D8FFCB9D}] => (Allow) C:\Program Files\KMSpico\KMWFKN38GEO.exe
FirewallRules: [{3D41050D-AA97-4EFD-86E6-F724DC8752A5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A1050E64-DB3D-4E0E-97D3-B85E8CA49CFA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{654C652B-27AE-4DEE-A167-04255599A14B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E4915130-B44F-48A4-BD8E-FC72B158D2E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{5310DB89-EA0B-4024-B0FC-D29CB1EB6751}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8C78B197-5359-476C-979C-61646C1296B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6B2D6704-A2DC-430A-9E34-851117928929}] => (Allow) C:\Program Files\KMSpico\JVS2NMLY0GJ.exe
FirewallRules: [{391AD7EF-E136-4F4D-B86C-0BD0B634D99C}] => (Allow) C:\Program Files\KMSpico\JVS2NMLY0GJ.exe
FirewallRules: [{6FD187B8-1741-4AC0-A7BF-75911051A72A}] => (Allow) C:\Program Files\KMSpico\WWS4ZPHVPKW.exe
FirewallRules: [{DEEFE98D-5CB6-4ABF-9269-096AC9DA436F}] => (Allow) C:\Program Files\KMSpico\WWS4ZPHVPKW.exe
FirewallRules: [{E97E6DF5-AB93-492F-9E43-9DF3B5DB74E4}] => (Allow) C:\Program Files\KMSpico\X771ZN0XEMH.exe
FirewallRules: [{ACE3C261-C8CA-4DC8-B762-C42DE5B4EF6A}] => (Allow) C:\Program Files\KMSpico\X771ZN0XEMH.exe
FirewallRules: [{D90892DB-E1D0-4104-BF89-137F11334643}] => (Allow) C:\Program Files\KMSpico\7U22807AV2F.exe
FirewallRules: [{043467FE-0EC6-432B-9D46-3781A2BB7C94}] => (Allow) C:\Program Files\KMSpico\7U22807AV2F.exe
FirewallRules: [{3774FB35-D9E2-426A-BA0D-083A6577225F}] => (Allow) C:\Program Files\KMSpico\L7FYOHWSM8F.exe
FirewallRules: [{AC8178F6-E208-42D9-B34D-9AA21F490CEA}] => (Allow) C:\Program Files\KMSpico\L7FYOHWSM8F.exe
FirewallRules: [{48C476C3-9988-4B84-A441-3E1C2D8A584B}] => (Allow) C:\Program Files\KMSpico\PCRIP29J1NA.exe
FirewallRules: [{F72508C7-E093-4C8A-9176-CEB33653324E}] => (Allow) C:\Program Files\KMSpico\PCRIP29J1NA.exe
FirewallRules: [{12A9ADCA-620D-4980-BA2D-F72A58E6713F}] => (Allow) C:\Program Files\KMSpico\RO06EJKR47B.exe
FirewallRules: [{74F6C442-3ABB-4810-A7CD-2E58270FB469}] => (Allow) C:\Program Files\KMSpico\RO06EJKR47B.exe
FirewallRules: [{8847F9E9-34D4-4DC1-8465-D2E2E9BE6281}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{72417712-6C28-43DD-9036-C90AADDD145A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4DE163D1-9345-4D48-A161-B2D8840E04C0}] => (Allow) C:\Program Files\KMSpico\HLERFMJM992.exe
FirewallRules: [{8C83DA14-4B27-4C12-8B53-BA90CF8AF9CF}] => (Allow) C:\Program Files\KMSpico\HLERFMJM992.exe
FirewallRules: [{2E142404-17A4-430D-9434-912369DEC600}] => (Allow) C:\Program Files\KMSpico\MK5V2KHMJIZ.exe
FirewallRules: [{44974759-1F33-45AA-96BF-665FB0377F53}] => (Allow) C:\Program Files\KMSpico\MK5V2KHMJIZ.exe
FirewallRules: [{2ABDC180-577E-475C-AE11-3BA444264373}] => (Allow) C:\Program Files\KMSpico\KYUMQDCRY9R.exe
FirewallRules: [{6074FCF0-4CF5-47B0-A886-5604D808A6DB}] => (Allow) C:\Program Files\KMSpico\KYUMQDCRY9R.exe
FirewallRules: [{AEEB91CE-B6F0-42D3-8318-D2BA7B0E209A}] => (Allow) C:\Program Files\KMSpico\LF02EQQUY5W.exe
FirewallRules: [{AABCA878-FEFF-457E-B32E-7A9F8A82E134}] => (Allow) C:\Program Files\KMSpico\LF02EQQUY5W.exe
FirewallRules: [{87B16916-C02E-4098-9CF6-4CE6A31D0B8A}] => (Allow) C:\Program Files\KMSpico\G1N4C88P38Q.exe
FirewallRules: [{03155021-7DB4-40E7-A384-2D3168D4A86C}] => (Allow) C:\Program Files\KMSpico\G1N4C88P38Q.exe
FirewallRules: [{B0A2E434-DA2C-4F73-8350-841099CA3BAB}] => (Allow) C:\Program Files\KMSpico\5APSP6BAFSB.exe
FirewallRules: [{063B4834-9B7C-46AF-B597-CF1550C9EE20}] => (Allow) C:\Program Files\KMSpico\5APSP6BAFSB.exe
FirewallRules: [{6C6566B4-A50F-42AD-80C5-7C3F589C1C12}] => (Allow) C:\Program Files\KMSpico\M26B9ENYOH9.exe
FirewallRules: [{2CFC1D11-D19C-41F2-B4F0-2E22DA218BEB}] => (Allow) C:\Program Files\KMSpico\M26B9ENYOH9.exe
FirewallRules: [{766361AB-F64E-4C3C-BB7A-B991638ACAA5}] => (Allow) C:\Program Files\KMSpico\E9N4YMMTHZP.exe
FirewallRules: [{3F46FA54-4E3D-406C-B6EC-90B8F04EBA2F}] => (Allow) C:\Program Files\KMSpico\E9N4YMMTHZP.exe
FirewallRules: [{7718D5D3-0C2B-4723-9FC3-699BB6A10B83}] => (Allow) C:\Program Files\KMSpico\OL1RHMDKOVS.exe
FirewallRules: [{0395971F-B36B-4DF1-9E61-A95EC4661177}] => (Allow) C:\Program Files\KMSpico\OL1RHMDKOVS.exe
FirewallRules: [{3F53DB7B-A901-4A19-A8D6-E82613A293F9}] => (Allow) C:\Program Files\KMSpico\DMTZ8RHIH27.exe
FirewallRules: [{21859F09-886E-48D1-B862-11B75B4B5E5F}] => (Allow) C:\Program Files\KMSpico\DMTZ8RHIH27.exe
FirewallRules: [{89413ED1-CBB5-4B97-ADF7-F06F301072BA}] => (Allow) C:\Program Files\KMSpico\07OUUOVIJMD.exe
FirewallRules: [{7A85FDDE-FDF9-4FF1-9E2A-FAF5543D4077}] => (Allow) C:\Program Files\KMSpico\07OUUOVIJMD.exe
FirewallRules: [{F736E671-19B5-42C8-9B25-1901B32CBF70}] => (Allow) C:\Program Files\KMSpico\RTTTHF17L2N.exe
FirewallRules: [{C0693FBA-7BEE-42BD-A201-624D409DF527}] => (Allow) C:\Program Files\KMSpico\RTTTHF17L2N.exe
FirewallRules: [{049D60F4-7340-491E-B038-6C6F518A4FF1}] => (Allow) C:\Program Files\KMSpico\LIK9URLWD8O.exe
FirewallRules: [{1AD83C5A-4840-4CEC-A9DF-86FE0C0928B0}] => (Allow) C:\Program Files\KMSpico\LIK9URLWD8O.exe
FirewallRules: [{A2C9BB53-7CC0-468E-9F7E-C9AC93F24EFD}] => (Allow) C:\Program Files\KMSpico\TQGBFB14UZX.exe
FirewallRules: [{F18203E2-ADE5-41CB-A255-52F14DF62DFC}] => (Allow) C:\Program Files\KMSpico\TQGBFB14UZX.exe
FirewallRules: [{ABEC079C-007C-4C06-BCC8-65C60CC22FF0}] => (Allow) C:\Program Files\KMSpico\A019IR30O2H.exe
FirewallRules: [{60CB5DF3-7D6C-4DE2-8EF5-096FA4F32B90}] => (Allow) C:\Program Files\KMSpico\A019IR30O2H.exe
FirewallRules: [{C499E346-75C4-45AC-AF65-A5571CEFE2AB}] => (Allow) C:\Program Files\KMSpico\K6NULHX5ATJ.exe
FirewallRules: [{B72AB298-000F-4D37-8EA2-21E89AA0CA23}] => (Allow) C:\Program Files\KMSpico\K6NULHX5ATJ.exe
FirewallRules: [{D5643713-86A5-4BD0-82FE-AED46AB3DC7B}] => (Allow) C:\Program Files\KMSpico\8KEXDDT5K7H.exe
FirewallRules: [{236F8AC8-E204-4AC9-BE89-68612B9B008F}] => (Allow) C:\Program Files\KMSpico\8KEXDDT5K7H.exe
FirewallRules: [{C9192307-5288-4653-8D16-160A8F337443}] => (Allow) C:\Program Files\KMSpico\JE4XWHB3VGZ.exe
FirewallRules: [{6C930064-08C0-4DED-9F00-02BB8ADDF354}] => (Allow) C:\Program Files\KMSpico\JE4XWHB3VGZ.exe
FirewallRules: [{142AF579-5007-434E-9E16-67E7076BE7B7}] => (Allow) C:\Program Files\KMSpico\Z74NARPG4RU.exe
FirewallRules: [{B61D0509-3124-4424-8A41-FC5FF513A1C1}] => (Allow) C:\Program Files\KMSpico\Z74NARPG4RU.exe
FirewallRules: [{EE551640-E2A3-433C-902D-FCDD5630921A}] => (Allow) C:\Program Files\KMSpico\J6YJSNEH6NY.exe
FirewallRules: [{B774BB1D-0CE5-4FAC-B244-112C28B8511D}] => (Allow) C:\Program Files\KMSpico\J6YJSNEH6NY.exe
FirewallRules: [{049EA0D5-5637-4DFF-A220-14D2387EFD0D}] => (Allow) C:\Program Files\KMSpico\AT7WLEC9BUQ.exe
FirewallRules: [{0C94868E-E1DF-4656-A2B9-8FB965B11446}] => (Allow) C:\Program Files\KMSpico\AT7WLEC9BUQ.exe
FirewallRules: [{F88E517E-F3E1-4F12-A46C-27283704543D}] => (Allow) C:\Program Files\KMSpico\LWXQR4UXDGD.exe
FirewallRules: [{9D8BDE42-6E77-4DBE-A648-1831DEFD582D}] => (Allow) C:\Program Files\KMSpico\LWXQR4UXDGD.exe
FirewallRules: [{43D9C0FF-FF90-4A0D-9EDF-C0FE258C5E69}] => (Allow) C:\Program Files\KMSpico\EFE9FF7WRXK.exe
FirewallRules: [{3D07AD42-07B9-4151-B97C-C2D8CA34ACB5}] => (Allow) C:\Program Files\KMSpico\EFE9FF7WRXK.exe
FirewallRules: [{5A8B43D5-35FC-477D-9278-15DF670153F7}] => (Allow) C:\Program Files\KMSpico\2LFN37ZX6H9.exe
FirewallRules: [{324001A0-3A37-4E3E-AFD2-F6A03E601607}] => (Allow) C:\Program Files\KMSpico\2LFN37ZX6H9.exe
FirewallRules: [{C52C0F74-83F9-4EF5-A7F0-27D77E931C47}] => (Allow) C:\Program Files\KMSpico\NI5B10B64RQ.exe
FirewallRules: [{6F270F1C-C91C-4C33-8308-470ABDB40134}] => (Allow) C:\Program Files\KMSpico\NI5B10B64RQ.exe
FirewallRules: [{2924082E-676E-4EBA-BE6A-DEA657D81777}] => (Allow) C:\Program Files\KMSpico\70FP1HI1QS3.exe
FirewallRules: [{DFBF70EA-E2B0-4DDD-B812-3CD8E429C194}] => (Allow) C:\Program Files\KMSpico\70FP1HI1QS3.exe
FirewallRules: [{129D3908-4FF5-41BB-B805-81F15EFF1919}] => (Allow) C:\Program Files\KMSpico\OJ3S4D1UKR2.exe
FirewallRules: [{627FD75A-FD82-4346-B1AB-ED0B088ACEAB}] => (Allow) C:\Program Files\KMSpico\OJ3S4D1UKR2.exe
FirewallRules: [{461E819A-69B9-439A-AEA1-B7AB66321684}] => (Allow) C:\Program Files\KMSpico\0Z6KM5N1U3W.exe
FirewallRules: [{D0991809-FC61-48E2-838E-6A8A89F84F5F}] => (Allow) C:\Program Files\KMSpico\0Z6KM5N1U3W.exe
FirewallRules: [{6A578847-F8A4-49A7-BD36-1F36C5E62182}] => (Allow) C:\Program Files\KMSpico\NB2QPDXA981.exe
FirewallRules: [{FDD28E21-47BF-4F3E-8070-ACF0A6F89738}] => (Allow) C:\Program Files\KMSpico\NB2QPDXA981.exe
FirewallRules: [{37085869-1421-4F52-BCB4-7A42AD753912}] => (Allow) C:\Program Files\KMSpico\T5ZHYNV3S4W.exe
FirewallRules: [{ACD4B18D-2E29-48A5-B4E5-EECB5A03C55C}] => (Allow) C:\Program Files\KMSpico\T5ZHYNV3S4W.exe
FirewallRules: [{C18D1E39-31CE-4807-99A3-E4A544D0BB7C}] => (Allow) C:\Program Files\KMSpico\YAOCQNRGEJY.exe
FirewallRules: [{770DB07F-87AC-4D32-88CA-22EE329BF10A}] => (Allow) C:\Program Files\KMSpico\YAOCQNRGEJY.exe
FirewallRules: [{022D3B17-B4B0-43B6-B3A5-6F6FCCA3D4FC}] => (Allow) C:\Program Files\KMSpico\EGA24PZDRSR.exe
FirewallRules: [{4E065CE7-6969-4D49-BCC5-7B6CC046D34D}] => (Allow) C:\Program Files\KMSpico\EGA24PZDRSR.exe
FirewallRules: [{98C15BF4-A2CB-48D0-9CD6-C3BA290B8806}] => (Allow) C:\Program Files\KMSpico\6NKE2J12ZI8.exe
FirewallRules: [{A5317952-209F-4273-863F-02CCB6D2CE34}] => (Allow) C:\Program Files\KMSpico\6NKE2J12ZI8.exe
FirewallRules: [{485FF564-4EDA-4962-9672-E7C511BB7E42}] => (Allow) C:\Program Files\KMSpico\POQ8XAIE95Z.exe
FirewallRules: [{2DA8CE36-BB63-4305-9BB0-FA789AFFE60B}] => (Allow) C:\Program Files\KMSpico\POQ8XAIE95Z.exe
FirewallRules: [{1C1A1462-DEF1-4198-A1B6-F8B3F5D0E5D8}] => (Allow) C:\Program Files\KMSpico\JUH749303S0.exe
FirewallRules: [{A119DAF8-D132-4268-B1E9-78ED162597D6}] => (Allow) C:\Program Files\KMSpico\JUH749303S0.exe
FirewallRules: [{1548B4EE-3DFC-4FEE-BF6B-E038FBFA208F}] => (Allow) C:\Program Files\KMSpico\E8WX8WZE3D4.exe
FirewallRules: [{2D8B5920-98CE-4DCF-BC1D-1A918E4D2120}] => (Allow) C:\Program Files\KMSpico\E8WX8WZE3D4.exe
FirewallRules: [{351696F1-A150-4D7B-A4CA-8F2F51FAB353}] => (Allow) C:\Program Files\KMSpico\8IU7Q9O8S3G.exe
FirewallRules: [{81E8759D-343B-4EC8-A996-B0FBB05AF6AB}] => (Allow) C:\Program Files\KMSpico\8IU7Q9O8S3G.exe
FirewallRules: [{4135B795-1025-41B9-A1E1-9A7731784715}] => (Allow) C:\Program Files\KMSpico\RAX38L4D7TG.exe
FirewallRules: [{E21BA6B7-144A-4722-ABFA-E04B98721B6B}] => (Allow) C:\Program Files\KMSpico\RAX38L4D7TG.exe
FirewallRules: [{D6FE800F-20C4-45CE-8584-AEB3027B2EE2}] => (Allow) C:\Program Files\KMSpico\76ZLETZG9CL.exe
FirewallRules: [{113648D0-26E7-47E7-9243-80E98CB9B293}] => (Allow) C:\Program Files\KMSpico\76ZLETZG9CL.exe
FirewallRules: [{1E3E7AEF-6C74-4571-AB59-8A43480BD608}] => (Allow) C:\Program Files\KMSpico\R1OIFHG5UGC.exe
FirewallRules: [{3E499FC2-2A0B-421A-BD99-DDC963DE034F}] => (Allow) C:\Program Files\KMSpico\R1OIFHG5UGC.exe
FirewallRules: [{CD0E9A52-EADA-425C-AF42-87E68899B748}] => (Allow) C:\Program Files\KMSpico\P5WGBW4G8HH.exe
FirewallRules: [{F2F6C6EE-BBAE-4FE3-B65F-71A34D1184E4}] => (Allow) C:\Program Files\KMSpico\P5WGBW4G8HH.exe
FirewallRules: [{23452348-E0A2-49CF-9F08-98736119977A}] => (Allow) C:\Program Files\KMSpico\T5HKIYA3Y3U.exe
FirewallRules: [{36AE72BB-C0E3-4D73-8989-F675DAB9887D}] => (Allow) C:\Program Files\KMSpico\T5HKIYA3Y3U.exe
FirewallRules: [{4B22043C-931B-42F5-86CC-29B9EAB0688D}] => (Allow) C:\Program Files\KMSpico\K3WDST6PWPJ.exe
FirewallRules: [{B5FDEB57-F8E2-41FB-A01F-C81F1A86E3F1}] => (Allow) C:\Program Files\KMSpico\K3WDST6PWPJ.exe
FirewallRules: [{1474FC43-D156-440F-A0C9-639635045B8F}] => (Allow) C:\Program Files\KMSpico\VFT0YMWWEYF.exe
FirewallRules: [{5DF2935D-4DFB-44A0-A7F2-A123EEC5D818}] => (Allow) C:\Program Files\KMSpico\VFT0YMWWEYF.exe
FirewallRules: [{F5091C24-0B4F-44F3-B2DE-B0F60067E748}] => (Allow) C:\Program Files\KMSpico\SGILCO5FZ0Y.exe
FirewallRules: [{9083A5D0-7FED-425F-872B-A9A123C2D327}] => (Allow) C:\Program Files\KMSpico\SGILCO5FZ0Y.exe
FirewallRules: [{37D06144-4822-4966-B65A-3C2AE00EB2D4}] => (Allow) C:\Program Files\KMSpico\VNOHJUUSPAR.exe
FirewallRules: [{87480131-B8B1-49A9-BB3D-2217D2731CE5}] => (Allow) C:\Program Files\KMSpico\VNOHJUUSPAR.exe
FirewallRules: [{60780BDA-F14C-4868-B8C8-AE4BC70BDFEA}] => (Allow) C:\Program Files\KMSpico\NHI6Y9YQV67.exe
FirewallRules: [{AA9F6225-6F0C-48DF-9076-5A32C7025985}] => (Allow) C:\Program Files\KMSpico\NHI6Y9YQV67.exe
FirewallRules: [{C4D1A7D6-28F1-4719-BAE5-3E98606005F7}] => (Allow) C:\Program Files\KMSpico\LNSCN0XCNND.exe
FirewallRules: [{CB244E4B-1863-4056-BD84-D3E98E532543}] => (Allow) C:\Program Files\KMSpico\LNSCN0XCNND.exe
FirewallRules: [{88F08025-3D76-4232-B243-EE35D272668A}] => (Allow) C:\Program Files\KMSpico\GUIRQI01L5B.exe
FirewallRules: [{1CB644D6-A84C-43FA-9E8F-A4502CFCC0D3}] => (Allow) C:\Program Files\KMSpico\GUIRQI01L5B.exe
FirewallRules: [{EEA325FA-B51C-4D15-A630-982868BF37A7}] => (Allow) C:\Program Files\KMSpico\JV4S5SE5882.exe
FirewallRules: [{FA3DEA75-175D-4689-8637-14E1169BEC4D}] => (Allow) C:\Program Files\KMSpico\JV4S5SE5882.exe
FirewallRules: [{190A3654-A1D9-4264-BE7A-71CBFBA7E045}] => (Allow) C:\Program Files\KMSpico\UDQDDWAPF9J.exe
FirewallRules: [{F4B8FE8E-5643-46A2-91B8-77C1B5751803}] => (Allow) C:\Program Files\KMSpico\UDQDDWAPF9J.exe
FirewallRules: [{947B463F-2057-4F50-B35F-7B26D208E78B}] => (Allow) C:\Program Files\KMSpico\AU6SEYRJWQV.exe
FirewallRules: [{33B9820E-32D7-4137-8E00-0ACC7E2E385B}] => (Allow) C:\Program Files\KMSpico\AU6SEYRJWQV.exe
FirewallRules: [{7B486F73-B431-47CA-8AEE-7951D54071DF}] => (Allow) C:\Program Files\KMSpico\XWS06ZMAW5M.exe
FirewallRules: [{F4E80C5F-C138-4BC0-845C-07CC11421B9A}] => (Allow) C:\Program Files\KMSpico\XWS06ZMAW5M.exe
FirewallRules: [{86BA5A54-A038-48CA-941B-0611046127A0}] => (Allow) C:\Program Files\KMSpico\7XSC7EFJSJA.exe
FirewallRules: [{2AD3CAB0-DC6B-44BD-9D25-B23B8F3C1EA4}] => (Allow) C:\Program Files\KMSpico\7XSC7EFJSJA.exe
FirewallRules: [{B1CC8B61-A4D1-4CFB-B556-6528D3C5457F}] => (Allow) C:\Program Files\KMSpico\I7VBW4LX3QX.exe
FirewallRules: [{83880F11-1D8F-45BD-B868-8CF3EA1C9DD6}] => (Allow) C:\Program Files\KMSpico\I7VBW4LX3QX.exe
FirewallRules: [{F596DC84-B873-44EF-9488-17731DA4FBD3}] => (Allow) C:\Program Files\KMSpico\HH7BR74QCWZ.exe
FirewallRules: [{88FC8420-50F9-4C23-8878-FD6A56419ED9}] => (Allow) C:\Program Files\KMSpico\HH7BR74QCWZ.exe
FirewallRules: [{187F6892-C43C-43C8-871C-3F1E1BDA4220}] => (Allow) C:\Program Files\KMSpico\M37PMTSZYI0.exe
FirewallRules: [{90EA1B8A-8D57-47EF-882E-883F11E438B5}] => (Allow) C:\Program Files\KMSpico\M37PMTSZYI0.exe
FirewallRules: [{215D6811-6BF5-4723-BF4A-63E5A918D7F3}] => (Allow) C:\Program Files\KMSpico\4G3E66JVB9N.exe
FirewallRules: [{DB62257D-933A-49A2-9A09-DE0699E15D6D}] => (Allow) C:\Program Files\KMSpico\4G3E66JVB9N.exe
FirewallRules: [{85C47C70-54E3-40C0-8FEC-5C468406AF64}] => (Allow) C:\Program Files\KMSpico\9CHTAONZWAF.exe
FirewallRules: [{22785008-80F9-4A00-8D0A-9183139F20B4}] => (Allow) C:\Program Files\KMSpico\9CHTAONZWAF.exe
FirewallRules: [{CBC19585-0B58-4506-A18C-1E33BE889AAD}] => (Allow) C:\Program Files\KMSpico\ZXTXZNDLHER.exe
FirewallRules: [{E297E999-2671-490E-AA7D-3E4A19C57C62}] => (Allow) C:\Program Files\KMSpico\ZXTXZNDLHER.exe
FirewallRules: [{EC18B4F7-EEED-4FCB-9A61-0C3AAB2A1435}] => (Allow) C:\Program Files\KMSpico\WME35V1PFS2.exe
FirewallRules: [{FA24AD3D-FF98-4062-AE92-6C2666082E49}] => (Allow) C:\Program Files\KMSpico\WME35V1PFS2.exe
FirewallRules: [{D099F123-1B4A-4AF3-B55C-B72DF210FA76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DDDAD50-9D7D-4288-ADA5-472466028D90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A5711AB-DAFF-4EEA-8304-F770CB47D2A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{99604223-9858-4642-BDAE-8F0436CC7F76}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78750EED-25D2-4C9E-9385-630622500EA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0DD36987-2235-4D9A-9BD7-69EB428C0644}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C0DCD623-0EF0-43F1-81B8-598B29784AAF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E79140BE-1C76-476C-80F1-A650FE071A7C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{4EFBFA47-160D-484A-A989-FB36D545BFBD}] => (Allow) C:\Program Files (x86)\Nero16T\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{9DF48C86-B887-47E6-80DD-405972ADADD6}] => (Allow) C:\Program Files (x86)\Nero16T\KM\NMDllHost.exe
FirewallRules: [{ABB08FB1-307A-4C9A-BBFA-AE2C81B6C73F}] => (Allow) C:\Program Files (x86)\Nero16T\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{7C33F6B9-3CC7-4FEC-A5A4-794CBDA21794}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{DB47901B-9C6E-4CAB-9190-6D58A010D910}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{66FD0322-E8EA-4EC2-9AA3-1A7D7B219DC0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{0F6DA50C-10C0-4151-AF2A-BE3D0DA42CE8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{6B4F733C-0833-4F5C-8C66-6899EAD3EBDC}] => (Allow) C:\Program Files (x86)\Nero16T\KM\NMDllHost.exe
FirewallRules: [{CD73B823-F2A8-47A9-9D5F-C94C793F1F46}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{A65C5073-E557-4763-A7E7-ACFA69C8F74C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{BED2B2BE-2A0D-40C1-A2FA-ED487FC3C23A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{92CF5155-4295-421A-B15E-AF6E1236397C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{055B5155-3917-4641-BC21-D53C1D570D79}] => (Allow) LPort=5357
FirewallRules: [{732F1EF8-CA1E-4F5B-8D69-AE6D93D3D954}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DD67CA93-FB40-40AE-A6DA-02F6639B59D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{DB42C1B6-6F81-4F5B-997B-FE8F290EB293}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{9E761FD1-AB09-47BE-8AD3-F8FDE18B31AA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe

