Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PCKeeper und Spacekace auf W7 Prof gefunden.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.10.2016, 12:49   #1
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Cool

PCKeeper und Spacekace auf W7 Prof gefunden.



Ich habe seit Gestern auf dem Rechner das Phänomen das Websites auf Werbung umgeleitet wird. Habe alles gescannt mit Kaspesky, SpyBot, sowie TDSSKiller / ADWCleaner / MBAM und JRT. Nun sind die Probleme verschwunden, habe aber noch den Ordner Spacekace mit der Datei staticbuild-log.log drin. Habe nun alles nochmals mit First gescannt. Könnt Ihr die Logs mal ansehen? Danke!
Angehängte Dateien
Dateityp: txt FRST.txt (69,3 KB, 59x aufgerufen)
Dateityp: txt Addition.txt (57,5 KB, 84x aufgerufen)

Alt 25.10.2016, 13:44   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 25.10.2016, 14:42   #3
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

Versuch Logs richtig zu posten: First.txt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2016
durchgeführt von Markusli (Administrator) auf MARKUSW (25-10-2016 12:14:15)
Gestartet von C:\Users\Markusli\Downloads\Tools\ScannerTools
Geladene Profile: Markusli (Verfügbare Profile: Markusli & brigitta & Administrator)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Garmin Ltd. or its subsidiaries) C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Dropbox, Inc.) C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5970024 2011-08-21] (Acronis)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-02] (UltimateOutsider)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-18] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25] (Logitech, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [EPSON BX300F Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928 2008-01-22] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [Dropbox Update] => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [CodeTwo Email Signatures] => C:\Users\Markusli\AppData\Local\Programs\CodeTwo\Email Signatures Client App\EmailSignatures.Client.exe [513256 2015-02-10] (CodeTwo)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
Startup: C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-07-10]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-16]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Keine Datei)
Startup: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-10-11]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7DFDA5D0-939A-46B8-A757-2A7B993185E3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ww7.autotask.net/
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO)
BHO: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Kein Name -> {53707962-6F74-2D53-2644-206D7942484F} -> Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-03] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-03] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-95033592-1126372089-4278029988-1000 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Keine Datei
Toolbar: HKU\S-1-5-21-95033592-1126372089-4278029988-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
DPF: {2685176A-3502-47BB-B91D-BD28CA2A06A0} hxxps://www.autotask.net/Public/BrowserDetect/AT_ActiveX_Test.CAB
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} 
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540002} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540003} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: d4zn4vbf.default-1392138883385
FF ProfilePath: C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385 [2016-10-25]
FF Extension: (IE Tab +) - C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385\Extensions\coralietab@mozdev.org [2016-04-28]
FF Extension: (Google Analytics Debugger) - C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385\Extensions\gadebugger@browserextensions.keithclark.co.uk.xpi [2016-08-18]
FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-10-06] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-28] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-28] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-11-06] (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-28] ()
FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-03] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-03] (Microsoft Corporation)
FF Plugin: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-18] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.ch/
CHR StartupUrls: Default -> "hxxp://www.googlewatchblog.de/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\pdf.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll => Keine Datei
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Program Files\Mozilla Firefox\plugins\NPPDLicenseHelper.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll => Keine Datei
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Markusli\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Profile: C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default [2016-10-25]
CHR Extension: (All Java Sources) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleifhehdjlljnlbaplopcbnbgifpphg [2015-05-12]
CHR Extension: (YouTube) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (CallVia3CX) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhghpchainbpodkpnhppcoefnbjaonj [2016-10-18]
CHR Extension: (Google-Suche) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-02]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-05-12]
CHR Extension: (Stylish) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-05]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-06-14]
CHR Extension: (Balsamiq Mockups 3 (FREE TRIAL)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedapplgopkgngalkbailjoikghljkki [2016-10-11]
CHR Extension: (WhatFont) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-16]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-07-08]
CHR Extension: (Skype) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-21]
CHR Extension: (Google Maps) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-19]
CHR Extension: (Simple Bookmarks) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg [2016-08-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Audio Converter) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2016-07-10]
CHR Extension: (Long Tail Keyword Tool Pro) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgaibbfggpdeokldjpldejliojjedep [2015-05-12]
CHR Extension: (Google Mail) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-26]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [809224 2011-08-21] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-02-22] () [Datei ist nicht signiert]
R2 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-18] (Adobe Systems Incorporated)
S3 AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [61440 2003-10-13] (Adobe Sytems) [Datei ist nicht signiert]
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3446736 2011-12-13] (Acronis)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S4 Bdahstsvcrvp; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2115840 2016-10-03] (Microsoft Corporation)
R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2010-02-15] () [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [5787584 2011-09-19] (Acronis)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [327368 2010-07-09] (BitDefender)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [Datei ist nicht signiert]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [119816 2015-02-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [36536 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [673976 2015-03-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [64200 2015-02-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.)
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2012-11-28] (TeamViewer GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [766208 2011-12-13] (Acronis)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [902432 2010-02-13] (Acronis)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2013-10-17] (TeamViewer GmbH)
R2 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [253072 2010-07-27] (BitDefender S.R.L.) [Datei ist nicht signiert]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [Datei ist nicht signiert]
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [126112 2011-12-13] (Acronis)
R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [84512 2011-12-13] (Acronis)
S3 bdselfpr; \??\C:\Users\WYSSMA~1\AppData\Local\Temp\RarSFX0\bdselfpr.sys [X]
S1 MoboroboAssDriver; SysWOW64\drivers\MoboroboAssDriver64.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-25 12:14 - 2016-10-25 12:14 - 00000000 ____D C:\FRST
2016-10-25 09:51 - 2016-10-25 09:51 - 00153784 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\FDBC21FD.sys
2016-10-25 09:42 - 2016-10-25 09:42 - 00002658 _____ C:\Users\Markusli\Desktop\JRT.txt
2016-10-25 08:54 - 2016-10-25 11:39 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 08:53 - 2016-10-25 08:53 - 00001060 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-10-25 08:53 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-25 08:53 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-25 08:53 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-25 08:34 - 2016-10-25 09:44 - 00000000 ____D C:\AdwCleaner
2016-10-24 20:55 - 2016-09-15 16:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-10-24 20:55 - 2016-09-13 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-10-24 20:55 - 2016-09-09 20:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-10-24 20:55 - 2016-08-21 15:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-10-24 20:05 - 2016-10-24 20:05 - 00000000 ____D C:\KVRT_Data
2016-10-24 20:04 - 2016-10-24 20:04 - 100788056 _____ (Kaspersky Lab ZAO) C:\Users\brigitta\Downloads\KVRT.exe
2016-10-23 10:36 - 2016-10-23 10:36 - 02137477 _____ C:\Users\Markusli\Desktop\CARTEC-WheelDoctor.pdf
2016-10-21 13:42 - 2016-10-21 13:42 - 00176226 _____ C:\Users\Markusli\Downloads\Nutzungsbestimmungen_Valiant_DE (1).pdf
2016-10-21 13:40 - 2016-10-21 13:40 - 00152260 _____ C:\Users\Markusli\Downloads\Brief_D.pdf
2016-10-21 13:37 - 2016-10-21 13:37 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-10-21 13:37 - 2016-10-21 13:37 - 00001107 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-10-20 15:27 - 2016-10-20 15:27 - 00106295 _____ C:\Users\Markusli\Downloads\Ausstellungsflyer.pdf
2016-10-20 15:27 - 2016-10-20 15:27 - 00106295 _____ C:\Users\Markusli\Downloads\Ausstellungsflyer (1).pdf
2016-10-20 15:01 - 2016-10-20 15:01 - 00008406 _____ C:\Users\Markusli\Downloads\test3.pdf
2016-10-20 15:01 - 2016-10-20 15:01 - 00008406 _____ C:\Users\Markusli\Downloads\test3 (1).pdf
2016-10-20 10:57 - 2016-10-20 10:57 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign84fa37de6054094e
2016-10-20 10:57 - 2016-10-20 10:57 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign508c0fe5c3bb4564
2016-10-19 23:09 - 2016-10-19 23:09 - 00000000 ____D C:\Windows\system32\Neuer Ordner
2016-10-18 14:45 - 2016-10-18 14:45 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign70553ae5ee3b2b52
2016-10-18 13:42 - 2016-10-18 13:42 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-10-15 19:18 - 2016-10-15 19:18 - 00200430 _____ C:\Users\brigitta\Downloads\Fachfrau_mann Gesundheit EFZ_60-100%.pdf
2016-10-15 18:51 - 2016-10-15 18:51 - 00000000 ____D C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-14 16:17 - 2016-10-14 16:17 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-14 15:25 - 2016-10-14 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsigna1790ed0c5442326
2016-10-14 15:25 - 2016-10-14 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign4eb7d306786be687
2016-10-14 09:50 - 2016-10-14 09:50 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign915d0e6b59da9f94
2016-10-14 09:49 - 2016-10-14 09:49 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign72fb5a96292f0196
2016-10-14 09:49 - 2016-10-14 09:49 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign588ea06d0e35c97b
2016-10-14 09:12 - 2016-09-12 22:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-14 09:12 - 2016-09-12 22:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-14 09:12 - 2016-09-09 17:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-14 09:12 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-14 09:12 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-14 09:12 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-14 09:12 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-14 09:12 - 2016-08-16 22:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-14 09:12 - 2016-08-16 22:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-14 09:12 - 2016-08-16 22:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-14 09:12 - 2016-08-16 22:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-14 09:12 - 2016-08-16 22:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-14 09:12 - 2016-08-16 22:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-14 09:12 - 2016-08-16 22:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-13 18:05 - 2016-10-13 18:05 - 00000000 ____D C:\Users\Markusli\Downloads\specimen_files
2016-10-13 17:40 - 2016-10-13 17:41 - 00000000 ____D C:\Users\Markusli\Downloads\FFFago
2016-10-13 15:27 - 2016-10-13 15:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignb406a27479eb4f9e
2016-10-13 15:25 - 2016-10-13 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignfea8baf83151965b
2016-10-13 15:25 - 2016-10-13 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign4c7e5a0eec404810
2016-10-13 10:55 - 2016-10-13 10:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign80de9a5bb2d5caf2
2016-10-13 10:53 - 2016-10-13 10:53 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign8f3c3eb662157b9e
2016-10-13 10:53 - 2016-10-13 10:53 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign21e7572e9ef18e36
2016-10-13 08:16 - 2016-10-13 08:16 - 00000393 _____ C:\Users\Markusli\Downloads\EmailFormData_13_10_2016_UID_1.xml
2016-10-13 08:15 - 2016-10-13 08:15 - 00001274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5 (32 Bit).lnk
2016-10-12 09:56 - 2016-10-12 09:56 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign7b2adde925eb3daf
2016-10-12 09:55 - 2016-10-12 09:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign784ce3f43dda2c9a
2016-10-12 09:55 - 2016-10-12 09:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign3b8aeab48aaba224
2016-10-12 09:46 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 09:46 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-12 09:46 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 09:46 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-12 09:46 - 2016-09-30 07:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 09:46 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 09:46 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 09:46 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-12 09:46 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-12 09:46 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-12 09:46 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-12 09:46 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 09:46 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-12 09:46 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-12 09:46 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-12 09:46 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 09:46 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-12 09:46 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-12 09:46 - 2016-09-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-12 09:46 - 2016-09-30 07:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 09:46 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-12 09:46 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-12 09:46 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 09:46 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-12 09:46 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-12 09:46 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-12 09:46 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-12 09:46 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 09:46 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-12 09:46 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 09:46 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-12 09:46 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 09:46 - 2016-09-30 07:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 09:46 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 09:46 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 09:46 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 09:46 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 09:46 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 09:46 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-12 09:46 - 2016-09-12 22:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-12 09:46 - 2016-09-12 22:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-12 09:46 - 2016-09-12 22:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-12 09:46 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-12 09:46 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-12 09:46 - 2016-09-12 22:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 09:46 - 2016-09-12 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-12 09:46 - 2016-09-12 22:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-12 09:46 - 2016-09-12 22:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-12 09:46 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-12 09:46 - 2016-09-12 22:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-12 09:46 - 2016-09-12 22:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-12 09:46 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 09:46 - 2016-09-12 21:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 09:46 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 09:46 - 2016-09-09 20:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-12 09:46 - 2016-09-09 20:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-12 09:46 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-12 09:46 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-12 09:46 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-12 09:46 - 2016-09-09 19:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-12 09:46 - 2016-09-09 19:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-12 09:46 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-12 09:46 - 2016-09-09 19:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 09:46 - 2016-09-09 19:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-12 09:46 - 2016-09-09 19:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-12 09:46 - 2016-09-09 19:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 09:46 - 2016-09-09 19:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-12 09:46 - 2016-09-09 19:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-12 09:46 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 09:46 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 09:46 - 2016-09-08 16:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 09:46 - 2016-09-08 16:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 09:46 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 09:46 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 09:46 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 09:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 09:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 09:46 - 2016-08-12 18:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 09:46 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 09:46 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 09:46 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 09:46 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 09:46 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 09:46 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 09:46 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 09:46 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 09:46 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-12 09:46 - 2016-06-14 17:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 09:46 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 09:46 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 09:46 - 2016-06-14 17:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 09:46 - 2016-06-14 17:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 09:46 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 09:46 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 09:46 - 2016-06-14 17:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 09:46 - 2016-06-14 16:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 09:46 - 2016-06-14 16:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 09:46 - 2016-06-14 16:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignb54e5819f0913fcd
2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign13d3e7dbd8ea765e
2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign1246b9e1debc113a
2016-10-11 17:00 - 2016-10-11 17:00 - 02525243 _____ C:\Users\Markusli\Downloads\tcs-winterreifentest-2016-resultate.pdf
2016-10-11 17:00 - 2016-10-11 17:00 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de (2).pdf
2016-10-11 16:42 - 2016-10-11 16:42 - 00159808 _____ C:\Users\Markusli\Downloads\Invoice no. 60172138.pdf
2016-10-11 11:05 - 2016-10-11 11:05 - 00000000 ____D C:\Users\Markusli\.cnlab
2016-10-11 11:04 - 2016-10-11 11:04 - 00002067 _____ C:\Users\Markusli\Desktop\cnlabSpeedTest.lnk
2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG
2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Local\cnlabSpeedTest
2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\.oracle_jre_usage
2016-10-09 20:20 - 2016-10-09 20:25 - 01598396 _____ C:\Users\Markusli\Desktop\RechnungSTRaphael010.pdf
2016-10-09 20:16 - 2016-10-09 20:16 - 00348099 _____ C:\Users\Markusli\Desktop\RechnungDyson009.pdf
2016-10-09 14:11 - 2016-10-09 14:11 - 00092992 _____ C:\Users\brigitta\Downloads\2016_09_29-1-Einzelanzeige.pdf
2016-10-07 09:33 - 2016-10-25 08:03 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-10-06 18:36 - 2016-10-09 11:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-04 09:17 - 2016-10-04 09:17 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignef81189e91c568da
2016-10-04 09:16 - 2016-10-04 09:16 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsigne071913efe331e88
2016-10-04 09:16 - 2016-10-04 09:16 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign6064faa39ebcbcc6
2016-10-04 08:47 - 2016-10-04 08:47 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignc5b0fb80461fef43
2016-10-04 08:47 - 2016-10-04 08:47 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign1d8f09451e3d1bd7
2016-10-04 08:40 - 2016-10-09 20:14 - 00116903 _____ C:\Users\Markusli\Desktop\RechnungTierarzt008.pdf
2016-09-30 11:05 - 2016-09-30 11:05 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de (1).pdf
2016-09-30 11:03 - 2016-09-30 11:03 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de.pdf
2016-09-30 10:35 - 2016-09-30 10:35 - 00176226 _____ C:\Users\Markusli\Downloads\Nutzungsbestimmungen_Valiant_DE.pdf
2016-09-28 11:08 - 2016-09-28 11:09 - 00208226 _____ C:\Users\Administrator\Documents\cc_20160928_110850.reg

