| |
| |||||||
Log-Analyse und Auswertung: PCKeeper und Spacekace auf W7 Prof gefunden.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
25.10.2016, 11:49
| #1 |
 |  PCKeeper und Spacekace auf W7 Prof gefunden. Ich habe seit Gestern auf dem Rechner das Phänomen das Websites auf Werbung umgeleitet wird. Habe alles gescannt mit Kaspesky, SpyBot, sowie TDSSKiller / ADWCleaner / MBAM und JRT. Nun sind die Probleme verschwunden, habe aber noch den Ordner Spacekace mit der Datei staticbuild-log.log drin. Habe nun alles nochmals mit First gescannt. Könnt Ihr die Logs mal ansehen? Danke! |
|
25.10.2016, 12:44
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PCKeeper und Spacekace auf W7 Prof gefunden. Hi und
__________________ Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
25.10.2016, 13:42
| #3 |
| | Versuch Logs richtig zu posten: First.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2016 durchgeführt von Markusli (Administrator) auf MARKUSW (25-10-2016 12:14:15) Gestartet von C:\Users\Markusli\Downloads\Tools\ScannerTools Geladene Profile: Markusli (Verfügbare Profile: Markusli & brigitta & Administrator) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe (Garmin Ltd. or its subsidiaries) C:\Program Files\Garmin\Device Interaction Service\GarminService.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe (Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Dropbox, Inc.) C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5970024 2011-08-21] (Acronis) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.) HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-02] (UltimateOutsider) HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-18] (Adobe Systems Incorporated) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25] (Logitech, Inc.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [EPSON BX300F Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928 2008-01-22] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd) HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [Dropbox Update] => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.) HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Run: [CodeTwo Email Signatures] => C:\Users\Markusli\AppData\Local\Programs\CodeTwo\Email Signatures Client App\EmailSignatures.Client.exe [513256 2015-02-10] (CodeTwo) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-18] () ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.) Startup: C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-07-10] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-05-16] ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Keine Datei) Startup: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-10-11] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-14] ShortcutTarget: Dropbox.lnk -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7DFDA5D0-939A-46B8-A757-2A7B993185E3}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ww7.autotask.net/ BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO) BHO: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation) BHO: Kein Name -> {53707962-6F74-2D53-2644-206D7942484F} -> Keine Datei BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] () BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-03] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-03] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-02-28] (Kaspersky Lab ZAO) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] () Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) Toolbar: HKU\S-1-5-21-95033592-1126372089-4278029988-1000 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Keine Datei Toolbar: HKU\S-1-5-21-95033592-1126372089-4278029988-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] () DPF: {2685176A-3502-47BB-B91D-BD28CA2A06A0} hxxps://www.autotask.net/Public/BrowserDetect/AT_ActiveX_Test.CAB DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} DPF: {D27CDB6E-AE6D-11CF-96B8-444553540002} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540003} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-03] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: d4zn4vbf.default-1392138883385 FF ProfilePath: C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385 [2016-10-25] FF Extension: (IE Tab +) - C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385\Extensions\coralietab@mozdev.org [2016-04-28] FF Extension: (Google Analytics Debugger) - C:\Users\Markusli\AppData\Roaming\Mozilla\Firefox\Profiles\d4zn4vbf.default-1392138883385\Extensions\gadebugger@browserextensions.keithclark.co.uk.xpi [2016-08-18] FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-10-06] [ist nicht signiert] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-10-06] [ist nicht signiert] FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: (Dangerous Websites Blocker) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-28] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: (Virtual Keyboard) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-28] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-20] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-11-06] (Adobe Systems, Inc.) FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation) FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-02-28] () FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-02-28] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-03] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-03] (Microsoft Corporation) FF Plugin: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-18] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll [2008-02-22] () FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.ch/ CHR StartupUrls: Default -> "hxxp://www.googlewatchblog.de/" CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\pdf.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\53.0.2785.143\gcswf32.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll => Keine Datei CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Program Files\Mozilla Firefox\plugins\NPPDLicenseHelper.dll () CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll => Keine Datei CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei CHR Plugin: (Google Update) - C:\Users\Markusli\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Profile: C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default [2016-10-25] CHR Extension: (All Java Sources) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleifhehdjlljnlbaplopcbnbgifpphg [2015-05-12] CHR Extension: (YouTube) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (CallVia3CX) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhghpchainbpodkpnhppcoefnbjaonj [2016-10-18] CHR Extension: (Google-Suche) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Kaspersky Protection) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-02] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-05-12] CHR Extension: (Stylish) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-05] CHR Extension: (Page Analytics (by Google)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-06-14] CHR Extension: (Balsamiq Mockups 3 (FREE TRIAL)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\iedapplgopkgngalkbailjoikghljkki [2016-10-11] CHR Extension: (WhatFont) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-16] CHR Extension: (Tag Assistant (by Google)) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-07-08] CHR Extension: (Skype) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-21] CHR Extension: (Google Maps) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-19] CHR Extension: (Simple Bookmarks) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg [2016-08-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05] CHR Extension: (Audio Converter) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2016-07-10] CHR Extension: (Long Tail Keyword Tool Pro) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgaibbfggpdeokldjpldejliojjedep [2015-05-12] CHR Extension: (Google Mail) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Chrome Media Router) - C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-26] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [809224 2011-08-21] (Acronis) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-02-22] () [Datei ist nicht signiert] R2 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-18] (Adobe Systems Incorporated) S3 AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [61440 2003-10-13] (Adobe Sytems) [Datei ist nicht signiert] R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3446736 2011-12-13] (Acronis) R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated) R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) S4 