==================== Wiederherstellungspunkte =========================

10-06-2016 23:29:18 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/11/2016 01:49:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/10/2016 11:51:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/10/2016 07:55:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/10/2016 07:48:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/10/2016 09:10:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/09/2016 11:28:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/09/2016 11:25:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/09/2016 10:35:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/09/2016 04:36:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4ebb
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x4b4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5

Error: (06/09/2016 03:59:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (06/11/2016 01:41:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.

Error: (06/11/2016 01:41:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.

Error: (06/11/2016 01:40:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst CertPropSvc erreicht.

Error: (06/11/2016 01:40:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BITS erreicht.

Error: (06/11/2016 01:39:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gruppenrichtlinienclient" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/11/2016 01:39:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst gpsvc erreicht.

Error: (06/11/2016 01:39:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (06/10/2016 01:47:26 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Acronis Nonstop Backup Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/10/2016 12:10:23 PM) (Source: DCOM) (EventID: 10010) (User: Jamie)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/10/2016 12:09:53 PM) (Source: DCOM) (EventID: 10010) (User: Jamie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


CodeIntegrity:
===================================
  Date: 2015-03-03 19:34:02.713
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-24 10:48:13.804
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-17 09:03:20.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-12 13:05:43.884
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-11 20:43:39.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-11 08:57:19.276
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8077.52 MB
Verfügbarer physikalischer RAM: 4674.41 MB
Summe virtueller Speicher: 16269.52 MB
Verfügbarer virtueller Speicher: 12959.25 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:15.26 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:111.71 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 01A8A7C0)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 6805F127)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

__________________

Alt 11.06.2016, 14:21   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:
oder auch nicht....

Könnte es sein, dass sich auf dem Rechner gecrackte Software befindet?
__________________
__________________

Alt 12.06.2016, 14:59   #4
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Hallo Jürgen,

danke für deine Hilfe! An die Regeln werde ich mich bestmöglich halten, nur der keine Software-Teil macht mich unsicher, weil ich gerade einen Bericht schreibe und nicht weiß, ob ich dazu noch etwas Neues brauche. Stört es, wenn ich über eine Remote-Desktop Verbindung Uni-Programme nutze, die ich nicht selbst habe?

Zu gecrackter Software: Ich weiß nicht, was du meinst (außer Allgemeinverständnis), aber wenn du mir genauer sagst, was du meinst, kann ich es bestimmt löschen. Also wenn das hilft?

Liebe Grüße
Mira

Geändert von ShotaB (12.06.2016 um 15:11 Uhr)

Alt 12.06.2016, 16:36   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Zitat:
Zitat von ShotaB Beitrag anzeigen
Stört es, wenn ich über eine Remote-Desktop Verbindung Uni-Programme nutze, die ich nicht selbst habe?
Nein.

Es kann auch sein, dass FB so lange meckert bis wir den empfohlenen Scanner benutzt haben.

Das Office scheint mir eine etwas besondere "Studentenedition" zu sein...
Hat Dir bestimmt ein Freund installiert?

Wir ziehen jetzt mal unser Bereinigungsprogramm durch:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 12.06.2016, 22:30   #6
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Hallo =)

1. Habe alles, was ich von Microsoft Office gefunden habe, versucht zu löschen. Ist aber irgendwie unübersichtlich (es enthält eine Menge Zeug Office+Microsoft im Namen) und einer der 2 Hauptordner (habe Office 2013 und 2015 gefunden) lässt sich nicht löschen, weil angeblich etwas daraus geöffnet ist. Ich finde nur nicht wo! Falls du einen effektiven Löschtipp hast, gerne her damit.