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-25 12:14 - 2015-06-19 11:04 - 00001248 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA.job
2016-10-25 12:02 - 2015-06-20 17:04 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA.job
2016-10-25 11:59 - 2012-08-30 16:30 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-25 09:59 - 2012-08-30 16:30 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-25 09:53 - 2010-02-14 11:21 - 00000000 ____D C:\Users\Administrator
2016-10-25 09:53 - 2010-02-13 21:14 - 00000000 ____D C:\Users\brigitta
2016-10-25 09:36 - 2009-07-14 06:34 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-25 09:36 - 2009-07-14 06:34 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-25 09:29 - 2016-06-16 15:48 - 00000000 ___RD C:\Users\Markusli\Creative Cloud Files
2016-10-25 09:29 - 2016-06-16 15:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-25 09:29 - 2010-02-11 17:33 - 00000000 ____D C:\Users\Markusli\AppData\Local\Adobe
2016-10-25 09:26 - 2012-04-14 16:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-25 09:25 - 2010-02-15 16:24 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-25 09:25 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-25 09:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\SchCache
2016-10-25 09:23 - 2014-02-11 16:18 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-10-25 08:33 - 2016-03-10 09:50 - 00000000 ____D C:\Users\Markusli\Downloads\Tools
2016-10-25 08:33 - 2013-05-27 16:34 - 00000000 ____D C:\Users\Markusli\AppData\Local\Citrix
2016-10-25 08:14 - 2015-06-19 11:04 - 00001196 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core.job
2016-10-24 20:45 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-24 17:02 - 2015-06-20 17:04 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core.job
2016-10-22 18:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-10-22 17:54 - 2010-02-11 17:05 - 00000000 ____D C:\Users\Markusli
2016-10-22 09:03 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-21 15:10 - 2010-02-11 17:33 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Adobe
2016-10-21 14:18 - 2010-02-11 17:28 - 00000000 ____D C:\ProgramData\Adobe
2016-10-21 13:36 - 2010-02-11 17:34 - 00000000 ____D C:\Program Files\Adobe
2016-10-21 13:36 - 2010-02-11 17:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-10-20 11:23 - 2016-03-10 14:24 - 00001456 _____ C:\Users\Markusli\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-10-20 11:16 - 2010-07-09 10:42 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\TeamViewer
2016-10-20 08:06 - 2013-05-28 09:41 - 00000000 ____D C:\Program Files\Opera
2016-10-20 08:00 - 2011-05-23 10:11 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-19 23:11 - 2010-03-11 17:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-10-19 23:09 - 2010-04-07 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2016-10-18 18:46 - 2012-07-12 09:46 - 00000000 ____D C:\Program Files\TeamViewer
2016-10-18 13:46 - 2013-05-07 10:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-18 13:42 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-18 13:37 - 2010-02-11 17:09 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-15 18:52 - 2012-01-07 12:58 - 00000000 ____D C:\Users\brigitta\AppData\Roaming\Dropbox
2016-10-14 16:17 - 2011-12-27 18:16 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Dropbox
2016-10-14 10:40 - 2014-12-12 10:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-14 10:40 - 2014-05-06 11:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-14 10:11 - 2013-06-26 19:47 - 00000000 ____D C:\Users\Markusli\Documents\XXXGmbh
2016-10-14 10:01 - 2016-06-03 15:35 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-14 09:24 - 2010-02-11 17:07 - 01629212 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-14 09:24 - 2009-07-14 10:47 - 00702926 _____ C:\Windows\system32\perfh007.dat
2016-10-14 09:24 - 2009-07-14 10:47 - 00150566 _____ C:\Windows\system32\perfc007.dat
2016-10-14 09:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-10-13 08:15 - 2016-07-07 12:10 - 00000000 ____D C:\Users\Markusli\Documents\Adobe
2016-10-13 07:47 - 2009-07-14 06:33 - 00483512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-13 07:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 10:53 - 2013-08-15 18:10 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 10:35 - 2010-02-11 17:28 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 10:34 - 2010-06-04 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 10:34 - 2010-02-11 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-11 16:52 - 2016-06-23 16:24 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\PleasantKeePass
2016-10-11 14:14 - 2016-07-29 19:30 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-10-11 14:14 - 2012-06-12 10:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-06 07:57 - 2012-05-10 10:46 - 00000000 ____D C:\Users\Markusli\AppData\Local\Deployment
2016-10-06 07:55 - 2016-07-12 14:25 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\3CXPhone for Windows
2016-10-04 15:21 - 2016-02-23 08:40 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-10-04 15:21 - 2016-02-23 08:40 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-10-04 09:43 - 2013-09-04 11:50 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-04 08:19 - 2015-06-19 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Local\Dropbox
2016-09-28 11:10 - 2012-01-07 13:01 - 00000000 ___RD C:\Users\brigitta\Dropbox
2016-09-28 11:09 - 2015-06-20 17:04 - 00000000 ____D C:\Users\brigitta\AppData\Local\Dropbox
2016-09-28 11:08 - 2010-02-11 14:58 - 00000000 ____D C:\Windows\Panther

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-10 14:24 - 2016-10-20 11:23 - 0001456 _____ () C:\Users\Markusli\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-04 11:33 - 2014-09-04 11:33 - 0003584 _____ () C:\Users\Markusli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-08-17 10:11 - 2010-08-17 10:11 - 0004096 ____H () C:\Users\Markusli\AppData\Local\keyfile3.drm
2012-04-19 09:38 - 2015-06-19 11:27 - 0007610 _____ () C:\Users\Markusli\AppData\Local\Resmon.ResmonCfg
2012-04-14 16:48 - 2012-04-14 16:48 - 0017408 _____ () C:\Users\Markusli\AppData\Local\WebpageIcons.db
2011-03-28 09:46 - 2012-04-14 10:42 - 1037014 _____ () C:\ProgramData\bdinstall.bin
2010-08-31 10:29 - 2010-08-31 10:29 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-03-29 12:10 - 2012-04-04 11:16 - 0000151 _____ () C:\ProgramData\search_result.xml

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Markusli\Silverlight.exe


Einige Dateien in TEMP:
====================
C:\Users\brigitta\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqdq7wz.dll
C:\Users\Markusli\AppData\Local\Temp\libeay32.dll
C:\Users\Markusli\AppData\Local\Temp\msvcr120.dll
C:\Users\Markusli\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-22 18:23

==================== Ende vom FRST.txt ============================
         
__________________

Alt 25.10.2016, 14:43   #4
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

addition.txt



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 16-10-2016
durchgeführt von Markusli (25-10-2016 12:17:31)
Gestartet von C:\Users\Markusli\Downloads\Tools\ScannerTools
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2010-02-11 15:05:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-95033592-1126372089-4278029988-500 - Administrator - Enabled) => C:\Users\Administrator
brigitta (S-1-5-21-95033592-1126372089-4278029988-1005 - Limited - Enabled) => C:\Users\brigitta
Gast (S-1-5-21-95033592-1126372089-4278029988-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-95033592-1126372089-4278029988-1002 - Limited - Enabled)
Markusli (S-1-5-21-95033592-1126372089-4278029988-1000 - Administrator - Enabled) => C:\Users\Markusli

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3CX MyPhone (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\1677492129.46.14.216.122) (Version:  - 46.14.216.122)
3CX MyPhone (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\3640423864.213.213.168.34) (Version:  - 213.213.168.34)
3CXPhone for Windows (HKLM\...\3CXPhone for Windows 15.0.56008) (Version: 15.0.56008 - 3CX)
3CXPhone for Windows (Version: 15.0.56008 - 3CX) Hidden
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
AbleBits.com Duplicate Remover for Microsoft Excel (HKLM\...\{355908AF-5D8F-40D6-B31C-07B5FA6A60A9}) (Version: 2.6.12 - Add-in Express Ltd.)
Acronis Sync Agent (HKLM\...\{7EFA9A78-797E-4567-A49C-D9E5F26E9AB4}) (Version: 15.0.5583 - Acronis)
Acronis*True*Image*Home 2012 (HKLM\...\{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}Visible) (Version: 15.0.5545 - Acronis)
Acronis*True*Image*Home 2012 (Version: 15.0.5545 - Acronis) Hidden
Adobe Acrobat 6.0 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 3.9.0.334 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe GoLive CS (ENG) (HKLM\...\{D3E4251D-8364-4698-B0E0-A7C799384403}) (Version: CS - Adobe Systems, Inc.)
Adobe Illustrator CS (HKLM\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe InDesign CS (HKLM\...\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}) (Version: CS - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (32 Bit) (HKLM\...\PHSP_17_0_1_32) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue (HKLM\...\{01958032-9877-4118-B87F-9EFA74B3F15F}) (Version: 1.0 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5CFFD58D-A8EB-439C-B3FD-A8862C886C55}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Artisteer 3 (HKLM\...\Artisteer 3) (Version: 3.0 - Extensoft)
Autotask MS Outlook Extension (HKLM\...\{EC85AAAB-1AB9-4C0D-BAFC-13D8151E7839}) (Version: 3.2.1 - Autotask Corporation)
Balsamiq Mockups 3 (HKLM\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.2.2 - Balsamiq SRL)
Balsamiq Mockups 3 (Version: 3.2.2 - Balsamiq SRL) Hidden
Beyond Compare Version 2.5 (HKLM\...\BC2_is1) (Version:  - Scooter Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
cnlabSpeedTest (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\{fxApplication}}_is1) (Version: 1.4.1 - cnlab AG)
CodeTwo Email Signatures Client App (HKLM\...\{D54A42C7-3929-4739-B3C0-D6D6A7AB05F5}) (Version: 1.5.0.45 - CodeTwo)
CTX blue office (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX blue office) (Version: 1.0 - Delivered by Citrix)
CTX Explorer (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX Explorer) (Version: 1.0 - Delivered by Citrix)
CTX TimeInfo MA (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX TimeInfo MA) (Version: 1.0 - Delivered by Citrix)
DATA BECKER Tipp Top 7 (HKLM\...\Tipp Top 7_is1) (Version: 7.0 - DATA BECKER GmbH & Co. KG)
Dropbox (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Elevated Installer (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON BX300F Series Printer Uninstall (HKLM\...\EPSON BX300F Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
EPSON Stylus Office BX300F_TX300F Handbuch (HKLM\...\EPSON Stylus Office BX300F_TX300F Benutzerhandbuch) (Version:  - )
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
Free Mobile Converter 2.0.1 (HKLM\...\Free Mobile Converter) (Version: 2.0.1 - 1Freeware)
FreeFileSync v4.5 (HKLM\...\FreeFileSync) (Version: 4.5 - ZenJu)
FTP Voyager 16.1.0 (HKLM\...\FTP Voyager_is1) (Version: 16.1.0.0 - SolarWinds Worldwide LLC)
Garmin Express (HKLM\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
GWX Control Panel (HKLM\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2548139) (HKLM\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2635973) (HKLM\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2635973) (Version: 1 - Microsoft Corporation)
iCloud (HKLM\...\{61D7B517-5914-41D4-BD27-927163631227}) (Version: 5.2.2.87 - Apple Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{C27F2813-083D-4E6C-A565-17E22D1F7FC8}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 15.0.1.415 - Kaspersky Lab) Hidden
KeePass for Pleasant Password Server (HKLM\...\{26ae3288-f8ca-4fb9-bdab-b8bf2764a4e4}) (Version: 7.3.1.0 - Pleasant Solutions Inc.)
KeePass for Pleasant Password Server (Version: 7.3.1.0 - Pleasant Solutions Inc.) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Macromedia Dreamweaver MX 2004 (HKLM\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Add-on für Acronis True Image Home 2012 (HKLM\...\{EAE5EDA9-F70E-4A70-B7BF-F764557E7BA7}) (Version: 15.0.5545 - Acronis)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools - DEU (HKLM\...\{2CE77981-14DE-4773-8106-27C9C964720C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2092 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{5157F185-CA5F-4952-94E2-EF5C8EC83E45}) (Version: 10.2.4064.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Policies (HKLM\...\{695E67B6-8B95-4160-9650-92974980CDC1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{2AF7B7D7-C4E9-4A0C-BBA1-B2B3633D1CBC}) (Version: 10.2.4064.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 (Deutsch) (HKLM\...\{FA440BE8-EC2F-4478-A01A-077DA0606501}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1-Abfragetools (Deutsch) (HKLM\...\{0DD2DCC6-21AE-4678-8629-1084B17BE077}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - DEU (HKLM\...\Microsoft Visual Web Developer 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 49.0.1 (x86 de) (HKLM\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10500 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10100.1.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Online Plug-in (Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Opera Stable 40.0.2308.90 (HKLM\...\Opera 40.0.2308.90) (Version: 40.0.2308.90 - Opera Software)
PIF DESIGNER (HKLM\...\{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version:  - )
Protect Disc License Helper 1.0.118 (HKLM\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Self-Service Plug-in (Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype for Business 2016 - de-de (HKLM\...\SkypeforBusinessRetail - de-de) (Version: 16.0.6965.2092 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16032.18 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.1.16032.18 - Samsung Electronics Co., Ltd.) Hidden
Softwarenetz Rechnung4 (HKLM\...\Rechnung4) (Version:  - Softwarenetz)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Webocton - Scriptly 0.8.95.6.COM (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xenu's Link Sleuth (HKLM\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{4F8ABD16-E446-43C3-A154-484F507060B4}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{584482F3-1EFA-48A5-AA4A-DA2E06B0A54C}\localserver32 -> C:\Users\Markusli\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\AblebitsLoader.exe (Add-in Express Ltd.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05FE78FD-D4DD-429C-A0BB-14D8E64E54E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {07B8A434-ECE3-422D-8C7A-A94BACC75B6C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {101974F2-6EF6-461A-962B-F8349C3A7688} - System32\Tasks\{E5A5B4B9-2209-4728-B0CC-D493C03D3973} => pcalua.exe -a "L:\downloads\tools\FTP Voyager\FTPVSetup.exe" -d "L:\downloads\tools\FTP Voyager"
Task: {1E1C8897-A6A9-40FC-A077-5225BAB6743B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1F678D57-86FC-4B26-8DA2-1CC6D01377CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2ED97E4E-21A7-4A2F-B76E-A255D8B3BFA5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-04] (Microsoft Corporation)
Task: {44109411-B04A-4854-AF31-B735E3B09067} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4BA508EF-388C-427F-8EF9-72CD8C8DDA66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {55D9F8F9-EDE5-40AE-A983-EC0CFC44C392} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {575E15A1-D3BB-43B5-9C91-FB57B89A5433} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5BB8AD89-0F73-42AB-8CDA-F1BF70F52FCC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6376CB00-21D8-4F4C-941A-533AB668CF97} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {680C6D27-0106-4DEA-83FC-22AA0344CDBF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6B4CF6F0-0553-477A-9857-24E514F2A2F2} - System32\Tasks\{5E5A9D3B-550E-4EB2-98ED-9713708A0AA4} => pcalua.exe -a K:\Downloads\Bitdefender\2011\Patchs\bdfsfltr_2.exe -d K:\Downloads\Bitdefender\2011\Patchs
Task: {7AA93DBD-43EC-49FA-AD4F-FFAF2BEFB679} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7E669539-0E7D-45DC-8E10-87B1D6F051C4} - System32\Tasks\{F89078DD-99FB-4DAC-8BFB-EFB9FAFC3012} => pcalua.exe -a K:\Downloads\Bitdefender\2011\Patchs\bdfsfltr_1.exe -d K:\Downloads\Bitdefender\2011\Patchs
Task: {8681CD97-7F70-45E7-A938-E88B46154265} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {8E74F489-2F75-4B5F-99F0-A6B9E397D025} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {960C2FC0-FC61-42F1-AC1C-C00567AC2B07} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {9BB3226B-EE7E-4D6B-82DE-1D7B06866BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A1207353-FC48-4EB5-AB56-BA3D520F5650} - System32\Tasks\{54D113E6-CBD3-4414-8F1D-D96D15011972} => pcalua.exe -a E:\LaCie.exe -d E:\
Task: {A917B18B-8719-4EC3-907E-7EB4FC1B8CB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-10-04] (Microsoft Corporation)
Task: {BA83C72E-AE4D-4E07-8CF5-6DECF4F79FEB} - System32\Tasks\{32C9F5DB-70CC-46F6-A6A4-39266758C052} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {C12F68A4-6D19-470C-9CF4-FB8D0FE2E462} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D9FAAE5C-1119-4A98-854A-21B4A6F1227E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {DB9E3454-B5D0-4439-B6DC-981FF8675E5F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E7563B40-5ECC-40A7-AFA2-D491FC0E9856} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {F3D4F068-8986-4723-8865-FCF670B784F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-10-04] (Microsoft Corporation)
Task: {F550D866-91C0-4314-B610-73CB26C412BB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {F60DD1A1-B894-4BCC-BE36-8D52C297FB9E} - System32\Tasks\Opera scheduled Autoupdate 1374583353 => C:\Program Files\Opera\launcher.exe [2016-10-17] (Opera Software)
Task: {F683EC2C-CFE3-4910-9CAC-B4B5CDED51AB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {F7C0EAF8-FF3F-47A4-A671-BC70EE65E01D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {FC1AD44A-C482-43FA-A1E2-A04D44B9B990} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {FF0645A8-F4CD-404B-920D-3CF3E53DD4AA} - System32\Tasks\AdobeAAMUpdater-1.0-MarkusW-Markusli => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core.job => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA.job => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core.job => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA.job => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Long Tail Keyword Tool Pro.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=omgaibbfggpdeokldjpldejliojjedep