Bdahstsvcrvp; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2115840 2016-10-03] (Microsoft Corporation) R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert] R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [Datei ist nicht signiert] R2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries) S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2010-02-15] () [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [5787584 2011-09-19] (Acronis) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH) S3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [327368 2010-07-09] (BitDefender) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [Datei ist nicht signiert] R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [119816 2015-02-28] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [36536 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [673976 2015-03-12] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [64200 2015-02-28] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO) R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.) R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2011-05-17] (hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-25] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2012-11-28] (TeamViewer GmbH) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [766208 2011-12-13] (Acronis) R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [902432 2010-02-13] (Acronis) S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2013-10-17] (TeamViewer GmbH) R2 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [253072 2010-07-27] (BitDefender S.R.L.) [Datei ist nicht signiert] S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [Datei ist nicht signiert] R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [126112 2011-12-13] (Acronis) R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [84512 2011-12-13] (Acronis) S3 bdselfpr; \??\C:\Users\WYSSMA~1\AppData\Local\Temp\RarSFX0\bdselfpr.sys [X] S1 MoboroboAssDriver; SysWOW64\drivers\MoboroboAssDriver64.sys [X] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-25 12:14 - 2016-10-25 12:14 - 00000000 ____D C:\FRST 2016-10-25 09:51 - 2016-10-25 09:51 - 00153784 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\FDBC21FD.sys 2016-10-25 09:42 - 2016-10-25 09:42 - 00002658 _____ C:\Users\Markusli\Desktop\JRT.txt 2016-10-25 08:54 - 2016-10-25 11:39 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-10-25 08:53 - 2016-10-25 08:53 - 00001060 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-10-25 08:53 - 2016-10-25 08:53 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2016-10-25 08:53 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-10-25 08:53 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-10-25 08:53 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-10-25 08:34 - 2016-10-25 09:44 - 00000000 ____D C:\AdwCleaner 2016-10-24 20:55 - 2016-09-15 16:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-10-24 20:55 - 2016-09-13 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-10-24 20:55 - 2016-09-09 20:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-10-24 20:55 - 2016-08-21 15:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-10-24 20:05 - 2016-10-24 20:05 - 00000000 ____D C:\KVRT_Data 2016-10-24 20:04 - 2016-10-24 20:04 - 100788056 _____ (Kaspersky Lab ZAO) C:\Users\brigitta\Downloads\KVRT.exe 2016-10-23 10:36 - 2016-10-23 10:36 - 02137477 _____ C:\Users\Markusli\Desktop\CARTEC-WheelDoctor.pdf 2016-10-21 13:42 - 2016-10-21 13:42 - 00176226 _____ C:\Users\Markusli\Downloads\Nutzungsbestimmungen_Valiant_DE (1).pdf 2016-10-21 13:40 - 2016-10-21 13:40 - 00152260 _____ C:\Users\Markusli\Downloads\Brief_D.pdf 2016-10-21 13:37 - 2016-10-21 13:37 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-10-21 13:37 - 2016-10-21 13:37 - 00001107 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2016-10-20 15:27 - 2016-10-20 15:27 - 00106295 _____ C:\Users\Markusli\Downloads\Ausstellungsflyer.pdf 2016-10-20 15:27 - 2016-10-20 15:27 - 00106295 _____ C:\Users\Markusli\Downloads\Ausstellungsflyer (1).pdf 2016-10-20 15:01 - 2016-10-20 15:01 - 00008406 _____ C:\Users\Markusli\Downloads\test3.pdf 2016-10-20 15:01 - 2016-10-20 15:01 - 00008406 _____ C:\Users\Markusli\Downloads\test3 (1).pdf 2016-10-20 10:57 - 2016-10-20 10:57 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign84fa37de6054094e 2016-10-20 10:57 - 2016-10-20 10:57 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign508c0fe5c3bb4564 2016-10-19 23:09 - 2016-10-19 23:09 - 00000000 ____D C:\Windows\system32\Neuer Ordner 2016-10-18 14:45 - 2016-10-18 14:45 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign70553ae5ee3b2b52 2016-10-18 13:42 - 2016-10-18 13:42 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-10-15 19:18 - 2016-10-15 19:18 - 00200430 _____ C:\Users\brigitta\Downloads\Fachfrau_mann Gesundheit EFZ_60-100%.pdf 2016-10-15 18:51 - 2016-10-15 18:51 - 00000000 ____D C:\Users\brigitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-10-14 16:17 - 2016-10-14 16:17 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-10-14 15:25 - 2016-10-14 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsigna1790ed0c5442326 2016-10-14 15:25 - 2016-10-14 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign4eb7d306786be687 2016-10-14 09:50 - 2016-10-14 09:50 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign915d0e6b59da9f94 2016-10-14 09:49 - 2016-10-14 09:49 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign72fb5a96292f0196 2016-10-14 09:49 - 2016-10-14 09:49 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign588ea06d0e35c97b 2016-10-14 09:12 - 2016-09-12 22:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-10-14 09:12 - 2016-09-12 22:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-10-14 09:12 - 2016-09-09 17:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-10-14 09:12 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-10-14 09:12 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-10-14 09:12 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-10-14 09:12 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-10-14 09:12 - 2016-08-16 22:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-10-14 09:12 - 2016-08-16 22:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-10-14 09:12 - 2016-08-16 22:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-10-14 09:12 - 2016-08-16 22:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-10-14 09:12 - 2016-08-16 22:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2016-10-14 09:12 - 2016-08-16 22:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2016-10-14 09:12 - 2016-08-16 22:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-10-13 18:05 - 2016-10-13 18:05 - 00000000 ____D C:\Users\Markusli\Downloads\specimen_files 2016-10-13 17:40 - 2016-10-13 17:41 - 00000000 ____D C:\Users\Markusli\Downloads\FFFago 2016-10-13 15:27 - 2016-10-13 15:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignb406a27479eb4f9e 2016-10-13 15:25 - 2016-10-13 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignfea8baf83151965b 2016-10-13 15:25 - 2016-10-13 15:25 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign4c7e5a0eec404810 2016-10-13 10:55 - 2016-10-13 10:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign80de9a5bb2d5caf2 2016-10-13 10:53 - 2016-10-13 10:53 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign8f3c3eb662157b9e 2016-10-13 10:53 - 2016-10-13 10:53 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign21e7572e9ef18e36 2016-10-13 08:16 - 2016-10-13 08:16 - 00000393 _____ C:\Users\Markusli\Downloads\EmailFormData_13_10_2016_UID_1.xml 2016-10-13 08:15 - 2016-10-13 08:15 - 00001274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5 (32 Bit).lnk 2016-10-12 09:56 - 2016-10-12 09:56 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign7b2adde925eb3daf 2016-10-12 09:55 - 2016-10-12 09:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign784ce3f43dda2c9a 2016-10-12 09:55 - 2016-10-12 09:55 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign3b8aeab48aaba224 2016-10-12 09:46 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-10-12 09:46 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-10-12 09:46 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-10-12 09:46 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-10-12 09:46 - 2016-09-30 07:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-10-12 09:46 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-10-12 09:46 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-10-12 09:46 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-10-12 09:46 