2. Hier ist der Report von TDSSKiller.exe - Teil 1 (ist zu lang für einen Beitrag):
Code:
ATTFilter
23:20:21.0639 0x01e8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:20:21.0639 0x01e8  UEFI system
23:21:05.0281 0x01e8  ============================================================
23:21:05.0281 0x01e8  Current date / time: 2016/06/12 23:21:05.0281
23:21:05.0281 0x01e8  SystemInfo:
23:21:05.0281 0x01e8  
23:21:05.0281 0x01e8  OS Version: 6.3.9600 ServicePack: 0.0
23:21:05.0281 0x01e8  Product type: Workstation
23:21:05.0281 0x01e8  ComputerName: JAMIE
23:21:05.0281 0x01e8  UserName: Mira
23:21:05.0281 0x01e8  Windows directory: C:\WINDOWS
23:21:05.0281 0x01e8  System windows directory: C:\WINDOWS
23:21:05.0281 0x01e8  Running under WOW64
23:21:05.0281 0x01e8  Processor architecture: Intel x64
23:21:05.0281 0x01e8  Number of processors: 4
23:21:05.0281 0x01e8  Page size: 0x1000
23:21:05.0281 0x01e8  Boot type: Normal boot
23:21:05.0281 0x01e8  ============================================================
23:21:06.0437 0x01e8  KLMD registered as C:\WINDOWS\system32\drivers\14565373.sys
23:21:08.0859 0x01e8  System UUID: {557CA1DB-1623-F343-13A2-F1A51EB74EED}
23:21:13.0765 0x01e8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:13.0765 0x01e8  Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:13.0765 0x01e8  ============================================================
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0:
23:21:13.0765 0x01e8  GPT partitions:
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6B139546-F3E4-423C-8A5A-5429389899B4}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1ECA3787-605B-4E4E-947E-603B155F5389}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {453316B9-F18D-4E99-9434-C5F0B6DD80A8}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A5DC35F6-5A5E-47F9-97D2-207DDF78489E}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173BB000
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {019BE799-4D90-4849-89FA-7B94194CFF9A}, Name: , StartLBA 0x17653800, BlocksNum 0xE1000
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {274280A3-3AB5-4020-B524-0740BF2F2EEA}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
23:21:13.0765 0x01e8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {14FA438D-4143-4E70-923A-F3A4F971CEB9}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
23:21:13.0765 0x01e8  MBR partitions:
23:21:13.0765 0x01e8  \Device\Harddisk1\DR1:
23:21:13.0765 0x01e8  GPT partitions:
23:21:13.0781 0x01e8  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x801000, BlocksNum 0x24BA000
23:21:13.0781 0x01e8  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {106260C6-8DDC-4FFE-BC93-1B7E4D01FE5A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x800000
23:21:13.0781 0x01e8  MBR partitions:
23:21:13.0781 0x01e8  ============================================================
23:21:13.0812 0x01e8  C: <-> \Device\Harddisk0\DR0\Partition4
23:21:13.0859 0x01e8  D: <-> \Device\Harddisk0\DR0\Partition6
23:21:13.0859 0x01e8  ============================================================
23:21:13.0859 0x01e8  Initialize success
23:21:13.0859 0x01e8  ============================================================
23:23:11.0709 0x0cd8  ============================================================
23:23:11.0709 0x0cd8  Scan started
23:23:11.0709 0x0cd8  Mode: Manual; SigCheck; TDLFS; 
23:23:11.0709 0x0cd8  ============================================================
23:23:11.0709 0x0cd8  KSN ping started
23:23:14.0006 0x0cd8  KSN ping finished: true
23:23:15.0444 0x0cd8  ================ Scan system memory ========================
23:23:15.0459 0x0cd8  System memory - ok
23:23:15.0459 0x0cd8  ================ Scan services =============================
23:23:15.0631 0x0cd8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:23:15.0678 0x0cd8  1394ohci - ok
23:23:15.0741 0x0cd8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:23:15.0756 0x0cd8  3ware - ok
23:23:15.0819 0x0cd8  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:23:15.0834 0x0cd8  ACPI - ok
23:23:15.0850 0x0cd8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:23:15.0866 0x0cd8  acpiex - ok
23:23:15.0881 0x0cd8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:23:15.0897 0x0cd8  acpipagr - ok
23:23:15.0944 0x0cd8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:23:15.0959 0x0cd8  AcpiPmi - ok
23:23:15.0959 0x0cd8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:23:15.0975 0x0cd8  acpitime - ok
23:23:16.0116 0x0cd8  [ 36C606A3A3FB332129E1DFB5EAAEBF83, D67C96B2D53C5548A86600F64B8EED0ED0472DDE0BEE46F07A780FA02F020EBD ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
23:23:16.0147 0x0cd8  AcrSch2Svc - ok
23:23:16.0162 0x0cd8  [ 44BED6BCA7644EBE733926DAC4FCEFF6, 892A9EB2C76C52A6B152B5F8DFE111629E23AC4A63BAAB9D618724C38B5C5F82 ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
23:23:16.0194 0x0cd8  acsock - ok
23:23:16.0241 0x0cd8  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:23:16.0241 0x0cd8  AdobeARMservice - ok
23:23:16.0334 0x0cd8  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:23:16.0350 0x0cd8  AdobeFlashPlayerUpdateSvc - ok
23:23:16.0412 0x0cd8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:23:16.0444 0x0cd8  ADP80XX - ok
23:23:16.0475 0x0cd8  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
23:23:16.0506 0x0cd8  AeLookupSvc - ok
23:23:16.0678 0x0cd8  [ D58AFA917D97BFF073E58763B13E4A65, 5D735F27CC1C17CED976E0996033AF72E3C70BADAE8BFE6506AAF5BD747E6DA2 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
23:23:16.0787 0x0cd8  afcdpsrv - ok
23:23:16.0850 0x0cd8  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:23:16.0881 0x0cd8  AFD - ok
23:23:16.0913 0x0cd8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:23:16.0928 0x0cd8  agp440 - ok
23:23:16.0944 0x0cd8  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:23:16.0959 0x0cd8  ahcache - ok
23:23:17.0006 0x0cd8  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
23:23:17.0006 0x0cd8  AiCharger - ok
23:23:17.0053 0x0cd8  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
23:23:17.0084 0x0cd8  ALG - ok
23:23:17.0100 0x0cd8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:23:17.0116 0x0cd8  AmdK8 - ok
23:23:17.0147 0x0cd8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:23:17.0163 0x0cd8  AmdPPM - ok
23:23:17.0178 0x0cd8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:23:17.0194 0x0cd8  amdsata - ok
23:23:17.0209 0x0cd8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:23:17.0225 0x0cd8  amdsbs - ok
23:23:17.0241 0x0cd8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:23:17.0256 0x0cd8  amdxata - ok
23:23:17.0303 0x0cd8  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:23:17.0319 0x0cd8  AppID - ok
23:23:17.0334 0x0cd8  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:23:17.0350 0x0cd8  AppIDSvc - ok
23:23:17.0397 0x0cd8  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:23:17.0428 0x0cd8  Appinfo - ok
23:23:17.0459 0x0cd8  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:23:17.0491 0x0cd8  AppReadiness - ok
23:23:17.0553 0x0cd8  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:23:17.0616 0x0cd8  AppXSvc - ok
23:23:17.0647 0x0cd8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:23:17.0663 0x0cd8  arcsas - ok
23:23:17.0772 0x0cd8  [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:23:17.0772 0x0cd8  ASLDRService - ok
23:23:17.0803 0x0cd8  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:23:17.0819 0x0cd8  ASMMAP64 - ok
23:23:17.0881 0x0cd8  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
23:23:17.0897 0x0cd8  ASUS InstantOn - ok
23:23:17.0913 0x0cd8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:23:17.0928 0x0cd8  atapi - ok
23:23:17.0959 0x0cd8  [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
23:23:17.0959 0x0cd8  AthBTPort - ok
23:23:18.0022 0x0cd8  [ 67EC05E67E1416A51C478A5DAA59302E, 1957D9978603088481089075DC2D4AE88B9152B9517EA2768429B9955D8D448E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:23:18.0022 0x0cd8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:20.0413 0x0cd8  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
23:23:20.0413 0x0cd8  Force sending object to P2P due to detect: AtherosSvc
23:23:22.0835 0x0cd8  Object send P2P result: true
23:23:25.0382 0x0cd8  [ 688941322FB20DB0407B6F149607517D, 53ABFCE11485E307D56598BF03121DDCD8D3E75FE2D85E513252C5A649D7EBAD ] athr            C:\WINDOWS\system32\DRIVERS\athwbx.sys
23:23:25.0475 0x0cd8  athr - ok
23:23:25.0491 0x0cd8  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:23:25.0507 0x0cd8  ATKGFNEXSrv - ok
23:23:25.0569 0x0cd8  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:23:25.0585 0x0cd8  ATKWMIACPIIO - ok
23:23:25.0600 0x0cd8  [ 234F50A5BAF3CACD752C300E865DA202, 9617F92F9E1E1B3A5CDFF61F95356500F5A4A459938A35BADCE6604A04A34825 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
23:23:25.0600 0x0cd8  ATP - ok
23:23:25.0647 0x0cd8  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:23:25.0679 0x0cd8  AudioEndpointBuilder - ok
23:23:25.0725 0x0cd8  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:23:25.0757 0x0cd8  Audiosrv - ok
23:23:25.0804 0x0cd8  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:23:25.0819 0x0cd8  AxInstSV - ok
23:23:25.0866 0x0cd8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:23:25.0882 0x0cd8  b06bdrv - ok
23:23:25.0913 0x0cd8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:23:25.0929 0x0cd8  BasicDisplay - ok
23:23:25.0944 0x0cd8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:23:25.0960 0x0cd8  BasicRender - ok
23:23:25.0975 0x0cd8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:23:25.0975 0x0cd8  bcmfn2 - ok
23:23:26.0038 0x0cd8  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:23:26.0069 0x0cd8  BDESVC - ok
23:23:26.0116 0x0cd8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:23:26.0147 0x0cd8  Beep - ok
23:23:26.0210 0x0cd8  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
23:23:26.0241 0x0cd8  BFE - ok
23:23:26.0460 0x0cd8  [ 4E8EF55692BDCB8BA97888877CD034AC, 050C73032D77D57E3B79D1BFB3F2D7F2E9CED1188F53576223FE10149D86AB6C ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160601.001\BHDrvx64.sys
23:23:26.0507 0x0cd8  BHDrvx64 - ok
23:23:26.0585 0x0cd8  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:23:26.0616 0x0cd8  BITS - ok
23:23:26.0647 0x0cd8  [ 0A7F269E6D58A8814105150B4F7F5021, A240435DE12CD433233EB623B6D458BBC96C839AF23A8B96CF4856E8603B0EE6 ] BootDefragDriver C:\WINDOWS\system32\drivers\BootDefragDriver.sys
23:23:26.0647 0x0cd8  BootDefragDriver - ok
23:23:26.0663 0x0cd8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:23:26.0679 0x0cd8  bowser - ok
23:23:26.0710 0x0cd8  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:23:26.0757 0x0cd8  BrokerInfrastructure - ok
23:23:26.0804 0x0cd8  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
23:23:26.0835 0x0cd8  Browser - ok
23:23:26.0866 0x0cd8  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
23:23:26.0866 0x0cd8  BTATH_BUS - ok
23:23:26.0897 0x0cd8  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
23:23:26.0897 0x0cd8  BTATH_HCRP - ok
23:23:26.0929 0x0cd8  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
23:23:26.0944 0x0cd8  BTATH_LWFLT - ok
23:23:26.0991 0x0cd8  [ B4A748101F8A06EFD0BF89AA7220B6EE, E36BA3EE483E3FBF45C2E97FA682D94EEA02856D3B4171A1A3507EDCF9B16A87 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:23:27.0022 0x0cd8  BtFilter - ok
23:23:27.0069 0x0cd8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:23:27.0085 0x0cd8  BthAvrcpTg - ok
23:23:27.0116 0x0cd8  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
23:23:27.0132 0x0cd8  BthEnum - ok
23:23:27.0163 0x0cd8  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:23:27.0179 0x0cd8  BthHFEnum - ok
23:23:27.0226 0x0cd8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:23:27.0226 0x0cd8  bthhfhid - ok
23:23:27.0288 0x0cd8  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:23:27.0319 0x0cd8  BthHFSrv - ok
23:23:27.0335 0x0cd8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
23:23:27.0351 0x0cd8  BthLEEnum - ok
23:23:27.0366 0x0cd8  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:23:27.0382 0x0cd8  BTHMODEM - ok
23:23:27.0413 0x0cd8  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:23:27.0429 0x0cd8  BthPan - ok
23:23:27.0507 0x0cd8  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
23:23:27.0554 0x0cd8  BTHPORT - ok
23:23:27.0585 0x0cd8  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:23:27.0616 0x0cd8  bthserv - ok
23:23:27.0632 0x0cd8  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:23:27.0663 0x0cd8  BTHUSB - ok
23:23:27.0757 0x0cd8  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360x64\1606000.08E\ccSetx64.sys
23:23:27.0757 0x0cd8  ccSet_N360 - ok
23:23:27.0788 0x0cd8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:23:27.0804 0x0cd8  cdfs - ok
23:23:27.0835 0x0cd8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:23:27.0851 0x0cd8  cdrom - ok
23:23:27.0882 0x0cd8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:23:27.0913 0x0cd8  CertPropSvc - ok
23:23:27.0944 0x0cd8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:23:27.0960 0x0cd8  circlass - ok
23:23:27.0991 0x0cd8  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:23:28.0022 0x0cd8  CLFS - ok
23:23:28.0054 0x0cd8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:23:28.0069 0x0cd8  CmBatt - ok
23:23:28.0116 0x0cd8  [ 6A48941C527C8C51051A1514C5B23A31, B0553DAE1F70DB43F2FB3BE699B80783B7943CDE8B31FB3AAB98E689971DFA51 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:23:28.0147 0x0cd8  CNG - ok
23:23:28.0210 0x0cd8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
23:23:28.0226 0x0cd8  CompositeBus - ok
23:23:28.0241 0x0cd8  COMSysApp - ok
23:23:28.0257 0x0cd8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:23:28.0272 0x0cd8  condrv - ok