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-11 17:57 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-11 17:57 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-11 17:57 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2011-08-20 21:56 - 2011-08-20 21:56 - 00435552 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2016-10-18 14:06 - 2016-10-18 14:06 - 00407216 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2011-08-20 22:37 - 2011-08-20 22:37 - 00018784 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2010-02-16 16:16 - 2010-02-10 19:10 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [119]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\autotask.com -> autotask.com
IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\autotask.net -> autotask.net
IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\sharepoint.com -> hxxps://diverto-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2016-04-26 14:16 - 00000900 ____A C:\Windows\system32\Drivers\etc\hosts

	

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^3CXPhone for Windows.lnk => C:\Windows\pss\3CXPhone for Windows.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver (1).lnk => C:\Windows\pss\Citrix Receiver (1).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: 3CX MyPhone1677492129.46.14.216.122 => C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3CX MyPhone (2).lnk
MSCONFIG\startupreg: 3CX MyPhone3352490883.46.14.216.122 => C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3CX MyPhone.lnk
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeVersionCue => C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: FTPVoyagerSchedulerTrayIcon => "C:\Program Files\RhinoSoft\FTP Voyager\FTP Voyager Scheduler Tray.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: iCloudServices => "C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: ISW => 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Redirector => "C:\Program Files\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F82BF24A-4C06-4AF6-AEDE-BF1D6136098E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7D14B347-1A62-4EAB-88B1-98E1F4E3E8B6}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{83C09058-B7F3-4807-A4F5-E89EAD5C8E77}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9AEA4AF9-DEF7-4808-8636-20C42253AEA3}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{094FB060-B310-4DFF-A0EB-B069F923E2EB}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{32D694D2-EB34-4079-9AFC-F69C1F7FE9BB}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{741F7624-41E4-40F1-B4FC-FB911C17330B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{58738422-5684-4D52-A019-F3E52760967C}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{94733DF2-2465-4166-B68E-5C16E808D11D}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{99FED989-BEF2-4598-8AD7-9F326DC53B0C}] => (Allow) C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F719BBA8-F3A3-404F-A1B8-0616D479AF32}] => (Allow) C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C68499A0-5038-4F41-B71A-A0780080D012}] => (Allow) C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{22D3F35D-5FA4-4773-8924-02766646C6D0}] => (Allow) C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{D36CF86A-DC54-487B-BD26-71CCD8132934}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8EB9BE77-8DD1-494C-A4BB-4E848901C3DD}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{85FE8A84-CD60-4E18-ACA0-0F9F616B9904}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{F45F1096-58BA-4768-832D-307735139318}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{075775C9-78E3-4AAB-8338-FC64914EA634}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [UDP Query User{60A75989-BB0E-438F-8C55-9EE47815340B}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [TCP Query User{048E1A4E-9DE5-4534-99DC-E8E4826D30FB}C:\program files\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files\microsoft silverlight\sllauncher.exe
FirewallRules: [UDP Query User{FD286A70-D856-4AE3-B455-A821BEE6805A}C:\program files\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files\microsoft silverlight\sllauncher.exe
FirewallRules: [{430C9DCC-5B2C-4A05-8066-F73055A0DF55}] => (Allow) LPort=8743
FirewallRules: [{72E39D38-BC71-49A9-83F6-2FC9C171A8C5}] => (Allow) LPort=8643
FirewallRules: [{DF80ADEB-63F8-4A65-A74F-DAA0D3DAD111}] => (Allow) LPort=7676
FirewallRules: [{76D9AF21-38B9-4290-8D29-4E3AE0C71AE4}] => (Allow) LPort=7679
FirewallRules: [{C3661200-0B7F-4E20-8A24-F3BCE1352718}] => (Allow) LPort=24234
FirewallRules: [{A1BDA1D3-8949-4822-9589-6643D9D5D6B6}] => (Allow) LPort=7900
FirewallRules: [{FA78D233-B907-4558-8CFC-E7E6944AE1D9}] => (Allow) LPort=1900
FirewallRules: [{C96740D9-F01E-42F5-A832-1D1939DFB0C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4B5A306E-E4AA-46E3-AF7E-83BE3DCDB017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F8E45FE-47A1-4AE7-A07D-FD15D845E8BC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{075BAA5A-A05F-4AF6-846F-7D19A579233F}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{DA72F094-FEB5-41C1-BB07-CFEFBBC0ACD4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{ED8F3FE6-5810-46CC-914D-A85E77CAE5B0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{244A3008-7A43-4D59-94DE-0AC6F57A23F9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{73E19C3B-B226-474A-B17F-FB179ADE8F80}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{FC8CAEFF-E487-43E2-9930-2537207FD4AF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{18FC3294-26A0-4C36-BD5B-6DAD687912E6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C9421307-3337-43DD-8E37-6C49CFFF313F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B0FA52E7-A07F-4E91-BFF4-9167E7033A72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{62F4CF77-FE53-4173-A04C-4A02C5CA917F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8C4EB1F8-E2FA-4A09-B924-59FC93AE1EB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{35F29AF4-351A-4123-B831-9D55B7ACFE39}C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{49FE69DB-6205-4CEF-A94E-D5978EB56684}C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{DC177E08-955E-47DE-BF02-181A245EAE6F}C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{10F7414E-E9E9-40D2-98D8-5A27E5F2E836}C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5917C2B6-7279-4471-8368-772F247FB7A4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{861C2053-E2FE-4410-98B6-7412E9220E55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{10AEC9F7-4219-4AF2-8908-0CD9C3A9F929}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [UDP Query User{C810D086-34F7-4AB2-B469-2745BC1EB9B2}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [{B989015E-EC65-4944-B324-98E13E30A991}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2C05A5CE-6289-4081-A915-06D7ACF3F6E4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6859C5DD-34C3-42CE-824C-25871DDE8540}] => (Allow) C:\ProgramData\3CXPhone for Windows\PhoneApp\3CXWin8Phone.exe
FirewallRules: [{85FCC321-6E17-41C5-9541-9903CAB6A628}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3A5A004B-4F66-4565-905A-7D8C6813391C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{55692377-F721-4B59-B627-A066F9A4653B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{5989E26C-C28D-45FA-A1A8-0F27B8685E97}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{676E92BA-F652-4A4C-8E7B-E1BDCCBD1064}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10223E5B-2D77-43EB-8AA7-9743164492FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1982F1D9-4A4D-47B4-9A1F-038F9AB9CB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

21-10-2016 10:11:23 Windows Update
24-10-2016 20:56:08 Windows Update
24-10-2016 21:10:34 Windows Update
25-10-2016 09:37:40 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: MoboroboAssDriver
Description: MoboroboAssDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MoboroboAssDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32776

Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32776

Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31746

Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31746

Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30670

Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30670

Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2016 12:02:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29656


Systemfehler:
=============
Error: (10/25/2016 12:02:46 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (10/25/2016 09:25:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
MoboroboAssDriver

Error: (10/25/2016 09:25:12 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (10/25/2016 09:25:12 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/25/2016 09:23:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/25/2016 08:48:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
MoboroboAssDriver

Error: (10/25/2016 08:47:31 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (10/25/2016 08:47:31 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/25/2016 08:45:18 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (10/25/2016 08:44:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-03-06 09:59:29.673
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-06 09:59:29.671
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-06 09:59:29.669
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-06 09:59:29.660
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-06 09:59:29.658
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-06 09:59:29.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 18:35:02.585
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 18:35:02.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 18:35:02.570
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 18:35:02.541
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 3583.12 MB
Verfügbarer physikalischer RAM: 2391.66 MB
Summe virtueller Speicher: 7164.56 MB
Verfügbarer virtueller Speicher: 5087.93 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:309.18 GB) (Free:162.21 GB) NTFS
Drive k: (Laudatio) (Fixed) (Total:286.89 GB) (Free:251.82 GB) NTFS
Drive z: () (Network) (Total:931.51 GB) (Free:845.96 GB) 

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 3C8637A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=309.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286.9 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         

Alt 25.10.2016, 15:21   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



Zitat:
AS: Spybot - Search and Destroy
Deinstallieren, ist völlig überflüssig


Zitat:
Adobe Acrobat 6.0 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 3.9.0.334 - Adobe Systems Incorporated)
Adobe GoLive CS (ENG) (HKLM\...\{D3E4251D-8364-4698-B0E0-A7C799384403}) (Version: CS - Adobe Systems, Inc.)
Adobe Illustrator CS (HKLM\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe InDesign CS (HKLM\...\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}) (Version: CS - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (32 Bit) (HKLM\...\PHSP_17_0_1_32) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Ist das ein gewerblich genutztes System oder ist diese Software, die eigentlich für den professionellen Einsatz konzipiert ist, für rein privates Vergnügen da?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.10.2016, 15:53   #6
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

Reines Vergnügen



Danke für die Antwort. Die Adobe ist installiert weil der PC auch noch für Arbeiten von zu Hause aus genutzt wird.

Dann kann ich den Ordner Spacekace und die darin enthaltene Datei staticbuild-log.log getrost löschen?

SpyBot löschen? Nutzt der wirklich nichts????

..ansonsten alles OK also?

Danke!

Alt 25.10.2016, 15:57   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



Hab ich nirgends geschrieben. Ich wollte erstmal klären woher du diese Software hast.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.10.2016, 16:03   #8
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

Software



Ach so...alles klar. Keine Angst. Legal und gekauft.

Alt 25.10.2016, 16:06   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.10.2016, 17:12   #10
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

MBAR



Code:
ATTFilter
# AdwCleaner v6.030 - Bericht erstellt am 25/10/2016 um 08:45:52
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-23.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : Markusli - MARKUSW
# Gestartet von : C:\Users\Markusli\Downloads\Tools\ScannerTools\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: ReimageRealTimeProtector


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\88cb0000-4c56-4c1f-c69d-2a23305119aa
[-] Ordner gelöscht: C:\ProgramData\a0060000-ac55-4be6-1af5-aac72c867e98
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Local\FileViewPro
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\download Manager
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\DriverCure
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\Gutscheinmieze
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\Solvusoft
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\speedypc software
[#] Ordner mit Neustart gelöscht: C:\Users\Markusli\AppData\Roaming\SpeedyPC Software
[-] Ordner gelöscht: C:\Users\Markusli\Favorites\ASP
[-] Ordner gelöscht: C:\Users\brigitta\AppData\Local\AskToolbar
[-] Ordner gelöscht: C:\Users\brigitta\AppData\LocalLow\AskToolbar
[-] Ordner gelöscht: C:\ProgramData\Essentware
[-] Ordner gelöscht: C:\ProgramData\Reimage Protector
[-] Ordner gelöscht: C:\ProgramData\speedypc software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\SpeedyPC Software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Essentware
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Reimage Protector
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\speedypc software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\SpeedyPC Software
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\Program Files\myfree codec
[-] Ordner gelöscht: C:\Program Files\Reimage


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Windows\Reimage.ini


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\Acronis*True*Image*Home\Extras und Werkzeuge\Image mounten.lnk


***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\distromatic
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\speedypc software
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\jabra
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\speedypc software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\jabra
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Reimage
[-] Schlüssel gelöscht: HKLM\SOFTWARE\speedypc software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL


***** [ Browser ] *****

[-] [C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: flpcjncodpafbgdpnkljologafpionhb


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6380 Bytes] - [25/10/2016 08:45:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [6431 Bytes] - [25/10/2016 08:39:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [6160 Bytes] - [25/10/2016 08:44:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6599 Bytes] ##########
         
Hmm..also meine neue Version von Kasperskys TDSS-Killer macht kein Logfile in der Art. Der schreibt eine Datei Namens report_20161025_165514.klr.enc1 und die sieht man dann unter Report im Tool. Aber gemeldet hat der Scan eh nichts.