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-10-12 09:46 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-10-12 09:46 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-10-12 09:46 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-10-12 09:46 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-10-12 09:46 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-10-12 09:46 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-10-12 09:46 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-10-12 09:46 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-10-12 09:46 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-10-12 09:46 - 2016-09-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-10-12 09:46 - 2016-09-30 07:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-10-12 09:46 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-10-12 09:46 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-10-12 09:46 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-10-12 09:46 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-10-12 09:46 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-10-12 09:46 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-10-12 09:46 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-10-12 09:46 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-10-12 09:46 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-10-12 09:46 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-10-12 09:46 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-10-12 09:46 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-10-12 09:46 - 2016-09-30 07:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-10-12 09:46 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-10-12 09:46 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-10-12 09:46 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-10-12 09:46 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-10-12 09:46 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-10-12 09:46 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-10-12 09:46 - 2016-09-12 22:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-10-12 09:46 - 2016-09-12 22:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-10-12 09:46 - 2016-09-12 22:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-10-12 09:46 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-10-12 09:46 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-10-12 09:46 - 2016-09-12 22:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-10-12 09:46 - 2016-09-12 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-10-12 09:46 - 2016-09-12 22:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-10-12 09:46 - 2016-09-12 22:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-10-12 09:46 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-10-12 09:46 - 2016-09-12 22:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-10-12 09:46 - 2016-09-12 22:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-10-12 09:46 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-10-12 09:46 - 2016-09-12 21:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-10-12 09:46 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-10-12 09:46 - 2016-09-09 20:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-10-12 09:46 - 2016-09-09 20:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-10-12 09:46 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-10-12 09:46 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-10-12 09:46 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-10-12 09:46 - 2016-09-09 19:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-10-12 09:46 - 2016-09-09 19:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-10-12 09:46 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-10-12 09:46 - 2016-09-09 19:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-10-12 09:46 - 2016-09-09 19:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-10-12 09:46 - 2016-09-09 19:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-10-12 09:46 - 2016-09-09 19:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-10-12 09:46 - 2016-09-09 19:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-10-12 09:46 - 2016-09-09 19:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-10-12 09:46 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-10-12 09:46 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-10-12 09:46 - 2016-09-08 16:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-10-12 09:46 - 2016-09-08 16:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-10-12 09:46 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-10-12 09:46 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-10-12 09:46 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-10-12 09:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-10-12 09:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-10-12 09:46 - 2016-08-12 18:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-10-12 09:46 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-10-12 09:46 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-10-12 09:46 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-10-12 09:46 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-10-12 09:46 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2016-10-12 09:46 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-10-12 09:46 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-10-12 09:46 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2016-10-12 09:46 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-10-12 09:46 - 2016-06-14 17:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-10-12 09:46 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-10-12 09:46 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-10-12 09:46 - 2016-06-14 17:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-10-12 09:46 - 2016-06-14 17:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-10-12 09:46 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-10-12 09:46 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-10-12 09:46 - 2016-06-14 17:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-10-12 09:46 - 2016-06-14 16:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-10-12 09:46 - 2016-06-14 16:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-10-12 09:46 - 2016-06-14 16:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignb54e5819f0913fcd 2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign13d3e7dbd8ea765e 2016-10-11 17:27 - 2016-10-11 17:27 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign1246b9e1debc113a 2016-10-11 17:00 - 2016-10-11 17:00 - 02525243 _____ C:\Users\Markusli\Downloads\tcs-winterreifentest-2016-resultate.pdf 2016-10-11 17:00 - 2016-10-11 17:00 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de (2).pdf 2016-10-11 16:42 - 2016-10-11 16:42 - 00159808 _____ C:\Users\Markusli\Downloads\Invoice no. 60172138.pdf 2016-10-11 11:05 - 2016-10-11 11:05 - 00000000 ____D C:\Users\Markusli\.cnlab 2016-10-11 11:04 - 2016-10-11 11:04 - 00002067 _____ C:\Users\Markusli\Desktop\cnlabSpeedTest.lnk 2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cnlab AG 2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Local\cnlabSpeedTest 2016-10-11 11:04 - 2016-10-11 11:04 - 00000000 ____D C:\Users\Markusli\.oracle_jre_usage 2016-10-09 20:20 - 2016-10-09 20:25 - 01598396 _____ C:\Users\Markusli\Desktop\RechnungSTRaphael010.pdf 2016-10-09 20:16 - 2016-10-09 20:16 - 00348099 _____ C:\Users\Markusli\Desktop\RechnungDyson009.pdf 2016-10-09 14:11 - 2016-10-09 14:11 - 00092992 _____ C:\Users\brigitta\Downloads\2016_09_29-1-Einzelanzeige.pdf 2016-10-07 09:33 - 2016-10-25 08:03 - 00000000 ____D C:\Users\Public\Documents\AdobeGC 2016-10-06 18:36 - 2016-10-09 11:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-10-04 09:17 - 2016-10-04 09:17 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignef81189e91c568da 2016-10-04 09:16 - 2016-10-04 09:16 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsigne071913efe331e88 2016-10-04 09:16 - 2016-10-04 09:16 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign6064faa39ebcbcc6 2016-10-04 08:47 - 2016-10-04 08:47 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsignc5b0fb80461fef43 2016-10-04 08:47 - 2016-10-04 08:47 - 00000000 ____D C:\Users\Markusli\AppData\Local\Tempzxpsign1d8f09451e3d1bd7 2016-10-04 08:40 - 2016-10-09 20:14 - 00116903 _____ C:\Users\Markusli\Desktop\RechnungTierarzt008.pdf 2016-09-30 11:05 - 2016-09-30 11:05 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de (1).pdf 2016-09-30 11:03 - 2016-09-30 11:03 - 01587000 _____ C:\Users\Markusli\Downloads\dimension-wr-2016-225-45-R17-91H-de.pdf 2016-09-30 