23:23:28.0335 0x0cd8  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:23:28.0351 0x0cd8  cphs - ok
23:23:28.0397 0x0cd8  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:23:28.0429 0x0cd8  CryptSvc - ok
23:23:28.0476 0x0cd8  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:23:28.0491 0x0cd8  dam - ok
23:23:28.0554 0x0cd8  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:23:28.0601 0x0cd8  DcomLaunch - ok
23:23:28.0632 0x0cd8  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:23:28.0679 0x0cd8  defragsvc - ok
23:23:28.0741 0x0cd8  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:23:28.0788 0x0cd8  DeviceAssociationService - ok
23:23:28.0835 0x0cd8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:23:28.0866 0x0cd8  DeviceInstall - ok
23:23:28.0913 0x0cd8  [ FDE50F8CBFC986086FE47D3D582F80BE, 4D0D5C6F9B1B7EF76F89F78B79AF8D7BBFF05127F512A14701012EB01599B898 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:23:28.0929 0x0cd8  Dfsc - ok
23:23:28.0991 0x0cd8  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:23:29.0007 0x0cd8  dg_ssudbus - ok
23:23:29.0069 0x0cd8  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:23:29.0101 0x0cd8  Dhcp - ok
23:23:29.0179 0x0cd8  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
23:23:29.0226 0x0cd8  DiagTrack - ok
23:23:29.0288 0x0cd8  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:23:29.0304 0x0cd8  disk - ok
23:23:29.0351 0x0cd8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:23:29.0351 0x0cd8  dmvsc - ok
23:23:29.0413 0x0cd8  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:23:29.0429 0x0cd8  Dnscache - ok
23:23:29.0476 0x0cd8  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:23:29.0507 0x0cd8  dot3svc - ok
23:23:29.0554 0x0cd8  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
23:23:29.0569 0x0cd8  DPS - ok
23:23:29.0585 0x0cd8  [ 89595B15B876EADE5780B4C4B2451AFA, 25A0813C8117CC4D831830EF07A63DDAB4D61AF2DE442F70F3B32F93B13166AD ] DptfDevDram     C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
23:23:29.0601 0x0cd8  DptfDevDram - ok
23:23:29.0632 0x0cd8  [ 6CBC15DEE81DEEF89C1835E7BF87CC87, FD0645689A2555E17EE1B54A9CA8134B47D939CE4A0BF634383B4543E561C0C1 ] DptfDevFan      C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys
23:23:29.0632 0x0cd8  DptfDevFan - ok
23:23:29.0648 0x0cd8  [ A9371AA3293D6CB2E4B8620A4D302D76, E28251E84455D49F52A8234C2465278FC9F9CB01D576CCC34F079555449B83EE ] DptfDevGen      C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys
23:23:29.0648 0x0cd8  DptfDevGen - ok
23:23:29.0663 0x0cd8  [ CC6B4E7D8C9C6F73D4099C6F514D2CAE, D9A23FB40B1B7C09F365FDCE7714A4D9047772F0216C2C574781016F544E4135 ] DptfDevPch      C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
23:23:29.0663 0x0cd8  DptfDevPch - ok
23:23:29.0679 0x0cd8  [ 150DB10026FA1CF01270885FB62276D8, AF259740D06A63F756A725D36E033BF9B0AF17728E3C267405DF6CC2FAC97FA4 ] DptfDevProc     C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
23:23:29.0694 0x0cd8  DptfDevProc - ok
23:23:29.0726 0x0cd8  [ A56B34459B4E6919903F214D555E2E21, 6896FBE4ACB627BBFABAB1898F349FD93CF98CCFFD0380D62D9D45D6C36B42DB ] DptfManager     C:\WINDOWS\system32\DRIVERS\DptfManager.sys
23:23:29.0741 0x0cd8  DptfManager - ok
23:23:29.0773 0x0cd8  [ 2C4C814B2D76B19B581D81A1F9D5CEA1, 6A0C69011F85CCB1D9E6F02B16386668AA381261FF75FAEF515B0DE81CE4C5BD ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
23:23:29.0773 0x0cd8  DptfParticipantProcessorService - ok
23:23:29.0804 0x0cd8  [ 26C3D7C10EA87BA7B6927CD259B3158C, 85BE88C7AA13AFF743F9DB7DCAE4BEDAEB292BCCBFFFEAF7A2843DA9C3AFF831 ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
23:23:29.0804 0x0cd8  DptfPolicyConfigTDPService - ok
23:23:29.0819 0x0cd8  [ 573ACABA5147E413CEE4BD437C34CD32, F005D6C02B77887B6DD16567F2EC86B5205D784C7BFBD8C1A9279379C6701703 ] DptfPolicyLpmService C:\WINDOWS\system32\DptfPolicyLpmService.exe
23:23:29.0835 0x0cd8  DptfPolicyLpmService - ok
23:23:29.0866 0x0cd8  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:23:29.0866 0x0cd8  drmkaud - ok
23:23:29.0929 0x0cd8  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:23:29.0960 0x0cd8  DsmSvc - ok
23:23:29.0991 0x0cd8  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
23:23:30.0007 0x0cd8  dtsoftbus01 - ok
23:23:30.0085 0x0cd8  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:23:30.0132 0x0cd8  DXGKrnl - ok
23:23:30.0179 0x0cd8  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:23:30.0194 0x0cd8  Eaphost - ok
23:23:30.0304 0x0cd8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:23:30.0444 0x0cd8  ebdrv - ok
23:23:30.0523 0x0cd8  [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:23:30.0538 0x0cd8  eeCtrl - ok
23:23:30.0585 0x0cd8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
23:23:30.0585 0x0cd8  EFS - ok
23:23:30.0632 0x0cd8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:23:30.0632 0x0cd8  EhStorClass - ok
23:23:30.0663 0x0cd8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:23:30.0679 0x0cd8  EhStorTcgDrv - ok
23:23:30.0757 0x0cd8  [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:23:30.0773 0x0cd8  EraserUtilRebootDrv - ok
23:23:30.0788 0x0cd8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:23:30.0804 0x0cd8  ErrDev - ok
23:23:30.0866 0x0cd8  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
23:23:30.0898 0x0cd8  EventSystem - ok
23:23:30.0944 0x0cd8  [ D2EAA04AF43154B62FA85B08BAD0A7CA, B18F09CAD04AD61A1B8DCD3BBC70A82FB50008C147389D3245E39856BA940A87 ] excfs           C:\WINDOWS\system32\DRIVERS\excfs.sys
23:23:30.0944 0x0cd8  excfs - ok
23:23:30.0944 0x0cd8  [ E6082A6C109238A725D83184724C4A36, 66F0D4798C357FFCC5A35E45BE8E5F0A97E7BCF98CFAA1BB2269F6D6B910A0A3 ] excsd           C:\WINDOWS\system32\DRIVERS\excsd.sys
23:23:30.0960 0x0cd8  excsd - ok
23:23:30.0991 0x0cd8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:23:31.0023 0x0cd8  exfat - ok
23:23:31.0116 0x0cd8  [ 68030FF4B7669E15916910885E2E6160, 324EC07A0135354A5D41ED841919D61C218ECA718DE8A8357B0D2AD0B621777B ] ExpressCache    C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
23:23:31.0116 0x0cd8  ExpressCache - ok
23:23:31.0163 0x0cd8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:23:31.0179 0x0cd8  fastfat - ok
23:23:31.0241 0x0cd8  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:23:31.0304 0x0cd8  Fax - ok
23:23:31.0319 0x0cd8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:23:31.0335 0x0cd8  fdc - ok
23:23:31.0382 0x0cd8  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:23:31.0398 0x0cd8  fdPHost - ok
23:23:31.0429 0x0cd8  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:23:31.0444 0x0cd8  FDResPub - ok
23:23:31.0491 0x0cd8  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:23:31.0523 0x0cd8  fhsvc - ok
23:23:31.0554 0x0cd8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:23:31.0570 0x0cd8  FileInfo - ok
23:23:31.0585 0x0cd8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:23:31.0601 0x0cd8  Filetrace - ok
23:23:31.0632 0x0cd8  [ 27B3C0F193F00D65F2D6B2C8C7FD22FF, B7DFE6D3065091C26085DB661503847F729EC2D2842C3D56D4F003548CC46503 ] file_tracker    C:\WINDOWS\system32\DRIVERS\file_tracker.sys
23:23:31.0663 0x0cd8  file_tracker - ok
23:23:31.0679 0x0cd8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:23:31.0710 0x0cd8  flpydisk - ok
23:23:31.0741 0x0cd8  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:23:31.0773 0x0cd8  FltMgr - ok
23:23:31.0804 0x0cd8  [ 4AD91299304A5E75084434F246DE0F9A, 3617EFEBCCB23F15FC9423544D061AF183E8E87B7E1EA9AA13EAAC5A9F0DE439 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
23:23:31.0820 0x0cd8  fltsrv - ok
23:23:31.0898 0x0cd8  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:23:31.0960 0x0cd8  FontCache - ok
23:23:32.0085 0x0cd8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:23:32.0101 0x0cd8  FontCache3.0.0.0 - ok
23:23:32.0148 0x0cd8  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:23:32.0148 0x0cd8  FsDepends - ok
23:23:32.0163 0x0cd8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:23:32.0179 0x0cd8  Fs_Rec - ok
23:23:32.0226 0x0cd8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:23:32.0257 0x0cd8  fvevol - ok
23:23:32.0273 0x0cd8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
23:23:32.0304 0x0cd8  FxPPM - ok
23:23:32.0320 0x0cd8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:23:32.0335 0x0cd8  gagp30kx - ok
23:23:32.0366 0x0cd8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:23:32.0382 0x0cd8  gencounter - ok
23:23:32.0413 0x0cd8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:23:32.0429 0x0cd8  GPIOClx0101 - ok
23:23:32.0507 0x0cd8  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:23:32.0570 0x0cd8  gpsvc - ok
23:23:32.0601 0x0cd8  [ C06C3D6C5A0805B314E3E940632C97CB, 48D14FB139490CE79C03557DEEAC9AA1B3A095A9C517008069F2DBAB8DFE34F5 ] GUBootStartup   C:\WINDOWS\System32\drivers\GUBootStartup.sys
23:23:32.0601 0x0cd8  GUBootStartup - ok
23:23:32.0616 0x0cd8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:23:32.0663 0x0cd8  HDAudBus - ok
23:23:32.0679 0x0cd8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:23:32.0710 0x0cd8  HidBatt - ok
23:23:32.0726 0x0cd8  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:23:32.0741 0x0cd8  HidBth - ok
23:23:32.0773 0x0cd8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:23:32.0788 0x0cd8  hidi2c - ok
23:23:32.0820 0x0cd8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:23:32.0835 0x0cd8  HidIr - ok
23:23:32.0882 0x0cd8  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:23:32.0898 0x0cd8  hidserv - ok
23:23:32.0929 0x0cd8  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
23:23:32.0929 0x0cd8  HIDSwitch - ok
23:23:32.0976 0x0cd8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:23:32.0991 0x0cd8  HidUsb - ok
23:23:33.0038 0x0cd8  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
23:23:33.0054 0x0cd8  hkmsvc - ok
23:23:33.0101 0x0cd8  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:23:33.0132 0x0cd8  HomeGroupListener - ok
23:23:33.0195 0x0cd8  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:23:33.0210 0x0cd8  HomeGroupProvider - ok
23:23:33.0241 0x0cd8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:23:33.0257 0x0cd8  HpSAMD - ok
23:23:33.0304 0x0cd8  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:23:33.0335 0x0cd8  HTTP - ok
23:23:33.0382 0x0cd8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:23:33.0398 0x0cd8  hwpolicy - ok
23:23:33.0398 0x0cd8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:23:33.0413 0x0cd8  hyperkbd - ok
23:23:33.0429 0x0cd8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:23:33.0445 0x0cd8  HyperVideo - ok
23:23:33.0507 0x0cd8  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:23:33.0523 0x0cd8  i8042prt - ok
23:23:33.0538 0x0cd8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:23:33.0554 0x0cd8  iaLPSSi_GPIO - ok
23:23:33.0570 0x0cd8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:23:33.0585 0x0cd8  iaLPSSi_I2C - ok
23:23:33.0616 0x0cd8  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
23:23:33.0632 0x0cd8  iaStorA - ok
23:23:33.0663 0x0cd8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:23:33.0679 0x0cd8  iaStorAV - ok
23:23:33.0726 0x0cd8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:23:33.0741 0x0cd8  iaStorV - ok
23:23:33.0945 0x0cd8  [ BD14C02A9F388CB29620FF68AB6979AD, 1610C888002E1118DFEF86E27462FDBB1F625BD298FC4FCD033FBC76D54EC35E ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160610.001\IDSvia64.sys
23:23:33.0976 0x0cd8  IDSVia64 - ok
23:23:33.0976 0x0cd8  IEEtwCollectorService - ok
23:23:34.0101 0x0cd8  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:23:34.0226 0x0cd8  igfx - ok
23:23:34.0288 0x0cd8  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:23:34.0335 0x0cd8  IKEEXT - ok
23:23:34.0367 0x0cd8  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:23:34.0367 0x0cd8  intaud_WaveExtensible - ok
23:23:34.0476 0x0cd8  [ C9EDE135A702B243DCADEBE913A2087F, E8A6EF5BC2D28D8E40E991DF9B0F8DD22F5B95046E134A5E62F131C94BDF9771 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:23:34.0554 0x0cd8  IntcAzAudAddService - ok
23:23:34.0601 0x0cd8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:23:34.0617 0x0cd8  IntcDAud - ok
23:23:34.0710 0x0cd8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:23:34.0726 0x0cd8  Intel(R) Capability Licensing Service Interface - ok
23:23:34.0820 0x0cd8  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:23:34.0835 0x0cd8  Intel(R) ME Service - ok
23:23:34.0835 0x0cd8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:23:34.0851 0x0cd8  intelide - ok
23:23:34.0882 0x0cd8  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:23:34.0898 0x0cd8  intelpep - ok
23:23:34.0913 0x0cd8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:23:34.0945 0x0cd8  intelppm - ok
23:23:34.0960 0x0cd8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:23:34.0976 0x0cd8  IpFilterDriver - ok
23:23:35.0038 0x0cd8  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:23:35.0085 0x0cd8  iphlpsvc - ok
23:23:35.0132 0x0cd8  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:23:35.0148 0x0cd8  IPMIDRV - ok
23:23:35.0163 0x0cd8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:23:35.0179 0x0cd8  IPNAT - ok
23:23:35.0226 0x0cd8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:23:35.0257 0x0cd8  IRENUM - ok
23:23:35.0288 0x0cd8  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv        C:\WINDOWS\System32\drivers\irstrtdv.sys
23:23:35.0288 0x0cd8  irstrtdv - ok
23:23:35.0382 0x0cd8  [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
23:23:35.0398 0x0cd8  irstrtsv - ok
23:23:35.0429 0x0cd8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:23:35.0429 0x0cd8  isapnp - ok
23:23:35.0492 0x0cd8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:23:35.0507 0x0cd8  iScsiPrt - ok