Alt 25.10.2016, 17:22   #11
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

TDSSKiller Log



Code:
ATTFilter
17:18:47.0858 0x1284  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
17:18:49.0699 0x1284  ============================================================
17:18:49.0699 0x1284  Current date / time: 2016/10/25 17:18:49.0699
17:18:49.0699 0x1284  SystemInfo:
17:18:49.0699 0x1284  
17:18:49.0699 0x1284  OS Version: 6.1.7601 ServicePack: 1.0
17:18:49.0699 0x1284  Product type: Workstation
17:18:49.0699 0x1284  ComputerName: SW
17:18:49.0699 0x1284  UserName: Markusli
17:18:49.0699 0x1284  Windows directory: C:\Windows
17:18:49.0699 0x1284  System windows directory: C:\Windows
17:18:49.0699 0x1284  Processor architecture: Intel x86
17:18:49.0699 0x1284  Number of processors: 2
17:18:49.0699 0x1284  Page size: 0x1000
17:18:49.0699 0x1284  Boot type: Normal boot
17:18:49.0699 0x1284  CodeIntegrityOptions = 0x00000000
17:18:49.0699 0x1284  ============================================================
17:18:51.0773 0x1284  KLMD registered as C:\Windows\system32\drivers\86276353.sys
17:18:51.0773 0x1284  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x0
17:18:52.0132 0x1284  System UUID: {1FC2945B-9067-9579-DC8C-84FC6535B8C0}
17:18:52.0881 0x1284  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x47B84, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
17:18:53.0006 0x1284  ============================================================
17:18:53.0006 0x1284  \Device\Harddisk0\DR0:
17:18:53.0037 0x1284  MBR partitions:
17:18:53.0037 0x1284  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:18:53.0037 0x1284  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26A5C000
17:18:53.0037 0x1284  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x26A8E800, BlocksNum 0x23DC8800
17:18:53.0037 0x1284  ============================================================
17:18:53.0068 0x1284  C: <-> \Device\Harddisk0\DR0\Partition2
17:18:53.0131 0x1284  K: <-> \Device\Harddisk0\DR0\Partition3
17:18:53.0131 0x1284  ============================================================
17:18:53.0131 0x1284  Initialize success
17:18:53.0131 0x1284  ============================================================
17:18:59.0121 0x1030  ============================================================
17:18:59.0121 0x1030  Scan started
17:18:59.0121 0x1030  Mode: Manual; SigCheck; TDLFS; 
17:18:59.0121 0x1030  ============================================================
17:18:59.0121 0x1030  KSN ping started
17:18:59.0277 0x1030  KSN ping finished: true
17:19:00.0478 0x1030  ================ Scan system memory ========================
17:19:00.0478 0x1030  System memory - ok
17:19:00.0478 0x1030  ================ Scan services =============================
17:19:00.0619 0x1030  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:19:00.0697 0x1030  1394ohci - ok
17:19:00.0743 0x1030  [ A6FE70357A68AD1E279CD1012419CCE6, 561B0E21383600F9A0BFB8562AAE648BBC48A320F58E4189C508123B8F106A29 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
17:19:00.0775 0x1030  acedrv11 - ok
17:19:00.0806 0x1030  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:19:00.0821 0x1030  ACPI - ok
17:19:00.0837 0x1030  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:19:00.0853 0x1030  AcpiPmi - ok
17:19:00.0962 0x1030  [ 14E29946746272D295483E78B817D054, 651DB8BA220D0833F16BEEE47A8D61F93020F8CF5ADBE5495E886C778D039658 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
17:19:00.0993 0x1030  AcrSch2Svc - ok
17:19:01.0024 0x1030  [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:19:01.0024 0x1030  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
17:19:01.0196 0x1030  Detect skipped due to KSN trusted
17:19:01.0196 0x1030  Adobe LM Service - ok
17:19:01.0274 0x1030  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:19:01.0289 0x1030  AdobeARMservice - ok
17:19:01.0383 0x1030  [ 90F5726999B7B7D137C6F79202DC6E1D, 38A4FD9A1FA5E970BA3AE10C430AB339D02E1A65BCA98B5115131397A872049A ] AdobeUpdateService C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
17:19:01.0414 0x1030  AdobeUpdateService - ok
17:19:01.0508 0x1030  [ FC9D93D13127E3252466D4A33039B54B, 8399E2E351F083857380A8340EE5ADA858E79AAAEDE2C67693780DEA781E2F3E ] AdobeVersionCue C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
17:19:01.0523 0x1030  AdobeVersionCue - detected UnsignedFile.Multi.Generic ( 1 )
17:19:01.0695 0x1030  Detect skipped due to KSN trusted
17:19:01.0695 0x1030  AdobeVersionCue - ok
17:19:01.0742 0x1030  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:19:01.0773 0x1030  adp94xx - ok
17:19:01.0804 0x1030  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:19:01.0820 0x1030  adpahci - ok
17:19:01.0835 0x1030  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:19:01.0851 0x1030  adpu320 - ok
17:19:01.0867 0x1030  Aeclicem - ok
17:19:01.0898 0x1030  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:19:01.0913 0x1030  AeLookupSvc - ok
17:19:01.0945 0x1030  [ 158ED54CE49CF828C1E46A811FFF8804, 6955EAA1B12A8BF07F3CFDF0451425D429A4CD4BF21F25D4D6A31EB88DC991D4 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
17:19:01.0945 0x1030  afcdp - ok
17:19:02.0101 0x1030  [ 93AF1F96A0C974C7E71A41E8054C40B0, 87977D0E88582A7164C3B4F915C394341A7F24AB4621B3DC7BA096323CE2A539 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
17:19:02.0179 0x1030  afcdpsrv - ok
17:19:02.0225 0x1030  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
17:19:02.0257 0x1030  AFD - ok
17:19:02.0272 0x1030  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:19:02.0288 0x1030  agp440 - ok
17:19:02.0444 0x1030  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
17:19:02.0506 0x1030  AGSService - ok
17:19:02.0522 0x1030  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:19:02.0537 0x1030  aic78xx - ok
17:19:02.0553 0x1030  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
17:19:02.0569 0x1030  ALG - ok
17:19:02.0584 0x1030  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:19:02.0600 0x1030  aliide - ok
17:19:02.0615 0x1030  [ B19505648F033393E907E2E419FDE8B3, BEF76AAD61FE0CA1F2B91C491FD94DE1BE67E776BBB7972D57ADFBE0333E9615 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:19:02.0631 0x1030  AMD External Events Utility - ok
17:19:02.0647 0x1030  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:19:02.0662 0x1030  amdagp - ok
17:19:02.0693 0x1030  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:19:02.0709 0x1030  amdide - ok
17:19:02.0709 0x1030  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:19:02.0725 0x1030  AmdK8 - ok
17:19:02.0740 0x1030  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:19:02.0756 0x1030  AmdPPM - ok
17:19:02.0787 0x1030  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:19:02.0803 0x1030  amdsata - ok
17:19:02.0818 0x1030  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:19:02.0818 0x1030  amdsbs - ok
17:19:02.0834 0x1030  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:19:02.0849 0x1030  amdxata - ok
17:19:02.0881 0x1030  [ 34A44AF3D786BB28B445821461331E19, 1E7B64AE5BDEE2530EDD1822AF5CB013113C5146FB7669BD413820FCC0D70E69 ] AppID           C:\Windows\system32\drivers\appid.sys
17:19:02.0896 0x1030  AppID - ok
17:19:02.0927 0x1030  [ 1C9127BAD6E198C241E731EF90800A3B, AFB1709DF4A962ABBCE9DBE67E61B7FDE4B2202BF5FEE6BCB76D6779CC0795EC ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:19:02.0943 0x1030  AppIDSvc - ok
17:19:02.0974 0x1030  [ 7AE586A76A171B915F7BE478C7542138, B7CDA2DE9C1E3F8997FE3F7D93288C61C9199FA87D24AF541851B8AFBB584D13 ] Appinfo         C:\Windows\System32\appinfo.dll
17:19:02.0990 0x1030  Appinfo - ok
17:19:03.0083 0x1030  [ 2AF8899B07D4E997D0D189D83EDF2709, 2992B159779C138F3BE343475B4B0615CF096E5B69A8EE145E1D1A07291EE4B1 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:03.0099 0x1030  Apple Mobile Device - ok
17:19:03.0130 0x1030  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:19:03.0161 0x1030  AppMgmt - ok
17:19:03.0161 0x1030  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:19:03.0177 0x1030  arc - ok
17:19:03.0193 0x1030  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:19:03.0208 0x1030  arcsas - ok
17:19:03.0286 0x1030  [ 753F1E09345D7B2C06B9999EA8F9AAB1, C5A53052EE78FA8DC199C77F63654F5F850C111A7DC2B056E09A7D6C2F5B2BCD ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:19:03.0302 0x1030  aspnet_state - ok
17:19:03.0317 0x1030  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:19:03.0333 0x1030  AsyncMac - ok
17:19:03.0364 0x1030  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:19:03.0380 0x1030  atapi - ok
17:19:03.0411 0x1030  [ 11D2302C9B515B4E4BF5A8F190483B59, ABC3095611456391A01E9BD5BCE9DF0188CBB7E1D5789931BC8751033A421C51 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:19:03.0427 0x1030  AtiHDAudioService - ok
17:19:03.0567 0x1030  [ 04F09923A393E4E0E8453A8F78361E73, B5C0B9D1195B87AF823887AD9355CD2B4C4F4DDF34103891EE48EA86F0F544E7 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:19:03.0692 0x1030  atikmdag - ok
17:19:03.0739 0x1030  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:19:03.0754 0x1030  AudioEndpointBuilder - ok
17:19:03.0801 0x1030  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:19:03.0817 0x1030  Audiosrv - ok
17:19:03.0941 0x1030  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1       C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
17:19:03.0957 0x1030  AVP15.0.1 - ok
17:19:04.0019 0x1030  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:19:04.0051 0x1030  AxInstSV - ok
17:19:04.0097 0x1030  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:19:04.0129 0x1030  b06bdrv - ok
17:19:04.0144 0x1030  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:19:04.0160 0x1030  b57nd60x - ok
17:19:04.0191 0x1030  [ A6FE70357A68AD1E279CD1012419CCE6, 561B0E21383600F9A0BFB8562AAE648BBC48A320F58E4189C508123B8F106A29 ] Bdahstsvcrvp    C:\Windows\system32\drivers\acedrv11.sys
17:19:04.0191 0x1030  Bdahstsvcrvp - ok
17:19:04.0222 0x1030  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:19:04.0238 0x1030  BDESVC - ok
17:19:04.0285 0x1030  [ 4C44D82E372A87B3CB439A7F14CFEF03, D88781818380E34E04372575EA75EF5C0B3A9486E3B7CE73AD617CA2FA7AA5E2 ] bdfsfltr        C:\Windows\system32\DRIVERS\bdfsfltr.sys
17:19:04.0300 0x1030  bdfsfltr - ok
17:19:04.0363 0x1030  bdselfpr - ok
17:19:04.0363 0x1030  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:19:04.0394 0x1030  Beep - ok
17:19:04.0441 0x1030  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
17:19:04.0472 0x1030  BFE - ok
17:19:04.0503 0x1030  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
17:19:04.0550 0x1030  BITS - ok
17:19:04.0550 0x1030  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:19:04.0565 0x1030  blbdrive - ok
17:19:04.0628 0x1030  [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:19:04.0659 0x1030  Bonjour Service - ok
17:19:04.0690 0x1030  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:19:04.0706 0x1030  bowser - ok
17:19:04.0721 0x1030  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:19:04.0721 0x1030  BrFiltLo - ok
17:19:04.0737 0x1030  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:19:04.0753 0x1030  BrFiltUp - ok
17:19:04.0784 0x1030  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
17:19:04.0799 0x1030  Browser - ok
17:19:04.0815 0x1030  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:19:04.0831 0x1030  Brserid - ok
17:19:04.0846 0x1030  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:19:04.0862 0x1030  BrSerWdm - ok
17:19:04.0877 0x1030  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:19:04.0877 0x1030  BrUsbMdm - ok
17:19:04.0909 0x1030  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:19:04.0909 0x1030  BrUsbSer - ok
17:19:04.0924 0x1030  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:19:04.0940 0x1030  BTHMODEM - ok
17:19:04.0971 0x1030  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
17:19:05.0002 0x1030  bthserv - ok
17:19:05.0127 0x1030  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:19:05.0174 0x1030  c2cautoupdatesvc - ok
17:19:05.0267 0x1030  [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:19:05.0330 0x1030  c2cpnrsvc - ok
17:19:05.0361 0x1030  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:19:05.0377 0x1030  cdfs - ok
17:19:05.0423 0x1030  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:19:05.0423 0x1030  cdrom - ok
17:19:05.0486 0x1030  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:19:05.0501 0x1030  CertPropSvc - ok
17:19:05.0517 0x1030  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:19:05.0533 0x1030  circlass - ok
17:19:05.0595 0x1030  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
17:19:05.0626 0x1030  CLFS - ok
17:19:05.0767 0x1030  [ 31D91373A93CB97882DB67EA2461661B, 98421C4A7795B569F7696F6633260DF6A74BF24E8DB1FBB5D4BF59CCC9230EE8 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
17:19:05.0813 0x1030  ClickToRunSvc - ok
17:19:05.0891 0x1030  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:05.0907 0x1030  clr_optimization_v2.0.50727_32 - ok
17:19:05.0954 0x1030  [ 3CB2944297E7A762F9665A63D7876A3C, 696B8D5FD1DC5E662072CBF1C7CD6270B56643802783013C22848E1BB697625D ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:05.0954 0x1030  clr_optimization_v4.0.30319_32 - ok
17:19:05.0969 0x1030  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:19:05.0985 0x1030  CmBatt - ok
17:19:06.0016 0x1030  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:19:06.0032 0x1030  cmdide - ok
17:19:06.0063 0x1030  [ 1A5800ECFBB105B2674D2C0F3885C3E1, 8FF7205CEEAD7EAE71BCA940F62F4724B59EB10D97E1D3F8BB69A125246BFD7D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
17:19:06.0079 0x1030  cm_km_w - ok
17:19:06.0110 0x1030  [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:19:06.0125 0x1030  CNG - ok
17:19:06.0141 0x1030  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:19:06.0157 0x1030  Compbatt - ok
17:19:06.0172 0x1030  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:19:06.0188 0x1030  CompositeBus - ok
17:19:06.0203 0x1030  COMSysApp - ok
17:19:06.0219 0x1030  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:19:06.0219 0x1030  crcdisk - ok
17:19:06.0250 0x1030  [ 6F8E0D147E53D4CE2F4D975AB976E80A, F357380C46EB7C886CE0A7DB6AB1403AFB221E3D8B8D4BD4A826EC5D9EB1C80B ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:19:06.0266 0x1030  CryptSvc - ok
17:19:06.0313 0x1030  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
17:19:06.0328 0x1030  CSC - ok
17:19:06.0359 0x1030  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
17:19:06.0391 0x1030  CscService - ok
17:19:06.0437 0x1030  [ BE13DB08BAF1F6F3EAC9D8048241A8DB, 04A7172BB122239796123EE650EB690551070E048F0BA3B360B4517307966047 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
17:19:06.0453 0x1030  ctxusbm - ok
17:19:06.0500 0x1030  [ 48297BF3339BC56DD7D7524D7A1740AA, A0D750FE7745C7D2A53CB61A6FF33B867675053B56F8DB1F52B01A74FB755190 ] DBService       C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
17:19:06.0515 0x1030  DBService - detected UnsignedFile.Multi.Generic ( 1 )
17:19:06.0609 0x1030  Detect skipped due to KSN trusted
17:19:06.0609 0x1030  DBService - ok
17:19:06.0671 0x1030  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:19:06.0703 0x1030  DcomLaunch - ok
17:19:06.0749 0x1030  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
17:19:06.0765 0x1030  defragsvc - ok
17:19:06.0812 0x1030  [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:19:06.0827 0x1030  DfsC - ok
17:19:06.0859 0x1030  [ CFD472DDF02D675D74144A8BD63B4B10, 58D7142129F49F38D832419BDAC70F21851807918343222F6B58FDFA2408F8EF ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:19:06.0874 0x1030  dg_ssudbus - ok
17:19:06.0905 0x1030  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:19:06.0921 0x1030  Dhcp - ok
17:19:07.0030 0x1030  [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:19:07.0077 0x1030  DiagTrack - ok
17:19:07.0093 0x1030  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:19:07.0108 0x1030  discache - ok
17:19:07.0139 0x1030  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
17:19:07.0155 0x1030  Disk - ok
17:19:07.0186 0x1030  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:19:07.0186 0x1030  Dnscache - ok
17:19:07.0233 0x1030  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:19:07.0249 0x1030  dot3svc - ok
17:19:07.0295 0x1030  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
17:19:07.0311 0x1030  DPS - ok
17:19:07.0342 0x1030  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:19:07.0358 0x1030  drmkaud - ok
17:19:07.0405 0x1030  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:19:07.0420 0x1030  DXGKrnl - ok
17:19:07.0436 0x1030  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
17:19:07.0467 0x1030  EapHost - ok
17:19:07.0561 0x1030  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:19:07.0623 0x1030  ebdrv - ok