10:35 - 2016-09-30 10:35 - 00176226 _____ C:\Users\Markusli\Downloads\Nutzungsbestimmungen_Valiant_DE.pdf 2016-09-28 11:08 - 2016-09-28 11:09 - 00208226 _____ C:\Users\Administrator\Documents\cc_20160928_110850.reg ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-25 12:14 - 2015-06-19 11:04 - 00001248 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA.job 2016-10-25 12:02 - 2015-06-20 17:04 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA.job 2016-10-25 11:59 - 2012-08-30 16:30 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-25 09:59 - 2012-08-30 16:30 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-25 09:53 - 2010-02-14 11:21 - 00000000 ____D C:\Users\Administrator 2016-10-25 09:53 - 2010-02-13 21:14 - 00000000 ____D C:\Users\brigitta 2016-10-25 09:36 - 2009-07-14 06:34 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-10-25 09:36 - 2009-07-14 06:34 - 00025744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-10-25 09:29 - 2016-06-16 15:48 - 00000000 ___RD C:\Users\Markusli\Creative Cloud Files 2016-10-25 09:29 - 2016-06-16 15:48 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-10-25 09:29 - 2010-02-11 17:33 - 00000000 ____D C:\Users\Markusli\AppData\Local\Adobe 2016-10-25 09:26 - 2012-04-14 16:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-10-25 09:25 - 2010-02-15 16:24 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2016-10-25 09:25 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-25 09:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\SchCache 2016-10-25 09:23 - 2014-02-11 16:18 - 00000000 ____D C:\Program Files\Enigma Software Group 2016-10-25 08:33 - 2016-03-10 09:50 - 00000000 ____D C:\Users\Markusli\Downloads\Tools 2016-10-25 08:33 - 2013-05-27 16:34 - 00000000 ____D C:\Users\Markusli\AppData\Local\Citrix 2016-10-25 08:14 - 2015-06-19 11:04 - 00001196 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core.job 2016-10-24 20:45 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-10-24 17:02 - 2015-06-20 17:04 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core.job 2016-10-22 18:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2016-10-22 17:54 - 2010-02-11 17:05 - 00000000 ____D C:\Users\Markusli 2016-10-22 09:03 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-10-21 15:10 - 2010-02-11 17:33 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Adobe 2016-10-21 14:18 - 2010-02-11 17:28 - 00000000 ____D C:\ProgramData\Adobe 2016-10-21 13:36 - 2010-02-11 17:34 - 00000000 ____D C:\Program Files\Adobe 2016-10-21 13:36 - 2010-02-11 17:28 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-10-20 11:23 - 2016-03-10 14:24 - 00001456 _____ C:\Users\Markusli\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2016-10-20 11:16 - 2010-07-09 10:42 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\TeamViewer 2016-10-20 08:06 - 2013-05-28 09:41 - 00000000 ____D C:\Program Files\Opera 2016-10-20 08:00 - 2011-05-23 10:11 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-10-19 23:11 - 2010-03-11 17:06 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2016-10-19 23:09 - 2010-04-07 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe 2016-10-18 18:46 - 2012-07-12 09:46 - 00000000 ____D C:\Program Files\TeamViewer 2016-10-18 13:46 - 2013-05-07 10:22 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-10-18 13:42 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-10-18 13:37 - 2010-02-11 17:09 - 00000000 ____D C:\Program Files\Microsoft Office 2016-10-15 18:52 - 2012-01-07 12:58 - 00000000 ____D C:\Users\brigitta\AppData\Roaming\Dropbox 2016-10-14 16:17 - 2011-12-27 18:16 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\Dropbox 2016-10-14 10:40 - 2014-12-12 10:33 - 00000000 ____D C:\Windows\system32\appraiser 2016-10-14 10:40 - 2014-05-06 11:09 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-10-14 10:11 - 2013-06-26 19:47 - 00000000 ____D C:\Users\Markusli\Documents\XXXGmbh 2016-10-14 10:01 - 2016-06-03 15:35 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-14 09:24 - 2010-02-11 17:07 - 01629212 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-14 09:24 - 2009-07-14 10:47 - 00702926 _____ C:\Windows\system32\perfh007.dat 2016-10-14 09:24 - 2009-07-14 10:47 - 00150566 _____ C:\Windows\system32\perfc007.dat 2016-10-14 09:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-10-13 08:15 - 2016-07-07 12:10 - 00000000 ____D C:\Users\Markusli\Documents\Adobe 2016-10-13 07:47 - 2009-07-14 06:33 - 00483512 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-13 07:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Dism 2016-10-12 10:53 - 2013-08-15 18:10 - 00000000 ____D C:\Windows\system32\MRT 2016-10-12 10:35 - 2010-02-11 17:28 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-10-12 10:34 - 2010-06-04 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-12 10:34 - 2010-02-11 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-11 16:52 - 2016-06-23 16:24 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\PleasantKeePass 2016-10-11 14:14 - 2016-07-29 19:30 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2016-10-11 14:14 - 2012-06-12 10:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-10-06 07:57 - 2012-05-10 10:46 - 00000000 ____D C:\Users\Markusli\AppData\Local\Deployment 2016-10-06 07:55 - 2016-07-12 14:25 - 00000000 ____D C:\Users\Markusli\AppData\Roaming\3CXPhone for Windows 2016-10-04 15:21 - 2016-02-23 08:40 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-10-04 15:21 - 2016-02-23 08:40 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-10-04 09:43 - 2013-09-04 11:50 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-04 08:19 - 2015-06-19 11:04 - 00000000 ____D C:\Users\Markusli\AppData\Local\Dropbox 2016-09-28 11:10 - 2012-01-07 13:01 - 00000000 ___RD C:\Users\brigitta\Dropbox 2016-09-28 11:09 - 2015-06-20 17:04 - 00000000 ____D C:\Users\brigitta\AppData\Local\Dropbox 2016-09-28 11:08 - 2010-02-11 14:58 - 00000000 ____D C:\Windows\Panther ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-03-10 14:24 - 2016-10-20 11:23 - 0001456 _____ () C:\Users\Markusli\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-09-04 11:33 - 2014-09-04 11:33 - 0003584 _____ () C:\Users\Markusli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-08-17 10:11 - 2010-08-17 10:11 - 0004096 ____H () C:\Users\Markusli\AppData\Local\keyfile3.drm 2012-04-19 09:38 - 2015-06-19 11:27 - 0007610 _____ () C:\Users\Markusli\AppData\Local\Resmon.ResmonCfg 2012-04-14 16:48 - 2012-04-14 16:48 - 0017408 _____ () C:\Users\Markusli\AppData\Local\WebpageIcons.db 2011-03-28 09:46 - 2012-04-14 10:42 - 1037014 _____ () C:\ProgramData\bdinstall.bin 2010-08-31 10:29 - 2010-08-31 10:29 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2012-03-29 12:10 - 2012-04-04 11:16 - 0000151 _____ () C:\ProgramData\search_result.xml Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Markusli\Silverlight.exe Einige Dateien in TEMP: ==================== C:\Users\brigitta\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqdq7wz.dll C:\Users\Markusli\AppData\Local\Temp\libeay32.dll C:\Users\Markusli\AppData\Local\Temp\msvcr120.dll C:\Users\Markusli\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-10-22 18:23 ==================== Ende vom FRST.txt ============================ |
|
25.10.2016, 13:43
| #4 |
| | addition.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 16-10-2016
durchgeführt von Markusli (25-10-2016 12:17:31)
Gestartet von C:\Users\Markusli\Downloads\Tools\ScannerTools
Microsoft Windows 7 Professional Service Pack 1 (X86) (2010-02-11 15:05:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-95033592-1126372089-4278029988-500 - Administrator - Enabled) => C:\Users\Administrator
brigitta (S-1-5-21-95033592-1126372089-4278029988-1005 - Limited - Enabled) => C:\Users\brigitta
Gast (S-1-5-21-95033592-1126372089-4278029988-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-95033592-1126372089-4278029988-1002 - Limited - Enabled)
Markusli (S-1-5-21-95033592-1126372089-4278029988-1000 - Administrator - Enabled) => C:\Users\Markusli
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3CX MyPhone (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\1677492129.46.14.216.122) (Version: - 46.14.216.122)
3CX MyPhone (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\3640423864.213.213.168.34) (Version: - 213.213.168.34)
3CXPhone for Windows (HKLM\...\3CXPhone for Windows 15.0.56008) (Version: 15.0.56008 - 3CX)
3CXPhone for Windows (Version: 15.0.56008 - 3CX) Hidden
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
AbleBits.com Duplicate Remover for Microsoft Excel (HKLM\...\{355908AF-5D8F-40D6-B31C-07B5FA6A60A9}) (Version: 2.6.12 - Add-in Express Ltd.)