23:23:35.0523 0x0cd8  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:23:35.0538 0x0cd8  iwdbus - ok
23:23:35.0570 0x0cd8  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:23:35.0585 0x0cd8  jhi_service - ok
23:23:35.0617 0x0cd8  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:23:35.0617 0x0cd8  kbdclass - ok
23:23:35.0679 0x0cd8  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:23:35.0710 0x0cd8  kbdhid - ok
23:23:35.0726 0x0cd8  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
23:23:35.0742 0x0cd8  kbfiltr - ok
23:23:35.0820 0x0cd8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:23:35.0835 0x0cd8  kdnic - ok
23:23:35.0898 0x0cd8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:23:35.0898 0x0cd8  KeyIso - ok
23:23:35.0976 0x0cd8  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:23:35.0976 0x0cd8  KSecDD - ok
23:23:36.0007 0x0cd8  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:23:36.0023 0x0cd8  KSecPkg - ok
23:23:36.0054 0x0cd8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:23:36.0085 0x0cd8  ksthunk - ok
23:23:36.0195 0x0cd8  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:23:36.0210 0x0cd8  KtmRm - ok
23:23:36.0304 0x0cd8  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:23:36.0335 0x0cd8  LanmanServer - ok
23:23:36.0382 0x0cd8  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:23:36.0398 0x0cd8  LanmanWorkstation - ok
23:23:36.0476 0x0cd8  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
23:23:36.0539 0x0cd8  lfsvc - ok
23:23:36.0585 0x0cd8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:23:36.0617 0x0cd8  lltdio - ok
23:23:36.0710 0x0cd8  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:23:36.0742 0x0cd8  lltdsvc - ok
23:23:36.0789 0x0cd8  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:23:36.0820 0x0cd8  lmhosts - ok
23:23:36.0882 0x0cd8  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:23:36.0898 0x0cd8  LMS - ok
23:23:36.0929 0x0cd8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:23:36.0945 0x0cd8  LSI_SAS - ok
23:23:36.0960 0x0cd8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:23:36.0976 0x0cd8  LSI_SAS2 - ok
23:23:36.0992 0x0cd8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:23:37.0007 0x0cd8  LSI_SAS3 - ok
23:23:37.0023 0x0cd8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:23:37.0039 0x0cd8  LSI_SSS - ok
23:23:37.0148 0x0cd8  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
23:23:37.0210 0x0cd8  LSM - ok
23:23:37.0242 0x0cd8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:23:37.0257 0x0cd8  luafv - ok
23:23:37.0445 0x0cd8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0476 0x0cd8  McOobeSv2 - ok
23:23:37.0492 0x0cd8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0492 0x0cd8  mcpltsvc - ok
23:23:37.0507 0x0cd8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McSchedulerSvc  C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0523 0x0cd8  McSchedulerSvc - ok
23:23:37.0585 0x0cd8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:23:37.0601 0x0cd8  megasas - ok
23:23:37.0632 0x0cd8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:23:37.0664 0x0cd8  megasr - ok
23:23:37.0695 0x0cd8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
23:23:37.0695 0x0cd8  MEIx64 - ok
23:23:37.0726 0x0cd8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
23:23:37.0757 0x0cd8  MMCSS - ok
23:23:37.0992 0x0cd8  [ D9652739D1007B9B5CE34CEF38E095C5, 20AFFEA3B2E7F254A58CDD9F4F9D51D94710C20E98A650BE33FD446A474D7D12 ] mmsminisrv      C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
23:23:38.0117 0x0cd8  mmsminisrv - ok
23:23:38.0169 0x0cd8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:23:38.0185 0x0cd8  Modem - ok
23:23:38.0195 0x0cd8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:23:38.0195 0x0cd8  monitor - ok
23:23:38.0227 0x0cd8  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:23:38.0227 0x0cd8  mouclass - ok
23:23:38.0242 0x0cd8  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:23:38.0258 0x0cd8  mouhid - ok
23:23:38.0273 0x0cd8  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:23:38.0289 0x0cd8  mountmgr - ok
23:23:38.0336 0x0cd8  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:23:38.0336 0x0cd8  MozillaMaintenance - ok
23:23:38.0383 0x0cd8  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:23:38.0398 0x0cd8  mpsdrv - ok
23:23:38.0445 0x0cd8  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:23:38.0477 0x0cd8  MpsSvc - ok
23:23:38.0524 0x0cd8  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:23:38.0539 0x0cd8  MRxDAV - ok
23:23:38.0602 0x0cd8  [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:23:38.0633 0x0cd8  mrxsmb - ok
23:23:38.0649 0x0cd8  [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:23:38.0664 0x0cd8  mrxsmb10 - ok
23:23:38.0680 0x0cd8  [ FE219A7107C4BC3BBC35D6CDC281612C, 98CA0FECF1F7269DAED43561FA40AAC1A9456F2C2FE7C1243C628F78864D2F54 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:23:38.0711 0x0cd8  mrxsmb20 - ok
23:23:38.0758 0x0cd8  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
23:23:38.0774 0x0cd8  MsBridge - ok
23:23:38.0820 0x0cd8  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:23:38.0836 0x0cd8  MSDTC - ok
23:23:38.0852 0x0cd8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:23:38.0867 0x0cd8  Msfs - ok
23:23:38.0914 0x0cd8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:23:38.0930 0x0cd8  msgpiowin32 - ok
23:23:38.0945 0x0cd8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:23:38.0961 0x0cd8  mshidkmdf - ok
23:23:38.0961 0x0cd8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:23:38.0977 0x0cd8  mshidumdf - ok
23:23:38.0992 0x0cd8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:23:39.0008 0x0cd8  msisadrv - ok
23:23:39.0055 0x0cd8  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:23:39.0086 0x0cd8  MSiSCSI - ok
23:23:39.0086 0x0cd8  msiserver - ok
23:23:39.0117 0x0cd8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:23:39.0133 0x0cd8  MSKSSRV - ok
23:23:39.0180 0x0cd8  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:23:39.0195 0x0cd8  MsLldp - ok
23:23:39.0211 0x0cd8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:23:39.0227 0x0cd8  MSPCLOCK - ok
23:23:39.0227 0x0cd8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:23:39.0258 0x0cd8  MSPQM - ok
23:23:39.0289 0x0cd8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:23:39.0320 0x0cd8  MsRPC - ok
23:23:39.0336 0x0cd8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:23:39.0336 0x0cd8  mssmbios - ok
23:23:39.0352 0x0cd8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:23:39.0367 0x0cd8  MSTEE - ok
23:23:39.0383 0x0cd8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:23:39.0399 0x0cd8  MTConfig - ok
23:23:39.0445 0x0cd8  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:23:39.0461 0x0cd8  Mup - ok
23:23:39.0492 0x0cd8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:23:39.0508 0x0cd8  mvumis - ok
23:23:39.0617 0x0cd8  [ B3C3841A4A46B88E394C66FDDD786F71, 8854B95F84C33DF228BAC2A458ECE4F0C170E788BF802E76AB952919ACCE50B8 ] N360            C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
23:23:39.0633 0x0cd8  N360 - ok
23:23:39.0695 0x0cd8  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
23:23:39.0711 0x0cd8  napagent - ok
23:23:39.0774 0x0cd8  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:23:39.0789 0x0cd8  NativeWifiP - ok
23:23:39.0899 0x0cd8  [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
23:23:39.0914 0x0cd8  NAUpdate - ok
23:23:40.0024 0x0cd8  [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160612.001\ENG64.SYS
23:23:40.0039 0x0cd8  NAVENG - ok
23:23:40.0102 0x0cd8  [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160612.001\EX64.SYS
23:23:40.0149 0x0cd8  NAVEX15 - ok
23:23:40.0195 0x0cd8  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:23:40.0227 0x0cd8  NcaSvc - ok
23:23:40.0274 0x0cd8  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:23:40.0289 0x0cd8  NcbService - ok
23:23:40.0305 0x0cd8  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:23:40.0336 0x0cd8  NcdAutoSetup - ok
23:23:40.0383 0x0cd8  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:23:40.0430 0x0cd8  NDIS - ok
23:23:40.0461 0x0cd8  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:23:40.0477 0x0cd8  NdisCap - ok
23:23:40.0508 0x0cd8  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:23:40.0524 0x0cd8  NdisImPlatform - ok
23:23:40.0571 0x0cd8  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:23:40.0586 0x0cd8  NdisTapi - ok
23:23:40.0602 0x0cd8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:23:40.0617 0x0cd8  Ndisuio - ok
23:23:40.0633 0x0cd8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:23:40.0633 0x0cd8  NdisVirtualBus - ok
23:23:40.0696 0x0cd8  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:23:40.0727 0x0cd8  NdisWan - ok
23:23:40.0727 0x0cd8  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:23:40.0742 0x0cd8  NdisWanLegacy - ok
23:23:40.0774 0x0cd8  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:23:40.0805 0x0cd8  NDProxy - ok
23:23:40.0836 0x0cd8  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:23:40.0852 0x0cd8  Ndu - ok
23:23:40.0899 0x0cd8  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:23:40.0914 0x0cd8  NetBIOS - ok
23:23:40.0930 0x0cd8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:23:40.0961 0x0cd8  NetBT - ok
23:23:40.0977 0x0cd8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:23:40.0977 0x0cd8  Netlogon - ok
23:23:41.0039 0x0cd8  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
23:23:41.0071 0x0cd8  Netman - ok
23:23:41.0133 0x0cd8  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:23:41.0149 0x0cd8  netprofm - ok
23:23:41.0227 0x0cd8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:41.0227 0x0cd8  NetTcpPortSharing - ok
23:23:41.0258 0x0cd8  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
23:23:41.0274 0x0cd8  netvsc - ok
23:23:41.0305 0x0cd8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:23:41.0336 0x0cd8  NlaSvc - ok
23:23:41.0367 0x0cd8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:23:41.0399 0x0cd8  Npfs - ok
23:23:41.0461 0x0cd8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:23:41.0461 0x0cd8  npsvctrig - ok
23:23:41.0508 0x0cd8  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:23:41.0539 0x0cd8  nsi - ok
23:23:41.0586 0x0cd8  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:23:41.0602 0x0cd8  nsiproxy - ok
23:23:41.0696 0x0cd8  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:23:41.0758 0x0cd8  Ntfs - ok
23:23:41.0774 0x0cd8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:23:41.0789 0x0cd8  Null - ok
23:23:42.0102 0x0cd8  [ EE1B3752121C4B4E8C279A3FB272C136, 7BE853950FD79588A99E4BBCC99FBF1A805B74FA0BB6D2B3232D3132F960C26F ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:23:42.0383 0x0cd8  nvlddmkm - ok
23:23:42.0492 0x0cd8  [ EFF29849069D217B2A3C78206CF5ACA4, 14216D84549F300819B10DA5CEC316DBAA479756FF44E1D4F8E2B377382156AA ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
23:23:42.0492 0x0cd8  nvpciflt - ok
23:23:42.0539 0x0cd8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:23:42.0555 0x0cd8  nvraid - ok
23:23:42.0571 0x0cd8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:23:42.0586 0x0cd8  nvstor - ok
23:23:42.0664 0x0cd8  [ AA1305BD98009DB1766925E335911060, AF57AE2598B000AB615097FD24AD54F4D3E8EAF8880CC0119F1A20E42D67765D ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
23:23:42.0696 0x0cd8  nvsvc - ok
23:23:42.0821 0x0cd8  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:23:42.0852 0x0cd8  nvUpdatusService - ok
23:23:42.0883 0x0cd8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:23:42.0899 0x0cd8  nv_agp - ok
23:23:42.0930 0x0cd8  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:23:42.0946 0x0cd8  ose64 - ok
23:23:43.0008 0x0cd8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:23:43.0024 0x0cd8  p2pimsvc - ok
23:23:43.0086 0x0cd8  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:23:43.0133 0x0cd8  p2psvc - ok
23:23:43.0164 0x0cd8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:23:43.0180 0x0cd8  Parport - ok
23:23:43.0227 0x0cd8  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:23:43.0242 0x0cd8  partmgr - ok
23:23:43.0289 0x0cd8  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:23:43.0321 0x0cd8  PcaSvc - ok
23:23:43.0352 0x0cd8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:23:43.0368 0x0cd8  pci - ok
23:23:43.0399 0x0cd8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:23:43.0399 0x0cd8  pciide - ok
23:23:43.0446 0x0cd8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:23:43.0461 0x0cd8  pcmcia - ok
23:23:43.0477 0x0cd8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:23:43.0477 0x0cd8  pcw - ok
23:23:43.0508 0x0cd8  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:23:43.0524 0x0cd8  pdc - ok
23:23:43.0571 0x0cd8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:23:43.0602 0x0cd8  PEAUTH - ok
23:23:43.0680 0x0cd8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:23:43.0696 0x0cd8  PerfHost - ok
23:23:43.0774 0x0cd8  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
23:23:43.0836 0x0cd8  pla - ok
23:23:43.0868 0x0cd8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:23:43.0883 0x0cd8  PlugPlay - ok
23:23:43.0930 0x0cd8  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:23:43.0946 0x0cd8  PNRPAutoReg - ok
23:23:43.0977 0x0cd8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:23:44.0008 0x0cd8  PNRPsvc - ok
23:23:44.0071 0x0cd8  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:23:44.0086 0x0cd8  PolicyAgent - ok
23:23:44.0118 0x0cd8  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
23:23:44.0149 0x0cd8  Power - ok
23:23:44.0289 0x0cd8  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ]
         