17:19:07.0654 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] EFS             C:\Windows\System32\lsass.exe
17:19:07.0670 0x1030  EFS - ok
17:19:07.0701 0x1030  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:19:07.0717 0x1030  ehRecvr - ok
17:19:07.0732 0x1030  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
17:19:07.0748 0x1030  ehSched - ok
17:19:07.0779 0x1030  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:19:07.0795 0x1030  elxstor - ok
17:19:07.0826 0x1030  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:19:07.0841 0x1030  ErrDev - ok
17:19:07.0857 0x1030  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
17:19:07.0888 0x1030  EventSystem - ok
17:19:07.0904 0x1030  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:19:07.0935 0x1030  exfat - ok
17:19:07.0951 0x1030  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:19:07.0966 0x1030  fastfat - ok
17:19:08.0013 0x1030  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
17:19:08.0044 0x1030  Fax - ok
17:19:08.0060 0x1030  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:19:08.0060 0x1030  fdc - ok
17:19:08.0075 0x1030  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
17:19:08.0091 0x1030  fdPHost - ok
17:19:08.0107 0x1030  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:19:08.0122 0x1030  FDResPub - ok
17:19:08.0138 0x1030  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:19:08.0138 0x1030  FileInfo - ok
17:19:08.0153 0x1030  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:19:08.0169 0x1030  Filetrace - ok
17:19:08.0185 0x1030  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:19:08.0200 0x1030  flpydisk - ok
17:19:08.0216 0x1030  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:19:08.0231 0x1030  FltMgr - ok
17:19:08.0309 0x1030  [ 27C75AC6D6FC808D8244D9C9CEA681D1, A68D79F64FF12769BE361BF3316909BB83E33772989EF3AA95613930B2B07C24 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
17:19:08.0325 0x1030  fltsrv - ok
17:19:08.0372 0x1030  [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache       C:\Windows\system32\FntCache.dll
17:19:08.0403 0x1030  FontCache - ok
17:19:08.0450 0x1030  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:19:08.0465 0x1030  FontCache3.0.0.0 - ok
17:19:08.0481 0x1030  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:19:08.0497 0x1030  FsDepends - ok
17:19:08.0543 0x1030  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
17:19:08.0559 0x1030  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:19:08.0653 0x1030  Detect skipped due to KSN trusted
17:19:08.0653 0x1030  FsUsbExDisk - ok
17:19:08.0762 0x1030  [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:19:08.0777 0x1030  FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
17:19:08.0855 0x1030  Detect skipped due to KSN trusted
17:19:08.0855 0x1030  FsUsbExService - ok
17:19:08.0887 0x1030  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:19:08.0918 0x1030  Fs_Rec - ok
17:19:08.0949 0x1030  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:19:08.0965 0x1030  fvevol - ok
17:19:08.0996 0x1030  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:19:09.0011 0x1030  gagp30kx - ok
17:19:09.0105 0x1030  [ 8C0A6229A1256930DEF4D79B2C0BA25C, 2C4EA836494F148E7C83FC81593305E986C8E2D801A35903CF603FC86D925DCE ] Garmin Device Interaction Service C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
17:19:09.0136 0x1030  Garmin Device Interaction Service - ok
17:19:09.0183 0x1030  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:09.0199 0x1030  GEARAspiWDM - ok
17:19:09.0230 0x1030  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:19:09.0261 0x1030  gpsvc - ok
17:19:09.0339 0x1030  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:09.0370 0x1030  gupdate - ok
17:19:09.0386 0x1030  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:09.0401 0x1030  gupdatem - ok
17:19:09.0448 0x1030  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:19:09.0464 0x1030  gusvc - ok
17:19:09.0479 0x1030  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:19:09.0495 0x1030  hcw85cir - ok
17:19:09.0542 0x1030  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:19:09.0557 0x1030  HdAudAddService - ok
17:19:09.0589 0x1030  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:19:09.0604 0x1030  HDAudBus - ok
17:19:09.0604 0x1030  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:19:09.0620 0x1030  HidBatt - ok
17:19:09.0635 0x1030  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:19:09.0651 0x1030  HidBth - ok
17:19:09.0667 0x1030  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:19:09.0682 0x1030  HidIr - ok
17:19:09.0698 0x1030  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
17:19:09.0729 0x1030  hidserv - ok
17:19:09.0776 0x1030  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:19:09.0776 0x1030  HidUsb - ok
17:19:09.0807 0x1030  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:19:09.0838 0x1030  hkmsvc - ok
17:19:09.0869 0x1030  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:19:09.0885 0x1030  HomeGroupListener - ok
17:19:09.0901 0x1030  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:19:09.0916 0x1030  HomeGroupProvider - ok
17:19:09.0947 0x1030  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:19:09.0963 0x1030  HpSAMD - ok
17:19:09.0994 0x1030  [ 06C01427CEAD2C285BB47608BFB9BF88, 7370F7BF8338D056ED253ED4173A3248675E722545BA4F7C75A2D8194395CBC6 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:19:09.0994 0x1030  HTCAND32 - ok
17:19:10.0025 0x1030  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:19:10.0057 0x1030  HTTP - ok
17:19:10.0072 0x1030  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:19:10.0088 0x1030  hwpolicy - ok
17:19:10.0119 0x1030  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:19:10.0135 0x1030  i8042prt - ok
17:19:10.0150 0x1030  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:19:10.0166 0x1030  iaStorV - ok
17:19:10.0229 0x1030  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:19:10.0260 0x1030  idsvc - ok
17:19:10.0292 0x1030  IEEtwCollectorService - ok
17:19:10.0323 0x1030  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:19:10.0323 0x1030  iirsp - ok
17:19:10.0385 0x1030  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:19:10.0401 0x1030  IKEEXT - ok
17:19:10.0432 0x1030  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:19:10.0432 0x1030  intelide - ok
17:19:10.0448 0x1030  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:19:10.0463 0x1030  intelppm - ok
17:19:10.0479 0x1030  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:19:10.0510 0x1030  IPBusEnum - ok
17:19:10.0526 0x1030  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:19:10.0541 0x1030  IpFilterDriver - ok
17:19:10.0588 0x1030  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:19:10.0604 0x1030  iphlpsvc - ok
17:19:10.0635 0x1030  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:19:10.0650 0x1030  IPMIDRV - ok
17:19:10.0666 0x1030  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:19:10.0682 0x1030  IPNAT - ok
17:19:10.0744 0x1030  [ FB38511C33BB70533FC5A336931CB792, 0FDF7B25DE64C8230AB116B4C9F95ECE76262AA31BA14FE2C568B1062573C8F9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:19:10.0760 0x1030  iPod Service - ok
17:19:10.0775 0x1030  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:19:10.0791 0x1030  IRENUM - ok
17:19:10.0822 0x1030  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:19:10.0822 0x1030  isapnp - ok
17:19:10.0853 0x1030  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:19:10.0853 0x1030  iScsiPrt - ok
17:19:10.0884 0x1030  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:19:10.0900 0x1030  kbdclass - ok
17:19:10.0916 0x1030  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:19:10.0931 0x1030  kbdhid - ok
17:19:10.0962 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] KeyIso          C:\Windows\system32\lsass.exe
17:19:10.0978 0x1030  KeyIso - ok
17:19:11.0025 0x1030  [ 48A104DDC01F6547DED5F9C4C796DD46, C310E1A5ED192416D618AF949CCB45C60F9929072C9887CB9F824EADD58D476C ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
17:19:11.0056 0x1030  KL1 - ok
17:19:11.0118 0x1030  [ 31AF8A6B7FFDD3FF8D0025353E0787EE, CF6FAC4469728814E5B3BF24F2B00198E3B0296B8DD8C707D57B11DDCF1DC9BB ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
17:19:11.0134 0x1030  kldisk - ok
17:19:11.0212 0x1030  [ F2EE426C11FE6E73D1F72CD188B2A68C, C5F4CFFF2A3E2E97F7BC6AB3589770278D9B86C64700190196878DB168FB24BA ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
17:19:11.0228 0x1030  klflt - ok
17:19:11.0274 0x1030  [ 81AB5C082CEA061D618C019F4234FD4E, 9E4491B50E647D03F670F88AED444DBADFAB007032F5CF59D06F992775065268 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
17:19:11.0290 0x1030  klhk - ok
17:19:11.0337 0x1030  [ 4E19CDEEBDE3CE8987B3D7A5123FFAC9, 0A0F79947C1D9A1FD9883FCB7B7C988D689BBA5F0328C57E5BE2DCDF8A8F17E7 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:19:11.0368 0x1030  KLIF - ok
17:19:11.0399 0x1030  [ D1FC14342F8CAD20A0764305AD62483D, FC3010AAD57C7CEB987AE930C1B7A7C1AD9291B98F92F5C9448D56C92270C9F1 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
17:19:11.0399 0x1030  KLIM6 - ok
17:19:11.0415 0x1030  [ 9C7132A2E609E0BACF2A54AC13C9BDCB, E7E3949C6FA35CC06A1B010DA04462824BC7F3EE6A498F64CB2457C901F999F7 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:19:11.0415 0x1030  klkbdflt - ok
17:19:11.0430 0x1030  [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:19:11.0430 0x1030  klmouflt - ok
17:19:11.0477 0x1030  [ EB0D72D2844C57F5F146D7A15B04FBF9, 3DFEDA024AD5D54EEAF7D4411153CFA8AD95FCF217E09F2B7AFD2D91EE623BF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
17:19:11.0493 0x1030  klpd - ok
17:19:11.0540 0x1030  [ EDB35F43026CC3CA52DD11D5FBC625A9, 47F486914F3199DB91DAC69FE7A7BA75F6D800FF184C47970AB11BCF8FB38AF8 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
17:19:11.0555 0x1030  kltdi - ok
17:19:11.0586 0x1030  [ 43057A1680FFBBB9B47986BC1734AC11, A9EEA846EEC1F0E8EB73DB14AF7053AFBC4A0A580BF4402170CCB32F4CD6BB23 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
17:19:11.0602 0x1030  Klwtp - ok
17:19:11.0664 0x1030  [ 24025B8E6A6AE596EC6C7E4B1A10C660, 4ED3837F7C2934AEC4AA4046E1069EAC2896B581FB6C898369F2998C98CC9778 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
17:19:11.0680 0x1030  kneps - ok
17:19:11.0711 0x1030  [ 58975F4DBB4A40D58FD1B913B6C912DA, 28FC71ABF07776073101CC886359FE7B0A9FB2B1135797AD6BB6CEEFC233F72C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:19:11.0711 0x1030  KSecDD - ok
17:19:11.0727 0x1030  [ EF8C60DD465C56837E1CC53D996A65C2, D932FA8A4A9073C8661B7EC6C598CF543B9D728DD866379C384DE60BCB35F82E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:19:11.0742 0x1030  KSecPkg - ok
17:19:11.0774 0x1030  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:19:11.0805 0x1030  KtmRm - ok
17:19:11.0836 0x1030  [ F7CDABA15C7E853F0A11AF6D77FCA990, 14486B8C9535D62AD8FA98A21DA76E793B3FB275D82FAF4423526D340ABCD785 ] L1E             C:\Windows\system32\DRIVERS\L1E62x86.sys
17:19:11.0852 0x1030  L1E - ok
17:19:11.0867 0x1030  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:19:11.0883 0x1030  LanmanServer - ok
17:19:11.0914 0x1030  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:19:11.0945 0x1030  LanmanWorkstation - ok
17:19:12.0054 0x1030  [ 5CF3787D3109D8B7C0A68BDDE0F351E2, 6E942199C4B74E910B706876493E16D1C3487102CC480E8639401A34FB941D88 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:19:12.0070 0x1030  LBTServ - ok
17:19:12.0117 0x1030  [ B9E077D03FCCD05A8829DC5E0653E60B, 4752C4D77D2E9FFE82F1151289A78EB238F434795655F392BC1B749A7B695B33 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:19:12.0117 0x1030  LHidFilt - ok
17:19:12.0164 0x1030  [ CB5D13966F74D7F000724A907F614193, 720374DE3C3E930B3C679DEF41A7073477F0C9C3156A0400F2F23672CCFCC981 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
17:19:12.0164 0x1030  libusb0 - ok
17:19:12.0210 0x1030  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:19:12.0242 0x1030  lltdio - ok
17:19:12.0304 0x1030  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:19:12.0351 0x1030  lltdsvc - ok
17:19:12.0351 0x1030  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:19:12.0382 0x1030  lmhosts - ok
17:19:12.0413 0x1030  [ FBB88DD2236B263FF412AA7067BDFEE6, 8F6347B8CE4C5175208D45B60B04878886D955F90B37AFD33E414E795D68D8CC ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:19:12.0413 0x1030  LMouFilt - ok
17:19:12.0429 0x1030  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:19:12.0444 0x1030  LSI_FC - ok
17:19:12.0460 0x1030  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:19:12.0476 0x1030  LSI_SAS - ok
17:19:12.0491 0x1030  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:19:12.0491 0x1030  LSI_SAS2 - ok
17:19:12.0507 0x1030  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:19:12.0522 0x1030  LSI_SCSI - ok
17:19:12.0538 0x1030  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:19:12.0554 0x1030  luafv - ok
17:19:12.0600 0x1030  [ B8EAC4507EB4655377B1E094FCE7F12E, FF094A752224F2A5F4866B56D84B80DB18467776645C01B4CADAB85C377B9EE8 ] Macromedia Licensing Service C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
17:19:12.0600 0x1030  Macromedia Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:19:12.0678 0x1030  Detect skipped due to KSN trusted
17:19:12.0678 0x1030  Macromedia Licensing Service - ok
17:19:12.0725 0x1030  [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:19:12.0741 0x1030  MBAMProtector - ok
17:19:12.0850 0x1030  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:19:12.0881 0x1030  MBAMScheduler - ok
17:19:12.0928 0x1030  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
17:19:12.0959 0x1030  MBAMService - ok
17:19:13.0006 0x1030  [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:19:13.0006 0x1030  MBAMSwissArmy - ok
17:19:13.0037 0x1030  [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:19:13.0037 0x1030  MBAMWebAccessControl - ok
17:19:13.0068 0x1030  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:19:13.0084 0x1030  Mcx2Svc - ok
17:19:13.0131 0x1030  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:19:13.0146 0x1030  MDM - detected UnsignedFile.Multi.Generic ( 1 )
17:19:13.0240 0x1030  Detect skipped due to KSN trusted
17:19:13.0240 0x1030  MDM - ok
17:19:13.0256 0x1030  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:19:13.0271 0x1030  megasas - ok
17:19:13.0287 0x1030  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:19:13.0302 0x1030  MegaSR - ok
17:19:13.0318 0x1030  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
17:19:13.0334 0x1030  MMCSS - ok
17:19:13.0365 0x1030  MoboroboAssDriver - ok
17:19:13.0365 0x1030  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
17:19:13.0396 0x1030  Modem - ok
17:19:13.0427 0x1030  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:19:13.0443 0x1030  monitor - ok
17:19:13.0458 0x1030  [ 111A023266532C621EE69AE96E47081E, D933340AF838D94F25C74F9D46A74DE3B45F29B896AFA49A03676BAB8CD400CF ] MonitorFunction C:\Windows\system32\DRIVERS\TVMonitor.sys
17:19:13.0458 0x1030  MonitorFunction - ok
17:19:13.0505 0x1030  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:19:13.0505 0x1030  mouclass - ok
17:19:13.0521 0x1030  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:19:13.0536 0x1030  mouhid - ok
17:19:13.0552 0x1030  [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:19:13.0568 0x1030  mountmgr - ok
17:19:13.0614 0x1030  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:19:13.0630 0x1030  MozillaMaintenance - ok
17:19:13.0646 0x1030  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:19:13.0661 0x1030  mpio - ok
17:19:13.0692 0x1030  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:19:13.0708 0x1030  mpsdrv - ok
17:19:13.0755 0x1030  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:19:13.0786 0x1030  MpsSvc - ok
17:19:13.0817 0x1030  [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:19:13.0833 0x1030  MRxDAV - ok
17:19:13.0880 0x1030  [ DFF7080C28D25B9629406FBC53F0AC24, EC87D28756997E36CD7808916863E9EDF6E04984595D468C55A389EB896EFBC2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:19:13.0895 0x1030  mrxsmb - ok
17:19:13.0926 0x1030  [ B63F11492664EA49F07BB0E50938F746, 6493968CC6C2B35988521C7C0F5EF9C69C9EC5AED44ED317164ABF73AD302DF9 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:19:13.0942 0x1030  mrxsmb10 - ok
17:19:14.0004 0x1030  [ 0E55102EA96B20FA945102A223D69DA5, 0A7C40CAF47C953CE60669BCAA519A4323CA36637D30E349575D0224C4ED7C19 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:19:14.0036 0x1030  mrxsmb20 - ok
17:19:14.0082 0x1030  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:19:14.0098 0x1030  msahci - ok
17:19:14.0207 0x1030  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:19:14.0223 0x1030  msdsm - ok
17:19:14.0238 0x1030  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
17:19:14.0254 0x1030  MSDTC - ok