Acronis Sync Agent (HKLM\...\{7EFA9A78-797E-4567-A49C-D9E5F26E9AB4}) (Version: 15.0.5583 - Acronis)
Acronis*True*Image*Home 2012 (HKLM\...\{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}Visible) (Version: 15.0.5545 - Acronis)
Acronis*True*Image*Home 2012 (Version: 15.0.5545 - Acronis) Hidden
Adobe Acrobat 6.0 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 3.9.0.334 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe GoLive CS (ENG) (HKLM\...\{D3E4251D-8364-4698-B0E0-A7C799384403}) (Version: CS - Adobe Systems, Inc.)
Adobe Illustrator CS (HKLM\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe InDesign CS (HKLM\...\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}) (Version: CS - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (32 Bit) (HKLM\...\PHSP_17_0_1_32) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Adobe Version Cue (HKLM\...\{01958032-9877-4118-B87F-9EFA74B3F15F}) (Version: 1.0 - Adobe Systems, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5CFFD58D-A8EB-439C-B3FD-A8862C886C55}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Artisteer 3 (HKLM\...\Artisteer 3) (Version: 3.0 - Extensoft)
Autotask MS Outlook Extension (HKLM\...\{EC85AAAB-1AB9-4C0D-BAFC-13D8151E7839}) (Version: 3.2.1 - Autotask Corporation)
Balsamiq Mockups 3 (HKLM\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.2.2 - Balsamiq SRL)
Balsamiq Mockups 3 (Version: 3.2.2 - Balsamiq SRL) Hidden
Beyond Compare Version 2.5 (HKLM\...\BC2_is1) (Version: - Scooter Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
cnlabSpeedTest (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\{fxApplication}}_is1) (Version: 1.4.1 - cnlab AG)
CodeTwo Email Signatures Client App (HKLM\...\{D54A42C7-3929-4739-B3C0-D6D6A7AB05F5}) (Version: 1.5.0.45 - CodeTwo)
CTX blue office (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX blue office) (Version: 1.0 - Delivered by Citrix)
CTX Explorer (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX Explorer) (Version: 1.0 - Delivered by Citrix)
CTX TimeInfo MA (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\divertohqs-a9867bdc@@dvrds01.CTX TimeInfo MA) (Version: 1.0 - Delivered by Citrix)
DATA BECKER Tipp Top 7 (HKLM\...\Tipp Top 7_is1) (Version: 7.0 - DATA BECKER GmbH & Co. KG)
Dropbox (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Elevated Installer (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON BX300F Series Printer Uninstall (HKLM\...\EPSON BX300F Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Stylus Office BX300F_TX300F Handbuch (HKLM\...\EPSON Stylus Office BX300F_TX300F Benutzerhandbuch) (Version: - )
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
Free Mobile Converter 2.0.1 (HKLM\...\Free Mobile Converter) (Version: 2.0.1 - 1Freeware)
FreeFileSync v4.5 (HKLM\...\FreeFileSync) (Version: 4.5 - ZenJu)
FTP Voyager 16.1.0 (HKLM\...\FTP Voyager_is1) (Version: 16.1.0.0 - SolarWinds Worldwide LLC)
Garmin Express (HKLM\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
GWX Control Panel (HKLM\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2548139) (HKLM\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2635973) (HKLM\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2635973) (Version: 1 - Microsoft Corporation)
iCloud (HKLM\...\{61D7B517-5914-41D4-BD27-927163631227}) (Version: 5.2.2.87 - Apple Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{C27F2813-083D-4E6C-A565-17E22D1F7FC8}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 15.0.1.415 - Kaspersky Lab) Hidden
KeePass for Pleasant Password Server (HKLM\...\{26ae3288-f8ca-4fb9-bdab-b8bf2764a4e4}) (Version: 7.3.1.0 - Pleasant Solutions Inc.)
KeePass for Pleasant Password Server (Version: 7.3.1.0 - Pleasant Solutions Inc.) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Macromedia Dreamweaver MX 2004 (HKLM\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0 - Macromedia)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Add-on für Acronis True Image Home 2012 (HKLM\...\{EAE5EDA9-F70E-4A70-B7BF-F764557E7BA7}) (Version: 15.0.5545 - Acronis)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools - DEU (HKLM\...\{2CE77981-14DE-4773-8106-27C9C964720C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2092 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{5157F185-CA5F-4952-94E2-EF5C8EC83E45}) (Version: 10.2.4064.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Policies (HKLM\...\{695E67B6-8B95-4160-9650-92974980CDC1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{2AF7B7D7-C4E9-4A0C-BBA1-B2B3633D1CBC}) (Version: 10.2.4064.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 (Deutsch) (HKLM\...\{FA440BE8-EC2F-4478-A01A-077DA0606501}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1-Abfragetools (Deutsch) (HKLM\...\{0DD2DCC6-21AE-4678-8629-1084B17BE077}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - DEU (HKLM\...\Microsoft Visual Web Developer 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 49.0.1 (x86 de) (HKLM\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10500 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10100.1.100 - Nero AG)
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6965.2092 - Microsoft Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Online Plug-in (Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Opera Stable 40.0.2308.90 (HKLM\...\Opera 40.0.2308.90) (Version: 40.0.2308.90 - Opera Software)
PIF DESIGNER (HKLM\...\{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version: - )
Protect Disc License Helper 1.0.118 (HKLM\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Self-Service Plug-in (Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype for Business 2016 - de-de (HKLM\...\SkypeforBusinessRetail - de-de) (Version: 16.0.6965.2092 - Microsoft Corporation)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16032.18 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.1.16032.18 - Samsung Electronics Co., Ltd.) Hidden
Softwarenetz Rechnung4 (HKLM\...\Rechnung4) (Version: - Softwarenetz)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Webocton - Scriptly 0.8.95.6.COM (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Xenu's Link Sleuth (HKLM\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{4F8ABD16-E446-43C3-A154-484F507060B4}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{584482F3-1EFA-48A5-AA4A-DA2E06B0A54C}\localserver32 -> C:\Users\Markusli\AppData\Roaming\Add-in Express\Duplicate Remover for Microsoft Excel\AblebitsLoader.exe (Add-in Express Ltd.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Markusli\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-95033592-1126372089-4278029988-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Markusli\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05FE78FD-D4DD-429C-A0BB-14D8E64E54E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {07B8A434-ECE3-422D-8C7A-A94BACC75B6C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {101974F2-6EF6-461A-962B-F8349C3A7688} - System32\Tasks\{E5A5B4B9-2209-4728-B0CC-D493C03D3973} => pcalua.exe -a "L:\downloads\tools\FTP Voyager\FTPVSetup.exe" -d "L:\downloads\tools\FTP Voyager"
Task: {1E1C8897-A6A9-40FC-A077-5225BAB6743B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1F678D57-86FC-4B26-8DA2-1CC6D01377CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2ED97E4E-21A7-4A2F-B76E-A255D8B3BFA5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-04] (Microsoft Corporation)