Alt 12.06.2016, 22:31   #7
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Der Report von TDSSKiller.exe - Teil 2:
Code:
ATTFilter
PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:23:44.0383 0x0cd8  PrintNotify - ok
23:23:44.0430 0x0cd8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:23:44.0446 0x0cd8  Processor - ok
23:23:44.0477 0x0cd8  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:23:44.0508 0x0cd8  ProfSvc - ok
23:23:44.0555 0x0cd8  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
23:23:44.0586 0x0cd8  Psched - ok
23:23:44.0633 0x0cd8  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:23:44.0664 0x0cd8  QWAVE - ok
23:23:44.0696 0x0cd8  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:23:44.0711 0x0cd8  QWAVEdrv - ok
23:23:44.0727 0x0cd8  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:23:44.0743 0x0cd8  RasAcd - ok
23:23:44.0789 0x0cd8  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:23:44.0805 0x0cd8  RasAuto - ok
23:23:44.0868 0x0cd8  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:23:44.0899 0x0cd8  RasMan - ok
23:23:44.0930 0x0cd8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:23:44.0961 0x0cd8  RasPppoe - ok
23:23:45.0008 0x0cd8  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:23:45.0039 0x0cd8  rdbss - ok
23:23:45.0086 0x0cd8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:23:45.0102 0x0cd8  rdpbus - ok
23:23:45.0118 0x0cd8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:23:45.0149 0x0cd8  RDPDR - ok
23:23:45.0164 0x0cd8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:23:45.0180 0x0cd8  RdpVideoMiniport - ok
23:23:45.0196 0x0cd8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:23:45.0211 0x0cd8  rdyboost - ok
23:23:45.0274 0x0cd8  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:23:45.0321 0x0cd8  ReFS - ok
23:23:45.0383 0x0cd8  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:23:45.0399 0x0cd8  RemoteAccess - ok
23:23:45.0446 0x0cd8  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:23:45.0461 0x0cd8  RemoteRegistry - ok
23:23:45.0493 0x0cd8  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
23:23:45.0508 0x0cd8  RFCOMM - ok
23:23:45.0524 0x0cd8  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:23:45.0524 0x0cd8  RpcEptMapper - ok
23:23:45.0571 0x0cd8  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:23:45.0571 0x0cd8  RpcLocator - ok
23:23:45.0633 0x0cd8  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:23:45.0664 0x0cd8  RpcSs - ok
23:23:45.0696 0x0cd8  [ 7B386B880EDAD12C5102B448E2A3127C, 9B7906AA6F043533B8665012445D63733C703DB77EAAEFB5985C32437A03D56F ] RSBASTOR        C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
23:23:45.0711 0x0cd8  RSBASTOR - ok
23:23:45.0758 0x0cd8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:23:45.0774 0x0cd8  rspndr - ok
23:23:45.0805 0x0cd8  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:23:45.0836 0x0cd8  RTL8168 - ok
23:23:45.0868 0x0cd8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:23:45.0899 0x0cd8  s3cap - ok
23:23:45.0930 0x0cd8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
23:23:45.0930 0x0cd8  SamSs - ok
23:23:45.0961 0x0cd8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:23:45.0977 0x0cd8  sbp2port - ok
23:23:46.0024 0x0cd8  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:23:46.0055 0x0cd8  SCardSvr - ok
23:23:46.0086 0x0cd8  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:23:46.0118 0x0cd8  ScDeviceEnum - ok
23:23:46.0165 0x0cd8  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:23:46.0180 0x0cd8  scfilter - ok
23:23:46.0227 0x0cd8  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:23:46.0274 0x0cd8  Schedule - ok
23:23:46.0305 0x0cd8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:23:46.0321 0x0cd8  SCPolicySvc - ok
23:23:46.0352 0x0cd8  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:23:46.0368 0x0cd8  sdbus - ok
23:23:46.0415 0x0cd8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:23:46.0430 0x0cd8  sdstor - ok
23:23:46.0461 0x0cd8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
23:23:46.0493 0x0cd8  secdrv - ok
23:23:46.0540 0x0cd8  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:23:46.0571 0x0cd8  seclogon - ok
23:23:46.0618 0x0cd8  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
23:23:46.0633 0x0cd8  SENS - ok
23:23:46.0665 0x0cd8  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:23:46.0696 0x0cd8  SensrSvc - ok
23:23:46.0711 0x0cd8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:23:46.0727 0x0cd8  SerCx - ok
23:23:46.0774 0x0cd8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:23:46.0790 0x0cd8  SerCx2 - ok
23:23:46.0790 0x0cd8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:23:46.0805 0x0cd8  Serenum - ok
23:23:46.0821 0x0cd8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:23:46.0836 0x0cd8  Serial - ok
23:23:46.0868 0x0cd8  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:23:46.0883 0x0cd8  sermouse - ok
23:23:46.0946 0x0cd8  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:23:46.0977 0x0cd8  SessionEnv - ok
23:23:47.0008 0x0cd8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:23:47.0040 0x0cd8  sfloppy - ok
23:23:47.0071 0x0cd8  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:23:47.0102 0x0cd8  SharedAccess - ok
23:23:47.0165 0x0cd8  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:23:47.0196 0x0cd8  ShellHWDetection - ok
23:23:47.0211 0x0cd8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:23:47.0227 0x0cd8  SiSRaid2 - ok
23:23:47.0258 0x0cd8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:23:47.0274 0x0cd8  SiSRaid4 - ok
23:23:47.0352 0x0cd8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:23:47.0368 0x0cd8  SkypeUpdate - ok
23:23:47.0415 0x0cd8  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
23:23:47.0430 0x0cd8  smphost - ok
23:23:47.0493 0x0cd8  [ 67E7E7DB39769F2D8C4DC7BD4EBA02E6, 0FA9E2D4B100AA5BD258B152D1CA7CD7682DF2796584892710F822FEF1AF1A85 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
23:23:47.0508 0x0cd8  snapman - ok
23:23:47.0555 0x0cd8  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:23:47.0586 0x0cd8  SNMPTRAP - ok
23:23:47.0633 0x0cd8  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:23:47.0665 0x0cd8  spaceport - ok
23:23:47.0680 0x0cd8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:23:47.0696 0x0cd8  SpbCx - ok
23:23:47.0758 0x0cd8  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:23:47.0774 0x0cd8  Spooler - ok
23:23:47.0993 0x0cd8  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:23:48.0165 0x0cd8  sppsvc - ok
23:23:48.0305 0x0cd8  [ D6786650A26543FFF83806057458B96E, 1002A5E6338255ACF9E7DD901378CB8BCE0FC6A7503C6D78EEBF8BAD619ECBC4 ] SRTSP           C:\WINDOWS\System32\Drivers\N360x64\1606000.08E\SRTSP64.SYS
23:23:48.0337 0x0cd8  SRTSP - ok
23:23:48.0368 0x0cd8  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS
23:23:48.0383 0x0cd8  SRTSPX - ok
23:23:48.0430 0x0cd8  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:23:48.0462 0x0cd8  srv - ok
23:23:48.0493 0x0cd8  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:23:48.0524 0x0cd8  srv2 - ok
23:23:48.0571 0x0cd8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:23:48.0602 0x0cd8  srvnet - ok
23:23:48.0649 0x0cd8  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:23:48.0665 0x0cd8  SSDPSRV - ok
23:23:48.0712 0x0cd8  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:23:48.0743 0x0cd8  SstpSvc - ok
23:23:48.0758 0x0cd8  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:23:48.0774 0x0cd8  ssudmdm - ok
23:23:48.0790 0x0cd8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:23:48.0805 0x0cd8  stexstor - ok
23:23:48.0852 0x0cd8  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:23:48.0883 0x0cd8  stisvc - ok
23:23:48.0915 0x0cd8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:23:48.0915 0x0cd8  storahci - ok
23:23:48.0962 0x0cd8  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
23:23:48.0962 0x0cd8  storflt - ok
23:23:48.0993 0x0cd8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:23:49.0008 0x0cd8  stornvme - ok
23:23:49.0040 0x0cd8  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:23:49.0071 0x0cd8  StorSvc - ok
23:23:49.0071 0x0cd8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:23:49.0087 0x0cd8  storvsc - ok
23:23:49.0118 0x0cd8  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:23:49.0133 0x0cd8  svsvc - ok
23:23:49.0180 0x0cd8  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:23:49.0196 0x0cd8  swenum - ok
23:23:49.0258 0x0cd8  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
23:23:49.0290 0x0cd8  swprv - ok
23:23:49.0383 0x0cd8  [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI        C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS
23:23:49.0430 0x0cd8  SymEFASI - ok
23:23:49.0462 0x0cd8  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SymELAM.sys
23:23:49.0477 0x0cd8  SymELAM - ok
23:23:49.0524 0x0cd8  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
23:23:49.0524 0x0cd8  SymEvent - ok
23:23:49.0571 0x0cd8  [ EC8538693C84E5B85014CB0F4174A8B7, 570D4193A5616A65962D086048D51C37BE166B77ED7293DF3E8871A502831261 ] SymIRON         C:\WINDOWS\system32\drivers\N360x64\1606000.08E\Ironx64.SYS
23:23:49.0587 0x0cd8  SymIRON - ok
23:23:49.0649 0x0cd8  [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS         C:\WINDOWS\System32\Drivers\N360x64\1606000.08E\SYMNETS.SYS
23:23:49.0665 0x0cd8  SymNetS - ok
23:23:49.0977 0x0cd8  [ C653C8A3D3079A7D03F8DAB6C5FE6DD7, 7A0A6F6697227924F9EEB6CA020D807746FADAEC1D27096A9A9F7FC5B54DC593 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
23:23:50.0196 0x0cd8  syncagentsrv - ok
23:23:50.0305 0x0cd8  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:23:50.0352 0x0cd8  SysMain - ok
23:23:50.0384 0x0cd8  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:23:50.0430 0x0cd8  SystemEventsBroker - ok
23:23:50.0477 0x0cd8  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:23:50.0509 0x0cd8  TabletInputService - ok
23:23:50.0571 0x0cd8  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:23:50.0602 0x0cd8  TapiSrv - ok
23:23:50.0712 0x0cd8  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:23:50.0790 0x0cd8  Tcpip - ok
23:23:50.0837 0x0cd8  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:23:50.0899 0x0cd8  TCPIP6 - ok
23:23:50.0993 0x0cd8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:23:51.0009 0x0cd8  tcpipreg - ok
23:23:51.0055 0x0cd8  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:23:51.0071 0x0cd8  tdx - ok
23:23:51.0102 0x0cd8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:23:51.0118 0x0cd8  terminpt - ok
23:23:51.0180 0x0cd8  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:23:51.0212 0x0cd8  TermService - ok
23:23:51.0259 0x0cd8  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
23:23:51.0274 0x0cd8  Themes - ok
23:23:51.0305 0x0cd8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
23:23:51.0321 0x0cd8  THREADORDER - ok
23:23:51.0399 0x0cd8  [ D66C989F0C86A11472A57963841643D4, B75C1645512DE29281DE28AB125CFB449E75D285BF3EF577FD4A096DF3FF7260 ] tib             C:\WINDOWS\system32\DRIVERS\tib.sys
23:23:51.0430 0x0cd8  tib - ok
23:23:51.0462 0x0cd8  [ 0F9FD35675C7B29AA01DF7CA038FC18C, E0FE87FBD73A9070D6C900BC535B9B99402005957306562CA1D68AB920CB0EE9 ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
23:23:51.0477 0x0cd8  tib_mounter - ok
23:23:51.0524 0x0cd8  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:23:51.0555 0x0cd8  TimeBroker - ok
23:23:51.0618 0x0cd8  [ 21AFBEAC264AB4C6A399E41EF7B2A500, 005089F7F971BED5184A36C6FAE21A68117FB1C017B2F00021FA218131E9AC3A ] tnd             C:\WINDOWS\system32\DRIVERS\tnd.sys
23:23:51.0634 0x0cd8  tnd - ok
23:23:51.0680 0x0cd8  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
23:23:51.0696 0x0cd8  TPM - ok
23:23:51.0743 0x0cd8  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:23:51.0759 0x0cd8  TrkWks - ok
23:23:51.0837 0x0cd8  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:23:51.0868 0x0cd8  TrustedInstaller - ok
23:23:51.0884 0x0cd8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:23:51.0899 0x0cd8  TsUsbFlt - ok
23:23:51.0946 0x0cd8  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:23:51.0962 0x0cd8  TsUsbGD - ok
23:23:52.0009 0x0cd8  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:23:52.0024 0x0cd8  tunnel - ok
23:23:52.0040 0x0cd8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:23:52.0055 0x0cd8  uagp35 - ok
23:23:52.0071 0x0cd8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:23:52.0071 0x0cd8  UASPStor - ok
23:23:52.0118 0x0cd8  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
23:23:52.0134 0x0cd8  UCX01000 - ok
23:23:52.0165 0x0cd8  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:23:52.0180 0x0cd8  udfs - ok
23:23:52.0196 0x0cd8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:23:52.0212 0x0cd8  UEFI - ok
23:23:52.0259 0x0cd8  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:23:52.0290 0x0cd8  UI0Detect - ok
23:23:52.0306 0x0cd8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:23:52.0321 0x0cd8  uliagpkx - ok
23:23:52.0337 0x0cd8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:23:52.0337 0x0cd8  umbus - ok
23:23:52.0368 0x0cd8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:23:52.0384 0x0cd8  UmPass - ok
23:23:52.0431 0x0cd8  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:23:52.0462 0x0cd8  UmRdpService - ok
23:23:52.0571 0x0cd8  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:23:52.0587 0x0cd8  UNS - ok
23:23:52.0649 0x0cd8  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:23:52.0665 0x0cd8  upnphost - ok
23:23:52.0712 0x0cd8  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:23:52.0727 0x0cd8  usbaudio - ok
23:23:52.0759 0x0cd8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:23:52.0774 0x0cd8  usbccgp - ok
23:23:52.0790 0x0cd8  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:23:52.0806 0x0cd8  usbcir - ok
23:23:52.0852 0x0cd8  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:23:52.0868 0x0cd8  usbehci - ok
23:23:52.0899 0x0cd8  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:23:52.0931 0x0cd8  usbhub - ok
23:23:52.0946 0x0cd8  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:23:52.0977 0x0cd8  USBHUB3 - ok
23:23:52.0993 0x0cd8  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:23:53.0009 0x0cd8  usbohci - ok
23:23:53.0056 0x0cd8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:23:53.0071 0x0cd8  usbprint - ok
23:23:53.0102 0x0cd8  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:23:53.0118 0x0cd8  usbscan - ok
23:23:53.0165 0x0cd8  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:23:53.0181 0x0cd8  USBSTOR - ok
23:23:53.0212 0x0cd8  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:23:53.0243 0x0cd8  usbuhci - ok