17:19:14.0285 0x1030  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:19:14.0301 0x1030  Msfs - ok
17:19:14.0301 0x1030  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:19:14.0332 0x1030  mshidkmdf - ok
17:19:14.0363 0x1030  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:19:14.0363 0x1030  msisadrv - ok
17:19:14.0394 0x1030  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:19:14.0426 0x1030  MSiSCSI - ok
17:19:14.0426 0x1030  msiserver - ok
17:19:14.0441 0x1030  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:19:14.0472 0x1030  MSKSSRV - ok
17:19:14.0488 0x1030  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:19:14.0519 0x1030  MSPCLOCK - ok
17:19:14.0519 0x1030  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:19:14.0535 0x1030  MSPQM - ok
17:19:14.0550 0x1030  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:19:14.0566 0x1030  MsRPC - ok
17:19:14.0582 0x1030  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:19:14.0597 0x1030  mssmbios - ok
17:19:14.0613 0x1030  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:19:14.0628 0x1030  MSTEE - ok
17:19:14.0644 0x1030  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:19:14.0644 0x1030  MTConfig - ok
17:19:14.0675 0x1030  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:19:14.0691 0x1030  MTsensor - ok
17:19:14.0706 0x1030  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:19:14.0722 0x1030  Mup - ok
17:19:14.0753 0x1030  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:19:14.0784 0x1030  napagent - ok
17:19:14.0816 0x1030  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:19:14.0831 0x1030  NativeWifiP - ok
17:19:14.0925 0x1030  [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
17:19:14.0956 0x1030  NAUpdate - ok
17:19:15.0034 0x1030  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:19:15.0081 0x1030  NDIS - ok
17:19:15.0096 0x1030  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:19:15.0128 0x1030  NdisCap - ok
17:19:15.0143 0x1030  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:19:15.0159 0x1030  NdisTapi - ok
17:19:15.0190 0x1030  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:19:15.0221 0x1030  Ndisuio - ok
17:19:15.0252 0x1030  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:19:15.0268 0x1030  NdisWan - ok
17:19:15.0299 0x1030  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:19:15.0315 0x1030  NDProxy - ok
17:19:15.0330 0x1030  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:19:15.0346 0x1030  NetBIOS - ok
17:19:15.0377 0x1030  [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:19:15.0393 0x1030  NetBT - ok
17:19:15.0408 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] Netlogon        C:\Windows\system32\lsass.exe
17:19:15.0424 0x1030  Netlogon - ok
17:19:15.0455 0x1030  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:19:15.0486 0x1030  Netman - ok
17:19:15.0518 0x1030  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0533 0x1030  NetMsmqActivator - ok
17:19:15.0564 0x1030  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0580 0x1030  NetPipeActivator - ok
17:19:15.0596 0x1030  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:19:15.0627 0x1030  netprofm - ok
17:19:15.0642 0x1030  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0642 0x1030  NetTcpActivator - ok
17:19:15.0658 0x1030  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0674 0x1030  NetTcpPortSharing - ok
17:19:15.0705 0x1030  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:19:15.0705 0x1030  nfrd960 - ok
17:19:15.0752 0x1030  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:19:15.0767 0x1030  NlaSvc - ok
17:19:15.0783 0x1030  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:19:15.0814 0x1030  Npfs - ok
17:19:15.0830 0x1030  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
17:19:15.0861 0x1030  nsi - ok
17:19:15.0861 0x1030  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:19:15.0892 0x1030  nsiproxy - ok
17:19:15.0970 0x1030  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:19:16.0001 0x1030  Ntfs - ok
17:19:16.0017 0x1030  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:19:16.0032 0x1030  Null - ok
17:19:16.0064 0x1030  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:19:16.0064 0x1030  nvraid - ok
17:19:16.0095 0x1030  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:19:16.0110 0x1030  nvstor - ok
17:19:16.0142 0x1030  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:19:16.0157 0x1030  nv_agp - ok
17:19:16.0188 0x1030  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:19:16.0204 0x1030  ohci1394 - ok
17:19:16.0298 0x1030  [ AC3F00222CB7A2677FD0C3412DF79D1C, 59FC8F41CA15ADED4E912691B8BC716CAA856346A9C371059B887E4621F33351 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:19:16.0329 0x1030  ose - ok
17:19:16.0516 0x1030  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:19:16.0625 0x1030  osppsvc - ok
17:19:16.0672 0x1030  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:19:16.0688 0x1030  p2pimsvc - ok
17:19:16.0703 0x1030  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:19:16.0719 0x1030  p2psvc - ok
17:19:16.0734 0x1030  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:19:16.0750 0x1030  Parport - ok
17:19:16.0766 0x1030  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:19:16.0781 0x1030  partmgr - ok
17:19:16.0797 0x1030  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:19:16.0812 0x1030  Parvdm - ok
17:19:16.0828 0x1030  [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:19:16.0844 0x1030  PcaSvc - ok
17:19:16.0875 0x1030  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
17:19:16.0890 0x1030  pci - ok
17:19:16.0922 0x1030  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:19:16.0937 0x1030  pciide - ok
17:19:16.0953 0x1030  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:19:16.0968 0x1030  pcmcia - ok
17:19:16.0968 0x1030  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:19:16.0984 0x1030  pcw - ok
17:19:17.0031 0x1030  [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:19:17.0046 0x1030  PEAUTH - ok
17:19:17.0093 0x1030  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:19:17.0124 0x1030  PeerDistSvc - ok
17:19:17.0202 0x1030  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
17:19:17.0249 0x1030  pla - ok
17:19:17.0296 0x1030  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:19:17.0312 0x1030  PlugPlay - ok
17:19:17.0327 0x1030  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:19:17.0343 0x1030  PNRPAutoReg - ok
17:19:17.0358 0x1030  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:19:17.0374 0x1030  PNRPsvc - ok
17:19:17.0405 0x1030  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:19:17.0421 0x1030  PolicyAgent - ok
17:19:17.0452 0x1030  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
17:19:17.0483 0x1030  Power - ok
17:19:17.0514 0x1030  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:19:17.0530 0x1030  PptpMiniport - ok
17:19:17.0561 0x1030  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:19:17.0577 0x1030  Processor - ok
17:19:17.0608 0x1030  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:19:17.0624 0x1030  ProfSvc - ok
17:19:17.0639 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:19:17.0655 0x1030  ProtectedStorage - ok
17:19:17.0670 0x1030  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:19:17.0702 0x1030  Psched - ok
17:19:17.0748 0x1030  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:19:17.0780 0x1030  ql2300 - ok
17:19:17.0795 0x1030  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:19:17.0811 0x1030  ql40xx - ok
17:19:17.0826 0x1030  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
17:19:17.0842 0x1030  QWAVE - ok
17:19:17.0858 0x1030  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:19:17.0873 0x1030  QWAVEdrv - ok
17:19:17.0951 0x1030  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:19:17.0967 0x1030  RapiMgr - ok
17:19:17.0982 0x1030  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:19:17.0998 0x1030  RasAcd - ok
17:19:18.0029 0x1030  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:19:18.0045 0x1030  RasAgileVpn - ok
17:19:18.0060 0x1030  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:19:18.0092 0x1030  RasAuto - ok
17:19:18.0092 0x1030  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:19:18.0123 0x1030  Rasl2tp - ok
17:19:18.0154 0x1030  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:19:18.0185 0x1030  RasMan - ok
17:19:18.0185 0x1030  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:19:18.0216 0x1030  RasPppoe - ok
17:19:18.0216 0x1030  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:19:18.0248 0x1030  RasSstp - ok
17:19:18.0263 0x1030  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:19:18.0294 0x1030  rdbss - ok
17:19:18.0294 0x1030  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:19:18.0310 0x1030  rdpbus - ok
17:19:18.0326 0x1030  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:19:18.0341 0x1030  RDPCDD - ok
17:19:18.0372 0x1030  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:19:18.0388 0x1030  RDPDR - ok
17:19:18.0404 0x1030  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:19:18.0435 0x1030  RDPENCDD - ok
17:19:18.0450 0x1030  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:19:18.0466 0x1030  RDPREFMP - ok
17:19:18.0544 0x1030  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:19:18.0560 0x1030  RdpVideoMiniport - ok
17:19:18.0606 0x1030  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:19:18.0638 0x1030  RDPWD - ok
17:19:18.0716 0x1030  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:19:18.0731 0x1030  rdyboost - ok
17:19:18.0747 0x1030  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:19:18.0778 0x1030  RemoteAccess - ok
17:19:18.0794 0x1030  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:19:18.0825 0x1030  RemoteRegistry - ok
17:19:18.0840 0x1030  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:19:18.0856 0x1030  RpcEptMapper - ok
17:19:18.0887 0x1030  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:19:18.0903 0x1030  RpcLocator - ok
17:19:18.0934 0x1030  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
17:19:18.0950 0x1030  RpcSs - ok
17:19:18.0965 0x1030  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:19:18.0996 0x1030  rspndr - ok
17:19:19.0012 0x1030  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:19:19.0028 0x1030  s3cap - ok
17:19:19.0043 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] SamSs           C:\Windows\system32\lsass.exe
17:19:19.0059 0x1030  SamSs - ok
17:19:19.0090 0x1030  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:19:19.0106 0x1030  sbp2port - ok
17:19:19.0121 0x1030  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:19:19.0152 0x1030  SCardSvr - ok
17:19:19.0168 0x1030  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:19:19.0184 0x1030  scfilter - ok
17:19:19.0277 0x1030  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
17:19:19.0324 0x1030  Schedule - ok
17:19:19.0355 0x1030  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:19:19.0371 0x1030  SCPolicySvc - ok
17:19:19.0402 0x1030  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:19:19.0418 0x1030  SDRSVC - ok
17:19:19.0511 0x1030  [ 206387AB881E93A1A6EB89966C8651F1, 3BF9DFF3E70F0787F7F94BE5B9717DFADD9E13AB8154FAE295CEAC834F0835E5 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
17:19:19.0527 0x1030  SDScannerService - ok
17:19:19.0605 0x1030  [ A529CFE32565C0B145578FFB2B32C9A5, 4B1596CBDDA74D510707FD475AAB3A89B1203E0B95ECAE3756CAA56555F9F66D ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:19:19.0652 0x1030  SDUpdateService - ok
17:19:19.0683 0x1030  [ CB63BDB77BB86549FC3303C2F11EDC18, 1C96C082B9CE08C8F3C088D5DE68BA8783E6F6A837A88E2654BC4CBCF7B81846 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:19:19.0698 0x1030  SDWSCService - ok
17:19:19.0761 0x1030  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:19:19.0776 0x1030  secdrv - ok
17:19:19.0808 0x1030  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
17:19:19.0823 0x1030  seclogon - ok
17:19:19.0839 0x1030  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
17:19:19.0870 0x1030  SENS - ok
17:19:19.0901 0x1030  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:19:19.0917 0x1030  SensrSvc - ok
17:19:19.0932 0x1030  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:19:19.0948 0x1030  Serenum - ok
17:19:19.0964 0x1030  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:19:19.0964 0x1030  Serial - ok
17:19:19.0979 0x1030  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:19:19.0995 0x1030  sermouse - ok
17:19:20.0026 0x1030  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:19:20.0042 0x1030  SessionEnv - ok
17:19:20.0073 0x1030  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:19:20.0073 0x1030  sffdisk - ok
17:19:20.0088 0x1030  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:19:20.0104 0x1030  sffp_mmc - ok
17:19:20.0104 0x1030  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:19:20.0120 0x1030  sffp_sd - ok
17:19:20.0135 0x1030  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:19:20.0151 0x1030  sfloppy - ok
17:19:20.0182 0x1030  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:19:20.0213 0x1030  SharedAccess - ok
17:19:20.0229 0x1030  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:19:20.0260 0x1030  ShellHWDetection - ok
17:19:20.0276 0x1030  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:19:20.0276 0x1030  sisagp - ok
17:19:20.0307 0x1030  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:19:20.0322 0x1030  SiSRaid2 - ok
17:19:20.0322 0x1030  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:19:20.0338 0x1030  SiSRaid4 - ok
17:19:20.0416 0x1030  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:19:20.0447 0x1030  SkypeUpdate - ok
17:19:20.0463 0x1030  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:19:20.0494 0x1030  Smb - ok
17:19:20.0572 0x1030  [ 43E51FC3E2008542A42ACAD282840D8C, 68557AAD48A32975C6723801227451843E1A7D0FDD2993FD1E7CD9C076E2D7D3 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
17:19:20.0603 0x1030  snapman - ok
17:19:20.0650 0x1030  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:19:20.0681 0x1030  SNMPTRAP - ok
17:19:20.0681 0x1030  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:19:20.0697 0x1030  spldr - ok
17:19:20.0759 0x1030  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
17:19:20.0775 0x1030  Spooler - ok
17:19:20.0915 0x1030  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:19:20.0993 0x1030  sppsvc - ok
17:19:21.0024 0x1030  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:19:21.0056 0x1030  sppuinotify - ok
17:19:21.0087 0x1030  [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:19:21.0102 0x1030  srv - ok
17:19:21.0134 0x1030  [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:19:21.0149 0x1030  srv2 - ok
17:19:21.0165 0x1030  [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:19:21.0165 0x1030  srvnet - ok
17:19:21.0180 0x1030  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:19:21.0212 0x1030  SSDPSRV - ok
17:19:21.0212 0x1030  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:19:21.0243 0x1030  SstpSvc - ok
17:19:21.0274 0x1030  [ ECAD7536931CDEC9988E64DDD9AC08DE, A0B582774123F09141A0C083CB15424B81A070737228DBF015FF59F99B44667B ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:19:21.0290 0x1030  ssudmdm - ok
17:19:21.0400 0x1030  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
17:19:21.0431 0x1030  ss_conn_service - ok
17:19:21.0447 0x1030  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:19:21.0462 0x1030  stexstor - ok
17:19:21.0478 0x1030  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:19:21.0509 0x1030  StiSvc - ok
17:19:21.0540 0x1030  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:19:21.0540 0x1030  storflt - ok
17:19:21.0571 0x1030  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
17:19:21.0571 0x1030  StorSvc - ok
17:19:21.0603 0x1030  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:19:21.0618 0x1030  storvsc - ok
17:19:21.0634 0x1030  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:19:21.0634 0x1030  swenum - ok
17:19:21.0665 0x1030  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
17:19:21.0696 0x1030  swprv - ok
17:19:21.0883 0x1030  [ D29491D27DEEBA168284FD71CDCCE204, 49491AF92831CDADE1749607E0CD65118C380BC2A51A0F62BC3E27DCF884C0F7 ] syncagentsrv    C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
17:19:22.0008 0x1030  syncagentsrv - ok
17:19:22.0071 0x1030  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
17:19:22.0102 0x1030  SysMain - ok
17:19:22.0117 0x1030  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:19:22.0133 0x1030  TabletInputService - ok
17:19:22.0164 0x1030  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:19:22.0180 0x1030  TapiSrv - ok
17:19:22.0273 0x1030  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:19:22.0320 0x1030  Tcpip - ok