Task: {44109411-B04A-4854-AF31-B735E3B09067} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4BA508EF-388C-427F-8EF9-72CD8C8DDA66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {55D9F8F9-EDE5-40AE-A983-EC0CFC44C392} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {575E15A1-D3BB-43B5-9C91-FB57B89A5433} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5BB8AD89-0F73-42AB-8CDA-F1BF70F52FCC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6376CB00-21D8-4F4C-941A-533AB668CF97} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {680C6D27-0106-4DEA-83FC-22AA0344CDBF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6B4CF6F0-0553-477A-9857-24E514F2A2F2} - System32\Tasks\{5E5A9D3B-550E-4EB2-98ED-9713708A0AA4} => pcalua.exe -a K:\Downloads\Bitdefender\2011\Patchs\bdfsfltr_2.exe -d K:\Downloads\Bitdefender\2011\Patchs
Task: {7AA93DBD-43EC-49FA-AD4F-FFAF2BEFB679} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7E669539-0E7D-45DC-8E10-87B1D6F051C4} - System32\Tasks\{F89078DD-99FB-4DAC-8BFB-EFB9FAFC3012} => pcalua.exe -a K:\Downloads\Bitdefender\2011\Patchs\bdfsfltr_1.exe -d K:\Downloads\Bitdefender\2011\Patchs
Task: {8681CD97-7F70-45E7-A938-E88B46154265} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {8E74F489-2F75-4B5F-99F0-A6B9E397D025} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {960C2FC0-FC61-42F1-AC1C-C00567AC2B07} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {9BB3226B-EE7E-4D6B-82DE-1D7B06866BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A1207353-FC48-4EB5-AB56-BA3D520F5650} - System32\Tasks\{54D113E6-CBD3-4414-8F1D-D96D15011972} => pcalua.exe -a E:\LaCie.exe -d E:\
Task: {A917B18B-8719-4EC3-907E-7EB4FC1B8CB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-10-04] (Microsoft Corporation)
Task: {BA83C72E-AE4D-4E07-8CF5-6DECF4F79FEB} - System32\Tasks\{32C9F5DB-70CC-46F6-A6A4-39266758C052} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {C12F68A4-6D19-470C-9CF4-FB8D0FE2E462} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D9FAAE5C-1119-4A98-854A-21B4A6F1227E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {DB9E3454-B5D0-4439-B6DC-981FF8675E5F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E7563B40-5ECC-40A7-AFA2-D491FC0E9856} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {F3D4F068-8986-4723-8865-FCF670B784F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-10-04] (Microsoft Corporation)
Task: {F550D866-91C0-4314-B610-73CB26C412BB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {F60DD1A1-B894-4BCC-BE36-8D52C297FB9E} - System32\Tasks\Opera scheduled Autoupdate 1374583353 => C:\Program Files\Opera\launcher.exe [2016-10-17] (Opera Software)
Task: {F683EC2C-CFE3-4910-9CAC-B4B5CDED51AB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {F7C0EAF8-FF3F-47A4-A671-BC70EE65E01D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-03] (Microsoft Corporation)
Task: {FC1AD44A-C482-43FA-A1E2-A04D44B9B990} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {FF0645A8-F4CD-404B-920D-3CF3E53DD4AA} - System32\Tasks\AdobeAAMUpdater-1.0-MarkusW-Markusli => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000Core.job => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1000UA.job => C:\Users\Markusli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005Core.job => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-95033592-1126372089-4278029988-1005UA.job => C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Long Tail Keyword Tool Pro.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=omgaibbfggpdeokldjpldejliojjedep
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-11 17:57 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-11 17:57 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-11 17:57 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2011-08-20 21:56 - 2011-08-20 21:56 - 00435552 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2016-10-18 14:06 - 2016-10-18 14:06 - 00407216 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2011-08-20 22:37 - 2011-08-20 22:37 - 00018784 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2010-02-16 16:16 - 2010-02-10 19:10 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 17:57 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [119]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\autotask.com -> autotask.com
IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\autotask.net -> autotask.net
IE trusted site: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\...\sharepoint.com -> hxxps://diverto-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2016-04-26 14:16 - 00000900 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^3CXPhone for Windows.lnk => C:\Windows\pss\3CXPhone for Windows.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver (1).lnk => C:\Windows\pss\Citrix Receiver (1).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Markusli^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: 3CX MyPhone1677492129.46.14.216.122 => C:\Users\Markusli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3CX MyPhone (2).lnk
MSCONFIG\startupreg: 3CX MyPhone3352490883.46.14.216.122 => C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3CX MyPhone.lnk
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeVersionCue => C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: FTPVoyagerSchedulerTrayIcon => "C:\Program Files\RhinoSoft\FTP Voyager\FTP Voyager Scheduler Tray.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: iCloudServices => "C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: ISW =>
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Redirector => "C:\Program Files\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F82BF24A-4C06-4AF6-AEDE-BF1D6136098E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{7D14B347-1A62-4EAB-88B1-98E1F4E3E8B6}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{83C09058-B7F3-4807-A4F5-E89EAD5C8E77}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9AEA4AF9-DEF7-4808-8636-20C42253AEA3}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{094FB060-B310-4DFF-A0EB-B069F923E2EB}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{32D694D2-EB34-4079-9AFC-F69C1F7FE9BB}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{741F7624-41E4-40F1-B4FC-FB911C17330B}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{58738422-5684-4D52-A019-F3E52760967C}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{94733DF2-2465-4166-B68E-5C16E808D11D}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{99FED989-BEF2-4598-8AD7-9F326DC53B0C}] => (Allow) C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F719BBA8-F3A3-404F-A1B8-0616D479AF32}] => (Allow) C:\Users\Markusli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C68499A0-5038-4F41-B71A-A0780080D012}] => (Allow) C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{22D3F35D-5FA4-4773-8924-02766646C6D0}] => (Allow) C:\Users\brigitta\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{D36CF86A-DC54-487B-BD26-71CCD8132934}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8EB9BE77-8DD1-494C-A4BB-4E848901C3DD}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{85FE8A84-CD60-4E18-ACA0-0F9F616B9904}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{F45F1096-58BA-4768-832D-307735139318}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{075775C9-78E3-4AAB-8338-FC64914EA634}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [UDP Query User{60A75989-BB0E-438F-8C55-9EE47815340B}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [TCP Query User{048E1A4E-9DE5-4534-99DC-E8E4826D30FB}C:\program files\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files\microsoft silverlight\sllauncher.exe
FirewallRules: [UDP Query User{FD286A70-D856-4AE3-B455-A821BEE6805A}C:\program files\microsoft silverlight\sllauncher.exe] => (Allow) C:\program files\microsoft silverlight\sllauncher.exe
FirewallRules: [{430C9DCC-5B2C-4A05-8066-F73055A0DF55}] => (Allow) LPort=8743
FirewallRules: [{72E39D38-BC71-49A9-83F6-2FC9C171A8C5}] => (Allow) LPort=8643