23:23:53.0290 0x0cd8  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:23:53.0321 0x0cd8  usbvideo - ok
23:23:53.0352 0x0cd8  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:23:53.0368 0x0cd8  USBXHCI - ok
23:23:53.0384 0x0cd8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:23:53.0399 0x0cd8  VaultSvc - ok
23:23:53.0415 0x0cd8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:23:53.0431 0x0cd8  vdrvroot - ok
23:23:53.0509 0x0cd8  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
23:23:53.0571 0x0cd8  vds - ok
23:23:53.0587 0x0cd8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:23:53.0602 0x0cd8  VerifierExt - ok
23:23:53.0665 0x0cd8  [ 5DB4AFA10A488EC4DDB3DA09B0425BE5, 480AFB6A6BCC95E86C5087C3D9DCD6058D48659A5A63F524A0B9ED3A8FEF6B9B ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:23:53.0696 0x0cd8  vhdmp - ok
23:23:53.0712 0x0cd8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
23:23:53.0727 0x0cd8  viaide - ok
23:23:53.0759 0x0cd8  [ 593D66A1424176B07E1E04B581C636C2, D4E1FA96A1A24DD3EEB3FAB0F32C702C5A621F633007B3D7874995C77CB116E5 ] virtual_file    C:\WINDOWS\system32\DRIVERS\virtual_file.sys
23:23:53.0774 0x0cd8  virtual_file - ok
23:23:53.0806 0x0cd8  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:23:53.0821 0x0cd8  vmbus - ok
23:23:53.0852 0x0cd8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:23:53.0868 0x0cd8  VMBusHID - ok
23:23:53.0915 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:23:53.0962 0x0cd8  vmicguestinterface - ok
23:23:53.0962 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:23:53.0993 0x0cd8  vmicheartbeat - ok
23:23:54.0009 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:23:54.0024 0x0cd8  vmickvpexchange - ok
23:23:54.0040 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:23:54.0056 0x0cd8  vmicrdv - ok
23:23:54.0071 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:23:54.0102 0x0cd8  vmicshutdown - ok
23:23:54.0102 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:23:54.0134 0x0cd8  vmictimesync - ok
23:23:54.0149 0x0cd8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:23:54.0165 0x0cd8  vmicvss - ok
23:23:54.0212 0x0cd8  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:23:54.0212 0x0cd8  volmgr - ok
23:23:54.0227 0x0cd8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:23:54.0259 0x0cd8  volmgrx - ok
23:23:54.0274 0x0cd8  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:23:54.0290 0x0cd8  volsnap - ok
23:23:54.0337 0x0cd8  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:23:54.0352 0x0cd8  vpci - ok
23:23:54.0415 0x0cd8  [ 82893A9942BE0104A914DAD7BE8C05F6, 4864CA51B1C83FF62674F5EF67A8AFC63477BE869D4A3F340ACF4FFA0FACD82C ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
23:23:54.0446 0x0cd8  vpnagent - ok
23:23:54.0462 0x0cd8  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
23:23:54.0477 0x0cd8  vpnva - ok
23:23:54.0509 0x0cd8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:23:54.0509 0x0cd8  vsmraid - ok
23:23:54.0587 0x0cd8  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
23:23:54.0634 0x0cd8  VSS - ok
23:23:54.0665 0x0cd8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:23:54.0681 0x0cd8  VSTXRAID - ok
23:23:54.0774 0x0cd8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:23:54.0790 0x0cd8  vwifibus - ok
23:23:54.0821 0x0cd8  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:23:54.0837 0x0cd8  vwififlt - ok
23:23:54.0868 0x0cd8  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:23:54.0884 0x0cd8  vwifimp - ok
23:23:54.0931 0x0cd8  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
23:23:54.0993 0x0cd8  W32Time - ok
23:23:55.0024 0x0cd8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:23:55.0040 0x0cd8  WacomPen - ok
23:23:55.0134 0x0cd8  [ BC9ECDD7276B4A890607B6343E7DBE51, 7C795D7AF2EA9711777D027311E81173CC7B3344B3071BA63EAEFE98A6B56060 ] WakeupService   C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
23:23:55.0149 0x0cd8  WakeupService - ok
23:23:55.0227 0x0cd8  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:23:55.0274 0x0cd8  wbengine - ok
23:23:55.0321 0x0cd8  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:23:55.0353 0x0cd8  WbioSrvc - ok
23:23:55.0415 0x0cd8  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:23:55.0431 0x0cd8  Wcmsvc - ok
23:23:55.0462 0x0cd8  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:23:55.0478 0x0cd8  wcncsvc - ok
23:23:55.0524 0x0cd8  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:23:55.0556 0x0cd8  WcsPlugInService - ok
23:23:55.0618 0x0cd8  WD Backup Drive Helper - ok
23:23:55.0618 0x0cd8  WD Backup Snapshot - ok
23:23:55.0649 0x0cd8  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:23:55.0665 0x0cd8  WdBoot - ok
23:23:55.0696 0x0cd8  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
23:23:55.0712 0x0cd8  WDC_SAM - ok
23:23:55.0821 0x0cd8  [ 09FA7160B29CF6EB198387F62CEB4540, ECAF9409D98EEF94731F48EE1013ABF64D29F916470CEB78055C4BC2B772CFB9 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
23:23:55.0821 0x0cd8  WDDriveService - ok
23:23:55.0868 0x0cd8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:23:55.0884 0x0cd8  Wdf01000 - ok
23:23:55.0931 0x0cd8  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:23:55.0946 0x0cd8  WdFilter - ok
23:23:55.0978 0x0cd8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:23:56.0009 0x0cd8  WdiServiceHost - ok
23:23:56.0009 0x0cd8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:23:56.0024 0x0cd8  WdiSystemHost - ok
23:23:56.0056 0x0cd8  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:23:56.0071 0x0cd8  WdNisDrv - ok
23:23:56.0103 0x0cd8  WdNisSvc - ok
23:23:56.0134 0x0cd8  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:23:56.0165 0x0cd8  WebClient - ok
23:23:56.0212 0x0cd8  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:23:56.0243 0x0cd8  Wecsvc - ok
23:23:56.0274 0x0cd8  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:23:56.0290 0x0cd8  WEPHOSTSVC - ok
23:23:56.0337 0x0cd8  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:23:56.0368 0x0cd8  wercplsupport - ok
23:23:56.0399 0x0cd8  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:23:56.0415 0x0cd8  WerSvc - ok
23:23:56.0462 0x0cd8  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:23:56.0478 0x0cd8  WFPLWFS - ok
23:23:56.0509 0x0cd8  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:23:56.0524 0x0cd8  WiaRpc - ok
23:23:56.0540 0x0cd8  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:23:56.0556 0x0cd8  WIMMount - ok
23:23:56.0556 0x0cd8  WinDefend - ok
23:23:56.0618 0x0cd8  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:23:56.0649 0x0cd8  WinHttpAutoProxySvc - ok
23:23:56.0728 0x0cd8  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:23:56.0743 0x0cd8  Winmgmt - ok
23:23:56.0837 0x0cd8  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:23:56.0931 0x0cd8  WinRM - ok
23:23:56.0978 0x0cd8  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
23:23:56.0993 0x0cd8  WinUsb - ok
23:23:57.0087 0x0cd8  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:23:57.0149 0x0cd8  WlanSvc - ok
23:23:57.0228 0x0cd8  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:23:57.0274 0x0cd8  wlidsvc - ok
23:23:57.0306 0x0cd8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:23:57.0321 0x0cd8  WmiAcpi - ok
23:23:57.0368 0x0cd8  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:23:57.0384 0x0cd8  wmiApSrv - ok
23:23:57.0400 0x0cd8  WMPNetworkSvc - ok
23:23:57.0478 0x0cd8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:23:57.0493 0x0cd8  Wof - ok
23:23:57.0556 0x0cd8  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:23:57.0634 0x0cd8  workfolderssvc - ok
23:23:57.0681 0x0cd8  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:23:57.0681 0x0cd8  wpcfltr - ok
23:23:57.0728 0x0cd8  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
23:23:57.0743 0x0cd8  WPCSvc - ok
23:23:57.0775 0x0cd8  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:23:57.0806 0x0cd8  WPDBusEnum - ok
23:23:57.0853 0x0cd8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:23:57.0868 0x0cd8  WpdUpFltr - ok
23:23:57.0900 0x0cd8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:23:57.0915 0x0cd8  ws2ifsl - ok
23:23:57.0962 0x0cd8  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:23:57.0978 0x0cd8  wscsvc - ok
23:23:57.0978 0x0cd8  WSearch - ok
23:23:58.0134 0x0cd8  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
23:23:58.0243 0x0cd8  WSService - ok
23:23:58.0368 0x0cd8  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:23:58.0493 0x0cd8  wuauserv - ok
23:23:58.0540 0x0cd8  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:23:58.0556 0x0cd8  WudfPf - ok
23:23:58.0603 0x0cd8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0634 0x0cd8  WUDFRd - ok
23:23:58.0681 0x0cd8  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:23:58.0696 0x0cd8  wudfsvc - ok
23:23:58.0712 0x0cd8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0728 0x0cd8  WUDFWpdFs - ok
23:23:58.0743 0x0cd8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0759 0x0cd8  WUDFWpdMtp - ok
23:23:58.0821 0x0cd8  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:23:58.0837 0x0cd8  WwanSvc - ok
23:23:58.0915 0x0cd8  [ 03CD249A16CF815FFFD347DC61EF9E6D, 3DE860B1BACF3F1D48B773FD6F4E25977F5193F01897278AED6CD276595356CE ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:23:58.0915 0x0cd8  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
23:24:01.0243 0x0cd8  Detect skipped due to KSN trusted
23:24:01.0243 0x0cd8  ZAtheros Bt and Wlan Coex Agent - ok
23:24:01.0259 0x0cd8  ================ Scan global ===============================
23:24:01.0337 0x0cd8  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
23:24:01.0368 0x0cd8  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
23:24:01.0400 0x0cd8  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
23:24:01.0447 0x0cd8  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
23:24:01.0447 0x0cd8  [ Global ] - ok
23:24:01.0447 0x0cd8  ================ Scan MBR ==================================
23:24:01.0462 0x0cd8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:24:01.0556 0x0cd8  \Device\Harddisk0\DR0 - ok
23:24:01.0556 0x0cd8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:24:01.0618 0x0cd8  \Device\Harddisk1\DR1 - ok
23:24:01.0618 0x0cd8  ================ Scan VBR ==================================
23:24:01.0618 0x0cd8  [ ABB2ED13517D3EEC809D92F8861E5205 ] \Device\Harddisk0\DR0\Partition1
23:24:01.0650 0x0cd8  \Device\Harddisk0\DR0\Partition1 - ok
23:24:01.0650 0x0cd8  [ D51B264373F707DD420F0E452603725D ] \Device\Harddisk0\DR0\Partition2
23:24:01.0665 0x0cd8  \Device\Harddisk0\DR0\Partition2 - ok
23:24:01.0681 0x0cd8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:24:01.0681 0x0cd8  \Device\Harddisk0\DR0\Partition3 - ok
23:24:01.0697 0x0cd8  [ 30C4071CF787D3945010B44D4AF6EF2C ] \Device\Harddisk0\DR0\Partition4
23:24:01.0712 0x0cd8  \Device\Harddisk0\DR0\Partition4 - ok
23:24:01.0728 0x0cd8  [ E7C044AB859298824EB70E8932B74D74 ] \Device\Harddisk0\DR0\Partition5
23:24:01.0743 0x0cd8  \Device\Harddisk0\DR0\Partition5 - ok
23:24:01.0759 0x0cd8  [ 1A3AC4C75D08CAC5BF2A7EB14224F83E ] \Device\Harddisk0\DR0\Partition6
23:24:01.0759 0x0cd8  \Device\Harddisk0\DR0\Partition6 - ok
23:24:01.0790 0x0cd8  [ 96BE788D53F74506713C6120F12E7A36 ] \Device\Harddisk0\DR0\Partition7
23:24:01.0806 0x0cd8  \Device\Harddisk0\DR0\Partition7 - ok
23:24:01.0806 0x0cd8  [ 4442C0A6C04745FB6E5882AD4133A05F ] \Device\Harddisk1\DR1\Partition1
23:24:01.0806 0x0cd8  \Device\Harddisk1\DR1\Partition1 - ok
23:24:01.0806 0x0cd8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
23:24:01.0806 0x0cd8  \Device\Harddisk1\DR1\Partition2 - ok
23:24:01.0822 0x0cd8  ================ Scan generic autorun ======================
23:24:01.0853 0x0cd8  [ E55DEA605DB147818E2F2F53F16C0373, FDCF546E37CABB587F0C7A599887EB487CC2DBD9B966EE9EA463B6E5F724E493 ] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
23:24:01.0868 0x0cd8  DptfPolicyLpmServiceHelper - ok
23:24:01.0962 0x0cd8  [ 2C5E357DFA60AA683B27E3C1F47B32F8, 67EB765BBA12E91AC30C008043F3B0DF4AB36324747531A141F54A12558AEA65 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:24:02.0009 0x0cd8  NvBackend - ok
23:24:02.0118 0x0cd8  [ DFE7FD46194D1711DA45EFDF02B78BD9, 5BF9AFAAE5835F6FFA47638BCA3C85B555C9C7042287877E4E2B666A7A0D06E2 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
23:24:02.0134 0x0cd8  Acronis Scheduler2 Service - ok
23:24:02.0150 0x0cd8  mcui_exe - ok
23:24:02.0165 0x0cd8  ATLauncher - ok
23:24:02.0243 0x0cd8  [ 9183CA92DF1584158C79E9A69325EB43, 943CFFE0E9DE7342503CE81FAB4AD4B4B3A3BB65CC0BDFDFD0ED51BAAEA2A80E ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
23:24:02.0275 0x0cd8  Cisco AnyConnect Secure Mobility Agent for Windows - ok
23:24:02.0384 0x0cd8  [ 0502B22B2B6377D076EE3A205A44981D, 81E3E8742BB1AF883C02EF708A67CE82DB99AA3AE375F148857A6DCA87DB5450 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
23:24:02.0400 0x0cd8  DivXMediaServer - ok
23:24:02.0494 0x0cd8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
23:24:02.0494 0x0cd8  HP Software Update - ok
23:24:02.0572 0x0cd8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:24:02.0619 0x0cd8  WAB Migrate - ok
23:24:02.0650 0x0cd8  [ 2545DB0FC7229CE566B4F0F6E72E6C3A, F7E703A687C741905F17BFE39E7A6022D2142E9E16922546DFC5A23D1B184348 ] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
23:24:02.0665 0x0cd8  GUDelayStartup - ok
23:24:02.0697 0x0cd8  Skype - ok
23:24:02.0728 0x0cd8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:24:02.0744 0x0cd8  WAB Migrate - ok
23:24:02.0744 0x0cd8  Waiting for KSN requests completion. In queue: 177
23:24:03.0759 0x0cd8  Waiting for KSN requests completion. In queue: 177
23:24:04.0775 0x0cd8  Waiting for KSN requests completion. In queue: 9
23:24:05.0791 0x0cd8  AV detected via SS2: Norton 360 Premier, C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51000 ( enabled : updated )
23:24:05.0853 0x0cd8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
23:24:05.0853 0x0cd8  FW detected via SS2: Norton 360 Premier, C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51010 ( enabled )
23:24:08.0213 0x0cd8  ============================================================
23:24:08.0213 0x0cd8  Scan finished
23:24:08.0213 0x0cd8  ============================================================
23:24:08.0213 0x1798  Detected object count: 1
23:24:08.0213 0x1798  Actual detected object count: 1
23:24:21.0448 0x1798  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:24:21.0448 0x1798  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 13.06.2016, 07:48   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Programme sollten nicht gelöscht werden, sondern deinstalliert.