17:19:22.0351 0x1030  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:19:22.0398 0x1030  TCPIP6 - ok
17:19:22.0445 0x1030  [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:19:22.0445 0x1030  tcpipreg - ok
17:19:22.0476 0x1030  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:19:22.0492 0x1030  TDPIPE - ok
17:19:22.0554 0x1030  [ EA97B9855D8F2C427CF96A2B63FAFE07, 5875A4A01566A8A10AE2C427A39C2A162BE4EF9DE0E674C3C5486AD78A249A14 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
17:19:22.0570 0x1030  tdrpman - ok
17:19:22.0632 0x1030  [ 3630F5B8181554DEECFE2E4252BC4C4C, 4C827CD4C3880854DE1CE232118F21E09A8731441D7203D5CA1ACBF8CDDF8B70 ] tdrpman251      C:\Windows\system32\DRIVERS\tdrpm251.sys
17:19:22.0648 0x1030  tdrpman251 - ok
17:19:22.0679 0x1030  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:19:22.0695 0x1030  TDTCP - ok
17:19:22.0741 0x1030  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:19:22.0741 0x1030  tdx - ok
17:19:23.0007 0x1030  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files\TeamViewer\TeamViewer_Service.exe
17:19:23.0163 0x1030  TeamViewer - ok
17:19:23.0209 0x1030  [ 9101FFFCFCCD1A30E870A5B8A9091B10, 58AAB0F6FF78FD0ECDD8D9DA1B6852E9E57E3DAA39489ABDDBA106ECE0B3BCA7 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
17:19:23.0225 0x1030  teamviewervpn - ok
17:19:23.0256 0x1030  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:19:23.0272 0x1030  TermDD - ok
17:19:23.0319 0x1030  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
17:19:23.0334 0x1030  TermService - ok
17:19:23.0381 0x1030  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:19:23.0412 0x1030  Themes - ok
17:19:23.0428 0x1030  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:19:23.0443 0x1030  THREADORDER - ok
17:19:23.0490 0x1030  [ 9853EFF7FB1AF233E05D2BC813FCEE8E, 6D1B89EFE167438ED506F8E2652151BD95CC6D318A64C3DACB5689E0118A7057 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
17:19:23.0521 0x1030  timounter - ok
17:19:23.0568 0x1030  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:19:23.0584 0x1030  TrkWks - ok
17:19:23.0646 0x1030  [ 21D940160C67ADE7448DAD6C1D504A62, FBF1DA642C06995AE958AB3ACF77211A0251A4B45816E8EB19F28A0AA3DEED51 ] Trufos          C:\Windows\system32\DRIVERS\Trufos.sys
17:19:23.0677 0x1030  Trufos - detected UnsignedFile.Multi.Generic ( 1 )
17:19:23.0989 0x1030  Detect skipped due to KSN trusted
17:19:23.0989 0x1030  Trufos - ok
17:19:24.0036 0x1030  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:19:24.0067 0x1030  TrustedInstaller - ok
17:19:24.0099 0x1030  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:19:24.0114 0x1030  tssecsrv - ok
17:19:24.0161 0x1030  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:19:24.0161 0x1030  TsUsbFlt - ok
17:19:24.0208 0x1030  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:19:24.0239 0x1030  tunnel - ok
17:19:24.0255 0x1030  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:19:24.0270 0x1030  uagp35 - ok
17:19:24.0286 0x1030  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:19:24.0317 0x1030  udfs - ok
17:19:24.0348 0x1030  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:19:24.0348 0x1030  UI0Detect - ok
17:19:24.0457 0x1030  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:19:24.0473 0x1030  uliagpkx - ok
17:19:24.0504 0x1030  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:19:24.0520 0x1030  umbus - ok
17:19:24.0535 0x1030  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:19:24.0551 0x1030  UmPass - ok
17:19:24.0582 0x1030  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:19:24.0598 0x1030  UmRdpService - ok
17:19:24.0613 0x1030  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:19:24.0645 0x1030  upnphost - ok
17:19:24.0660 0x1030  [ 5C2BDC152BBAB34F36473DEAF7713F22, DC7D6FD3BE2F4D8832BB62AB76E5332BB65255AB45F6E28E6B1991A976C1A058 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:19:24.0676 0x1030  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:19:24.0769 0x1030  Detect skipped due to KSN trusted
17:19:24.0769 0x1030  USBAAPL - ok
17:19:24.0801 0x1030  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:19:24.0816 0x1030  usbaudio - ok
17:19:24.0847 0x1030  [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
17:19:24.0847 0x1030  usbccgp - ok
17:19:24.0879 0x1030  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:19:24.0894 0x1030  usbcir - ok
17:19:24.0910 0x1030  [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:19:24.0925 0x1030  usbehci - ok
17:19:24.0972 0x1030  [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
17:19:25.0003 0x1030  usbhub - ok
17:19:25.0035 0x1030  [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:19:25.0050 0x1030  usbohci - ok
17:19:25.0066 0x1030  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:19:25.0081 0x1030  usbprint - ok
17:19:25.0113 0x1030  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
17:19:25.0128 0x1030  usbscan - ok
17:19:25.0159 0x1030  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:19:25.0175 0x1030  USBSTOR - ok
17:19:25.0191 0x1030  [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:19:25.0206 0x1030  usbuhci - ok
17:19:25.0237 0x1030  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
17:19:25.0253 0x1030  usb_rndisx - ok
17:19:25.0269 0x1030  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
17:19:25.0284 0x1030  UxSms - ok
17:19:25.0300 0x1030  [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] VaultSvc        C:\Windows\system32\lsass.exe
17:19:25.0315 0x1030  VaultSvc - ok
17:19:25.0347 0x1030  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:19:25.0362 0x1030  vdrvroot - ok
17:19:25.0393 0x1030  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
17:19:25.0425 0x1030  vds - ok
17:19:25.0440 0x1030  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:19:25.0456 0x1030  vga - ok
17:19:25.0456 0x1030  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:19:25.0487 0x1030  VgaSave - ok
17:19:25.0534 0x1030  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:19:25.0549 0x1030  vhdmp - ok
17:19:25.0581 0x1030  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:19:25.0581 0x1030  viaagp - ok
17:19:25.0612 0x1030  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:19:25.0612 0x1030  ViaC7 - ok
17:19:25.0643 0x1030  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:19:25.0659 0x1030  viaide - ok
17:19:25.0674 0x1030  [ D1771BEA464E5A521A8BEF86F2019A23, 6FED287CD62A7178ED7B8411FF4F2E87D9C03AB4C020C55FB926CD11CD2EF848 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
17:19:25.0690 0x1030  vididr - ok
17:19:25.0721 0x1030  [ 47AD209A231CA076E292AE207A61E2E3, F30ADE4FDD6FD7553E7DD705D39BA0C75CC8888A195912830D5C5FEE7970796B ] vidsflt58       C:\Windows\system32\DRIVERS\vsflt58.sys
17:19:25.0737 0x1030  vidsflt58 - ok
17:19:25.0752 0x1030  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:19:25.0752 0x1030  vmbus - ok
17:19:25.0783 0x1030  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:19:25.0783 0x1030  VMBusHID - ok
17:19:25.0815 0x1030  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:19:25.0830 0x1030  volmgr - ok
17:19:25.0846 0x1030  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:19:25.0861 0x1030  volmgrx - ok
17:19:25.0893 0x1030  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:19:25.0908 0x1030  volsnap - ok
17:19:25.0924 0x1030  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:19:25.0939 0x1030  vsmraid - ok
17:19:26.0017 0x1030  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
17:19:26.0064 0x1030  VSS - ok
17:19:26.0080 0x1030  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:19:26.0095 0x1030  vwifibus - ok
17:19:26.0127 0x1030  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
17:19:26.0158 0x1030  W32Time - ok
17:19:26.0189 0x1030  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:19:26.0205 0x1030  WacomPen - ok
17:19:26.0236 0x1030  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:19:26.0267 0x1030  WANARP - ok
17:19:26.0267 0x1030  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:19:26.0283 0x1030  Wanarpv6 - ok
17:19:26.0376 0x1030  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:19:26.0423 0x1030  WatAdminSvc - ok
17:19:26.0454 0x1030  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:19:26.0485 0x1030  wbengine - ok
17:19:26.0501 0x1030  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:19:26.0517 0x1030  WbioSrvc - ok
17:19:26.0548 0x1030  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:19:26.0563 0x1030  WcesComm - ok
17:19:26.0595 0x1030  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:19:26.0626 0x1030  wcncsvc - ok
17:19:26.0626 0x1030  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:19:26.0641 0x1030  WcsPlugInService - ok
17:19:26.0657 0x1030  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:19:26.0673 0x1030  Wd - ok
17:19:26.0704 0x1030  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:19:26.0719 0x1030  Wdf01000 - ok
17:19:26.0751 0x1030  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:19:26.0766 0x1030  WdiServiceHost - ok
17:19:26.0782 0x1030  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:19:26.0782 0x1030  WdiSystemHost - ok
17:19:26.0813 0x1030  [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient       C:\Windows\System32\webclnt.dll
17:19:26.0829 0x1030  WebClient - ok
17:19:26.0844 0x1030  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:19:26.0875 0x1030  Wecsvc - ok
17:19:26.0875 0x1030  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:19:26.0907 0x1030  wercplsupport - ok
17:19:26.0922 0x1030  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:19:26.0953 0x1030  WerSvc - ok
17:19:26.0953 0x1030  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:19:26.0985 0x1030  WfpLwf - ok
17:19:26.0985 0x1030  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:19:27.0000 0x1030  WIMMount - ok
17:19:27.0063 0x1030  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:19:27.0094 0x1030  WinDefend - ok
17:19:27.0109 0x1030  WinHttpAutoProxySvc - ok
17:19:27.0156 0x1030  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:19:27.0187 0x1030  Winmgmt - ok
17:19:27.0250 0x1030  [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:19:27.0281 0x1030  WinRM - ok
17:19:27.0328 0x1030  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:19:27.0343 0x1030  WinUsb - ok
17:19:27.0359 0x1030  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:19:27.0390 0x1030  Wlansvc - ok
17:19:27.0484 0x1030  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:19:27.0515 0x1030  wlidsvc - ok
17:19:27.0546 0x1030  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:19:27.0562 0x1030  WmiAcpi - ok
17:19:27.0577 0x1030  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:19:27.0593 0x1030  wmiApSrv - ok
17:19:27.0671 0x1030  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:19:27.0702 0x1030  WMPNetworkSvc - ok
17:19:27.0718 0x1030  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:19:27.0733 0x1030  WPCSvc - ok
17:19:27.0765 0x1030  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:19:27.0780 0x1030  WPDBusEnum - ok
17:19:27.0811 0x1030  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:19:27.0843 0x1030  ws2ifsl - ok
17:19:27.0874 0x1030  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:19:27.0889 0x1030  wscsvc - ok
17:19:27.0889 0x1030  WSearch - ok
17:19:27.0967 0x1030  [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:19:28.0030 0x1030  wuauserv - ok
17:19:28.0061 0x1030  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:19:28.0077 0x1030  WudfPf - ok
17:19:28.0077 0x1030  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:19:28.0092 0x1030  WUDFRd - ok
17:19:28.0108 0x1030  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:19:28.0123 0x1030  wudfsvc - ok
17:19:28.0155 0x1030  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:19:28.0170 0x1030  WwanSvc - ok
17:19:28.0186 0x1030  ================ Scan global ===============================
17:19:28.0217 0x1030  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:19:28.0248 0x1030  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
17:19:28.0264 0x1030  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
17:19:28.0295 0x1030  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:19:28.0326 0x1030  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:19:28.0326 0x1030  [ Global ] - ok
17:19:28.0326 0x1030  ================ Scan MBR ==================================
17:19:28.0342 0x1030  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:19:28.0638 0x1030  \Device\Harddisk0\DR0 - ok
17:19:28.0638 0x1030  ================ Scan VBR ==================================
17:19:28.0638 0x1030  [ E93D927090D6C0031B68BDAC43F42231 ] \Device\Harddisk0\DR0\Partition1
17:19:28.0638 0x1030  \Device\Harddisk0\DR0\Partition1 - ok
17:19:28.0654 0x1030  [ 2ADAAF21787D79741CE88DEA419DC039 ] \Device\Harddisk0\DR0\Partition2
17:19:28.0654 0x1030  \Device\Harddisk0\DR0\Partition2 - ok
17:19:28.0654 0x1030  [ 00BCF2316C109D37B48F3F15FC094BB5 ] \Device\Harddisk0\DR0\Partition3
17:19:28.0654 0x1030  \Device\Harddisk0\DR0\Partition3 - ok
17:19:28.0654 0x1030  ================ Scan generic autorun ======================
17:19:28.0872 0x1030  [ BF921C95D3F0AAC1E2479D6D864469D3, CA5341811D79F6B780FAE1E51444ACD6F89627C702A2EC4562D8B07149A6438F ] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
17:19:28.0981 0x1030  TrueImageMonitor.exe - ok
17:19:29.0106 0x1030  [ B5A4EBA9487F08BECC843A87422B8052, EA905E9169CE8C934F2D6F7E319A75E31EA9E1840CC455298BEB3F92E22FCAAE ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
17:19:29.0200 0x1030  SDTray - ok
17:19:29.0340 0x1030  [ CA17F675E133E506589EA1049225D6EB, 9B9BDE5FF8FCD73A43625C74BE16B60F422D4DF32A32EE77745DAA287DAEFF0C ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:19:29.0418 0x1030  EvtMgr6 - ok
17:19:29.0871 0x1030  [ C6EA8429C22C53BC7A738FFEC4831429, BF0B2C1F38F2DDE284C20CA0C4027495F52E52B35B846A1F655C6670816552C8 ] C:\Program Files\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
17:19:29.0964 0x1030  GwxControlPanelMonitor - ok
17:19:30.0136 0x1030  [ D58FAFFD288F11B93ACBE9F93D7F3C66, 8B4E876FF3A340595DCB812BDA8C0EE7CC452AEC0CEB2CDFEE09775D6EF657B1 ] C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
17:19:30.0183 0x1030  Adobe Creative Cloud - ok
17:19:30.0276 0x1030  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:19:30.0307 0x1030  Sidebar - ok
17:19:30.0339 0x1030  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:19:30.0354 0x1030  mctadmin - ok
17:19:30.0401 0x1030  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:19:30.0432 0x1030  Sidebar - ok
17:19:30.0448 0x1030  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:19:30.0463 0x1030  mctadmin - ok
17:19:30.0510 0x1030  [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:30.0526 0x1030  EPSON BX300F Series - ok
17:19:30.0682 0x1030  [ 1B2B3215F4B6B735813844AC1769E239, FCC4D5E52329531904637C19F0BA6EBD857CDFB814D3DCD799062D049FF2E485 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
17:19:30.0760 0x1030  Spybot-S&D Cleaning - ok
17:19:30.0963 0x1030  [ C2C9E42D6C51E99C1BAB44F108E8851C, F513A2FCE15AD1F7C4A8A4E67CA2C9613EE305FAAE8D674BC3019A96DEEDFF61 ] C:\Program Files\CCleaner\CCleaner.exe
17:19:31.0103 0x1030  CCleaner Monitoring - ok
17:19:31.0150 0x1030  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Wyss Markus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:19:31.0181 0x1030  Dropbox Update - ok
17:19:31.0259 0x1030  [ B393991F172F1A26EEF065E1D114825A, 4BC4EBC5A1400482BD2C09EE8D3C6FFA2E73D89152CC4DF0B697BFC55C29AF2C ] C:\Users\Wyss Markus\AppData\Local\Programs\CodeTwo\Email Signatures Client App\EmailSignatures.Client.exe
17:19:31.0275 0x1030  CodeTwo Email Signatures - ok
17:19:31.0290 0x1030  [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:31.0306 0x1030  EPSON BX300F Series (Kopie 2) - ok
17:19:31.0415 0x1030  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:19:31.0446 0x1030  Dropbox Update - ok
17:19:31.0633 0x1030  [ C2C9E42D6C51E99C1BAB44F108E8851C, F513A2FCE15AD1F7C4A8A4E67CA2C9613EE305FAAE8D674BC3019A96DEEDFF61 ] C:\Program Files\CCleaner\CCleaner.exe
17:19:31.0774 0x1030  CCleaner Monitoring - ok
17:19:31.0805 0x1030  [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:31.0805 0x1030  EPSON BX300F Series - ok
17:19:31.0821 0x1030  Waiting for KSN requests completion. In queue: 168
17:19:32.0866 0x1030  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
17:19:32.0866 0x1030  Win FW state via NFP2: enabled ( trusted )
17:19:33.0022 0x1030  ============================================================
17:19:33.0022 0x1030  Scan finished
17:19:33.0022 0x1030  ============================================================
17:19:33.0022 0x02b8  Detected object count: 0
17:19:33.0022 0x02b8  Actual detected object count: 0
         