FirewallRules: [{DF80ADEB-63F8-4A65-A74F-DAA0D3DAD111}] => (Allow) LPort=7676
FirewallRules: [{76D9AF21-38B9-4290-8D29-4E3AE0C71AE4}] => (Allow) LPort=7679
FirewallRules: [{C3661200-0B7F-4E20-8A24-F3BCE1352718}] => (Allow) LPort=24234
FirewallRules: [{A1BDA1D3-8949-4822-9589-6643D9D5D6B6}] => (Allow) LPort=7900
FirewallRules: [{FA78D233-B907-4558-8CFC-E7E6944AE1D9}] => (Allow) LPort=1900
FirewallRules: [{C96740D9-F01E-42F5-A832-1D1939DFB0C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4B5A306E-E4AA-46E3-AF7E-83BE3DCDB017}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4F8E45FE-47A1-4AE7-A07D-FD15D845E8BC}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{075BAA5A-A05F-4AF6-846F-7D19A579233F}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{DA72F094-FEB5-41C1-BB07-CFEFBBC0ACD4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{ED8F3FE6-5810-46CC-914D-A85E77CAE5B0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{244A3008-7A43-4D59-94DE-0AC6F57A23F9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{73E19C3B-B226-474A-B17F-FB179ADE8F80}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{FC8CAEFF-E487-43E2-9930-2537207FD4AF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{18FC3294-26A0-4C36-BD5B-6DAD687912E6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C9421307-3337-43DD-8E37-6C49CFFF313F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B0FA52E7-A07F-4E91-BFF4-9167E7033A72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{62F4CF77-FE53-4173-A04C-4A02C5CA917F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8C4EB1F8-E2FA-4A09-B924-59FC93AE1EB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{35F29AF4-351A-4123-B831-9D55B7ACFE39}C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{49FE69DB-6205-4CEF-A94E-D5978EB56684}C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\Markusli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{DC177E08-955E-47DE-BF02-181A245EAE6F}C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{10F7414E-E9E9-40D2-98D8-5A27E5F2E836}C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\brigitta\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5917C2B6-7279-4471-8368-772F247FB7A4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{861C2053-E2FE-4410-98B6-7412E9220E55}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{10AEC9F7-4219-4AF2-8908-0CD9C3A9F929}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [UDP Query User{C810D086-34F7-4AB2-B469-2745BC1EB9B2}C:\program files\rhinosoft\ftp voyager\ftp voyager.exe] => (Allow) C:\program files\rhinosoft\ftp voyager\ftp voyager.exe
FirewallRules: [{B989015E-EC65-4944-B324-98E13E30A991}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2C05A5CE-6289-4081-A915-06D7ACF3F6E4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6859C5DD-34C3-42CE-824C-25871DDE8540}] => (Allow) C:\ProgramData\3CXPhone for Windows\PhoneApp\3CXWin8Phone.exe
FirewallRules: [{85FCC321-6E17-41C5-9541-9903CAB6A628}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3A5A004B-4F66-4565-905A-7D8C6813391C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{55692377-F721-4B59-B627-A066F9A4653B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{5989E26C-C28D-45FA-A1A8-0F27B8685E97}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{676E92BA-F652-4A4C-8E7B-E1BDCCBD1064}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10223E5B-2D77-43EB-8AA7-9743164492FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1982F1D9-4A4D-47B4-9A1F-038F9AB9CB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
21-10-2016 10:11:23 Windows Update
24-10-2016 20:56:08 Windows Update
24-10-2016 21:10:34 Windows Update
25-10-2016 09:37:40 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: MoboroboAssDriver
Description: MoboroboAssDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MoboroboAssDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32776
Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32776
Error: (10/25/2016 12:02:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31746
Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31746
Error: (10/25/2016 12:02:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30670
Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30670
Error: (10/25/2016 12:02:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/25/2016 12:02:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29656
Systemfehler:
=============
Error: (10/25/2016 12:02:46 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (10/25/2016 09:25:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MoboroboAssDriver
Error: (10/25/2016 09:25:12 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (10/25/2016 09:25:12 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (10/25/2016 09:23:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/25/2016 08:48:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
MoboroboAssDriver
Error: (10/25/2016 08:47:31 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (10/25/2016 08:47:31 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (10/25/2016 08:45:18 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (10/25/2016 08:44:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-03-06 09:59:29.673
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 09:59:29.671
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 09:59:29.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 09:59:29.660
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 09:59:29.658
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 09:59:29.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-04 18:35:02.585
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-04 18:35:02.583
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-04 18:35:02.570
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-04 18:35:02.541
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 3583.12 MB
Verfügbarer physikalischer RAM: 2391.66 MB
Summe virtueller Speicher: 7164.56 MB
Verfügbarer virtueller Speicher: 5087.93 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:309.18 GB) (Free:162.21 GB) NTFS
Drive k: (Laudatio) (Fixed) (Total:286.89 GB) (Free:251.82 GB) NTFS
Drive z: () (Network) (Total:931.51 GB) (Free:845.96 GB)
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 3C8637A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=309.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286.9 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
25.10.2016, 14:21
| #5 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | PCKeeper und Spacekace auf W7 Prof gefunden.Zitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.10.2016, 14:53
| #6 |
| | Reines Vergnügen Danke für die Antwort. Die Adobe ist installiert weil der PC auch noch für Arbeiten von zu Hause aus genutzt wird. Dann kann ich den Ordner Spacekace und die darin enthaltene Datei staticbuild-log.log getrost löschen? SpyBot löschen? Nutzt der wirklich nichts???? ..ansonsten alles OK also? Danke! |
|
25.10.2016, 14:57
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PCKeeper und Spacekace auf W7 Prof gefunden. Hab ich nirgends geschrieben. Ich wollte erstmal klären woher du diese Software hast.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.10.2016, 15:03
| #8 |
| | Software Ach so...alles klar. Keine Angst. Legal und gekauft. |
|
25.10.2016, 15:06
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PCKeeper und Spacekace auf W7 Prof gefunden. 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.10.2016, 16:12
| #10 |
| | MBARCode:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 25/10/2016 um 08:45:52
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-23.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : Markusli - MARKUSW