Schritt 1

Bitte deinstalliere folgende Programme:

MyFreeCodec


Versuche es bei Windows 8 mit der Windowstaste + X über .

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt 4

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 13.06.2016, 15:58   #9
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Ja, bei einzelnen Programmen ist mir das klar, bei etwas so Großem wusste ich nicht wie.

Die empohlenen Schritte führe ich gleich aus, dafür deaktiviere ich Norton vorher, oder?

Von Norton kam als ich den PC hochfuhr diese Meldung:
Code:
ATTFilter
Behobene Bedrohungen:
PUA.OpenCandy
 Typ: Anomalie
 Risiko: Gering (Gering Stealth, Gering Entfernen, Gering Leistung, Gering Datenschutz)  
 Kategorien: Sicherheitsrisiko
 Status: Ausgeschlossen
 -----------
 1 Datei
c:\users\mira\downloads\divx35installer.exe - Ausgeschlossen
1 Browser-Cache





Nicht behobene Bedrohungen:
Keine nicht behobenen Risiken
         
Hallo =)

Schritt 1: MyFreeCodec deinstalliert (Über Win + X hat geklappt).

Schritt 2: Logdatei von AdwCleaner.
Code:
ATTFilter
# AdwCleaner v5.119 - Bericht erstellt am 13/06/2016 um 14:02:03
# Aktualisiert am 30/05/2016 von Xplode
# Datenbank : 2016-06-12.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Mira - JAMIE
# Gestartet von : C:\Users\Mira\Desktop\AdwCleaner_5.119.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\myfree codec

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\distromatic
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Mail.Ru
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2993 Bytes] - [13/06/2016 14:02:03]
C:\AdwCleaner\AdwCleaner[S1].txt - [3993 Bytes] - [13/06/2016 14:00:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3139 Bytes] ##########
         
Schritt 3: mbam.txt.
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 13.06.2016
Suchlaufzeit: 14:21
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.13.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Mira

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 442515
Abgelaufene Zeit: 42 Min., 26 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Schritt 4: ESET Logfile.
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# end=init
# utc_time=2016-06-13 01:14:04
# local_time=2016-06-13 03:14:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29780
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# end=updated
# utc_time=2016-06-13 01:16:50
# local_time=2016-06-13 03:16:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# engine=29780
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-13 02:49:18
# local_time=2016-06-13 04:49:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 2753654 228425943 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 26440775 43310490 0 0
# scanned=313318
# found=3
# cleaned=0
# scan_time=5547
sh=761E9515D3C0B4367787308E4379D8FEFCC44A2E ft=1 fh=ce9871a1f6f0d9d8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\League of Legends - CHIP-Installer.exe"
sh=4DA3D9D9B7724364AB692387E1BF9138D0877AC9 ft=1 fh=c50eb51e88beb1dd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe"
sh=85B5BC3DB5A6508AB1FFEFF5813620A4F32F3DC4 ft=1 fh=fa4c3a4b1477c2fe vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\YouTube Downloader HD - CHIP-Installer.exe"
         
Liebe Grüße
Mira

Alt 13.06.2016, 22:10   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



So weit, so gut. Was sagt FB? Tue denen halt den Gefallen und scanne mit deren empfohlenem Programm.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 14.06.2016, 07:47   #11
ShotaB
 
Facebook: "Dein Computer muss gereinigt werden"  - Virus/Malware? - Standard

Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?



Habe den FB-Scanner laufen lassen. Hat (Überraschung) nichts gefunden. Jetzt kann ich mich wieder einloggen.

Vielen Dank dir für die Vorüberprüfung!
lg Mira

Geändert von ShotaB (14.06.2016 um 07:53 Uhr)

Antwort

Themen zu Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?
antivir, antivirus, computer, desktop, dllhost.exe, dnsapi.dll, einlogproblem, facebook, fehlermeldung, firefox, flash player, homepage, installation, malware, malwaremeldung, mozilla, mp3, officejet, problem, prozesse, registry, rundll, security, services.exe, spam, svchost.exe, symantec, system, teamspeak, werden", windows, wlan



Ähnliche Themen: Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?


  1. Facebook einloggen nicht mehr möglich "Dein Computer muss gereinigt werden"
    Plagegeister aller Art und deren Bekämpfung - 23.10.2015 (15)
  2. Facebook einloggen nicht mehr möglich "Dein Computer muss gereinigt werden"
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (1)
  3. Bei Facebook-Anmeldung: "Konto wurde gesperrt, PC muss bereinigt werden"
    Log-Analyse und Auswertung - 17.06.2015 (5)
  4. Facebook Virus "Ihr Computer muss gereinigt werden"
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (34)
  5. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  6. Meldung bei Facebook - Dein Computer muss gereinigt werden
    Log-Analyse und Auswertung - 09.12.2014 (12)
  7. Meldung nach Facebook Login: Dein Computer muss gereinigt werden
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (5)
  8. Facebook: "Dein Computer muss gereinigt werden" (Virus/Malware?)
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (11)
  9. Winlock-Trojaner "Aus Sicherheitsgründen muss Windows blockiert werden"
    Log-Analyse und Auswertung - 23.05.2012 (1)
  10. Bei diversen Programmen "... hat ein Problem festgestellt und muss beendet werden"
    Plagegeister aller Art und deren Bekämpfung - 23.11.2009 (21)
  11. "hat ein Probl. festgestellt u. muss beendet werden" JUSCHED, NERO, WS FTP, etc.
    Log-Analyse und Auswertung - 21.09.2009 (15)
  12. "Ist das dein Video"-Virus
    Log-Analyse und Auswertung - 02.09.2009 (7)
  13. "explorer.exe hat ein Problem festgestellt und muss beendet werden". Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 20.03.2008 (2)
  14. "Programm muss beendet werden"+Unendlich viele Spybot Meldungen!
    Log-Analyse und Auswertung - 02.03.2008 (2)
  15. "Windows muss beendet werden" nach Programminstallierung
    Alles rund um Windows - 27.02.2007 (6)
  16. "Das Programm hat einen Fehler festgestellt und muss beendet werden..."
    Log-Analyse und Auswertung - 07.02.2006 (7)
  17. "ICQLite hat ein Problem festgestellt und muss beendet werden."
    Log-Analyse und Auswertung - 08.07.2005 (1)

Zum Thema Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? - Hallo, vorgestern warnte mich facebook, dass eine facebook-Veranstaltung, die ich teilen wollte, Malware enthielte. Da mehrere meiner Bekannten bereits daran teilnehmen/ sie geteilt haben, dachte ich, dass es eine fehlerhafte - Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?...
Archiv
Du betrachtest: Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.