Alt 26.10.2016, 09:36   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



Log von MBAR fehlt. Dafür hast du schon adwCleaner gemacht, obwohl das noch garnicht als Schritt aufgeführt war
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.10.2016, 11:50   #13
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

Sorry



Ups Sorry....hier:
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/10/26 10:54:44 +0200</date>
<logfile>mbam-log-2016-10-26 (10-54-39).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.10.26.02</malware-database>
<rootkit-database>v2016.09.26.02</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>HostName</hostname>
<ip>192.168.1.102</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x86</arch>
<username>Markusli</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>429703</objects>
<time>1627</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
         
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.686306+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="c702b82c-8ace-496d-835c-6983b5a3ec5a" result="Starting" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.686306+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="1d6a0725-4277-476a-951e-ee3ae0ea24e7" result="Started" subtype="Malware Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.701906+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="ce94d26c-0610-4c62-8a44-8bffb8cda715" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:10.943515+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="9e0b2f04-952d-4321-ac71-93129a6962c1" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-10-26T10:14:48.418678+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="Systemname" fromVersion="2016.10.25.1" last_modified_tag="615dc59e-3a0a-4594-adec-4900999d0b92" name="Domain Database" toVersion="2016.10.25.5"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-10-26T10:14:53.254687+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="Systemname" fromVersion="2016.10.25.11" last_modified_tag="0bd56c41-a2b0-4ba9-8b94-3d76a3b7bc30" name="Malware Database" toVersion="2016.10.26.2"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.301487+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="79304081-783c-4a5d-b524-aff40d9a5e0a" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.317087+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="49dd5cca-ae36-4629-981a-e6c8b56512f3" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.909888+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="366cec05-8a74-405f-973c-2012597cb447" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:22.021137+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="9b2dc4ae-1896-42d1-aee6-07d4c64faf4d" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:22.036737+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="b2270a1a-fcac-4081-bae8-316153dade1d" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:24.860342+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="da91235f-5492-498f-ad47-fee43909efe9" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-10-26T10:54:44+02:00" datetime="2016-10-26T11:21:51.757837+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="Systemname" last_modified_tag="3ceb1533-8c6d-48c8-b38b-9f7f1bd3acfb" duration="1627" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
   <record severity="debug" LoggingEventType="1" datetime="2016-10-26T11:42:44.634474+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SystemName" fromVersion="2016.10.26.2" last_modified_tag="f5050e79-73b4-4f2e-bca6-271fb928b6f7" name="Malware Database" toVersion="2016.10.26.3"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:44.695477+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="efa349a4-5a3a-47d4-b7ea-8f1e535cef73" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:44.705478+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="7faf7464-7e81-429c-b9ef-69c6c63287aa" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:46.711592+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="81a12116-31a6-4f78-a63b-dff04f3337aa" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:15.710251+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="2fcbdb26-7a73-4c2a-96bb-3d1d5656a3a1" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:15.727252+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="7cb3e2aa-48df-4fd0-aa24-91a7bb2e5200" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:18.738424+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="cc6a0204-2f25-4f18-bc60-3503906637b8" result="Started" subtype="Malicious Website Protection"></record>
</logs>
         

Alt 26.10.2016, 11:53   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

PCKeeper und Spacekace auf W7 Prof gefunden.



Anleitungen bitte richtig lesen!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.10.2016, 18:23   #15
Markusli
 
PCKeeper und Spacekace auf W7 Prof gefunden. - Standard

Sorry



Ja sorry...hatte die Anleitung schon gelesen und die Scans am Vortag auch schon gemacht...daher falsches Log gepostet. Aber was ist nun damit???

Antwort

Themen zu PCKeeper und Spacekace auf W7 Prof gefunden.
adwcleaner, ansehen, auf werbung umgeleitet, danke, datei, first, gefunde, gescannt, gestern, mbam, nochmals, ordner, pckeeper, phänomen, probleme, rechner, spacekace, spybot, tdsskiller, umgeleitet, verschwunden, websites, werbung



Ähnliche Themen: PCKeeper und Spacekace auf W7 Prof gefunden.


  1. Windows 8.1 - PCKeeper: Reste entfernen
    Log-Analyse und Auswertung - 07.09.2016 (22)
  2. Windows 7: PCKeeper ungefragt aufgetaucht, lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 17.05.2016 (14)
  3. Ordner Spacekace in C: gefunden - was kann ich tun?
    Log-Analyse und Auswertung - 02.05.2016 (11)
  4. Spacekace-Ordner
    Plagegeister aller Art und deren Bekämpfung - 10.03.2016 (3)
  5. Spacekace Ordner gefunden
    Lob, Kritik und Wünsche - 15.02.2016 (1)
  6. Spacekace Ordner gefunden
    Plagegeister aller Art und deren Bekämpfung - 14.02.2016 (20)
  7. Spacekace Ordner auf C: gefunden
    Plagegeister aller Art und deren Bekämpfung - 07.01.2016 (7)
  8. spacekace
    Mülltonne - 07.01.2016 (1)
  9. Spacekace?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2015 (9)
  10. Ordner Spacekace auf Laufwerk C
    Plagegeister aller Art und deren Bekämpfung - 02.10.2015 (23)
  11. Spacekace Ordner -was ist das
    Plagegeister aller Art und deren Bekämpfung - 05.09.2015 (11)
  12. Ordner spacekace auf C - Was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2015 (8)
  13. Spacekace Ordner auf Festplatte C gefunden... Virus?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (9)
  14. Spacekace auf c/ und JS Crossraider B
    Log-Analyse und Auswertung - 09.06.2015 (13)
  15. Habe Ordner "Spacekace" in C:\ gefunden. Ist das ein Virus?
    Log-Analyse und Auswertung - 08.03.2015 (13)
  16. Spacekace deliverysystem-log in C:\Spacekace
    Plagegeister aller Art und deren Bekämpfung - 29.01.2015 (5)
  17. XP Prof.: TR/Kazy.271313 und TR/Urausy.65024584 durch AV gefunden
    Log-Analyse und Auswertung - 03.11.2013 (11)

Zum Thema PCKeeper und Spacekace auf W7 Prof gefunden. - Ich habe seit Gestern auf dem Rechner das Phänomen das Websites auf Werbung umgeleitet wird. Habe alles gescannt mit Kaspesky, SpyBot, sowie TDSSKiller / ADWCleaner / MBAM und JRT. Nun - PCKeeper und Spacekace auf W7 Prof gefunden....
Archiv
Du betrachtest: PCKeeper und Spacekace auf W7 Prof gefunden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.