# Gestartet von : C:\Users\Markusli\Downloads\Tools\ScannerTools\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: ReimageRealTimeProtector
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\ProgramData\88cb0000-4c56-4c1f-c69d-2a23305119aa
[-] Ordner gelöscht: C:\ProgramData\a0060000-ac55-4be6-1af5-aac72c867e98
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Local\FileViewPro
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\download Manager
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\DriverCure
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\Gutscheinmieze
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\Solvusoft
[-] Ordner gelöscht: C:\Users\Markusli\AppData\Roaming\speedypc software
[#] Ordner mit Neustart gelöscht: C:\Users\Markusli\AppData\Roaming\SpeedyPC Software
[-] Ordner gelöscht: C:\Users\Markusli\Favorites\ASP
[-] Ordner gelöscht: C:\Users\brigitta\AppData\Local\AskToolbar
[-] Ordner gelöscht: C:\Users\brigitta\AppData\LocalLow\AskToolbar
[-] Ordner gelöscht: C:\ProgramData\Essentware
[-] Ordner gelöscht: C:\ProgramData\Reimage Protector
[-] Ordner gelöscht: C:\ProgramData\speedypc software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\SpeedyPC Software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Essentware
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Reimage Protector
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\speedypc software
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\SpeedyPC Software
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\Program Files\myfree codec
[-] Ordner gelöscht: C:\Program Files\Reimage
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Windows\Reimage.ini
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung desinfiziert: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\Acronis*True*Image*Home\Extras und Werkzeuge\Image mounten.lnk
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\distromatic
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\speedypc software
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\YahooPartnerToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\jabra
[-] Schlüssel gelöscht: HKU\S-1-5-21-95033592-1126372089-4278029988-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\speedypc software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\YahooPartnerToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\jabra
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Reimage
[-] Schlüssel gelöscht: HKLM\SOFTWARE\speedypc software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
***** [ Browser ] *****
[-] [C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Markusli\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: flpcjncodpafbgdpnkljologafpionhb
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6380 Bytes] - [25/10/2016 08:45:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [6431 Bytes] - [25/10/2016 08:39:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [6160 Bytes] - [25/10/2016 08:44:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6599 Bytes] ##########
|
|
25.10.2016, 16:22
| #11 |
| | TDSSKiller LogCode:
ATTFilter 17:18:47.0858 0x1284 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
17:18:49.0699 0x1284 ============================================================
17:18:49.0699 0x1284 Current date / time: 2016/10/25 17:18:49.0699
17:18:49.0699 0x1284 SystemInfo:
17:18:49.0699 0x1284
17:18:49.0699 0x1284 OS Version: 6.1.7601 ServicePack: 1.0
17:18:49.0699 0x1284 Product type: Workstation
17:18:49.0699 0x1284 ComputerName: SW
17:18:49.0699 0x1284 UserName: Markusli
17:18:49.0699 0x1284 Windows directory: C:\Windows
17:18:49.0699 0x1284 System windows directory: C:\Windows
17:18:49.0699 0x1284 Processor architecture: Intel x86
17:18:49.0699 0x1284 Number of processors: 2
17:18:49.0699 0x1284 Page size: 0x1000
17:18:49.0699 0x1284 Boot type: Normal boot
17:18:49.0699 0x1284 CodeIntegrityOptions = 0x00000000
17:18:49.0699 0x1284 ============================================================
17:18:51.0773 0x1284 KLMD registered as C:\Windows\system32\drivers\86276353.sys
17:18:51.0773 0x1284 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x0
17:18:52.0132 0x1284 System UUID: {1FC2945B-9067-9579-DC8C-84FC6535B8C0}
17:18:52.0881 0x1284 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x47B84, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
17:18:53.0006 0x1284 ============================================================
17:18:53.0006 0x1284 \Device\Harddisk0\DR0:
17:18:53.0037 0x1284 MBR partitions:
17:18:53.0037 0x1284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:18:53.0037 0x1284 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26A5C000
17:18:53.0037 0x1284 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x26A8E800, BlocksNum 0x23DC8800
17:18:53.0037 0x1284 ============================================================
17:18:53.0068 0x1284 C: <-> \Device\Harddisk0\DR0\Partition2
17:18:53.0131 0x1284 K: <-> \Device\Harddisk0\DR0\Partition3
17:18:53.0131 0x1284 ============================================================
17:18:53.0131 0x1284 Initialize success
17:18:53.0131 0x1284 ============================================================
17:18:59.0121 0x1030 ============================================================
17:18:59.0121 0x1030 Scan started
17:18:59.0121 0x1030 Mode: Manual; SigCheck; TDLFS;
17:18:59.0121 0x1030 ============================================================
17:18:59.0121 0x1030 KSN ping started
17:18:59.0277 0x1030 KSN ping finished: true
17:19:00.0478 0x1030 ================ Scan system memory ========================
17:19:00.0478 0x1030 System memory - ok
17:19:00.0478 0x1030 ================ Scan services =============================
17:19:00.0619 0x1030 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:19:00.0697 0x1030 1394ohci - ok
17:19:00.0743 0x1030 [ A6FE70357A68AD1E279CD1012419CCE6, 561B0E21383600F9A0BFB8562AAE648BBC48A320F58E4189C508123B8F106A29 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
17:19:00.0775 0x1030 acedrv11 - ok
17:19:00.0806 0x1030 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:19:00.0821 0x1030 ACPI - ok
17:19:00.0837 0x1030 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:19:00.0853 0x1030 AcpiPmi - ok
17:19:00.0962 0x1030 [ 14E29946746272D295483E78B817D054, 651DB8BA220D0833F16BEEE47A8D61F93020F8CF5ADBE5495E886C778D039658 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
17:19:00.0993 0x1030 AcrSch2Svc - ok
17:19:01.0024 0x1030 [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:19:01.0024 0x1030 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
17:19:01.0196 0x1030 Detect skipped due to KSN trusted
17:19:01.0196 0x1030 Adobe LM Service - ok
17:19:01.0274 0x1030 [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:19:01.0289 0x1030 AdobeARMservice - ok
17:19:01.0383 0x1030 [ 90F5726999B7B7D137C6F79202DC6E1D, 38A4FD9A1FA5E970BA3AE10C430AB339D02E1A65BCA98B5115131397A872049A ] AdobeUpdateService C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
17:19:01.0414 0x1030 AdobeUpdateService - ok
17:19:01.0508 0x1030 [ FC9D93D13127E3252466D4A33039B54B, 8399E2E351F083857380A8340EE5ADA858E79AAAEDE2C67693780DEA781E2F3E ] AdobeVersionCue C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
17:19:01.0523 0x1030 AdobeVersionCue - detected UnsignedFile.Multi.Generic ( 1 )
17:19:01.0695 0x1030 Detect skipped due to KSN trusted
17:19:01.0695 0x1030 AdobeVersionCue - ok
17:19:01.0742 0x1030 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:19:01.0773 0x1030 adp94xx - ok
17:19:01.0804 0x1030 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:19:01.0820 0x1030 adpahci - ok
17:19:01.0835 0x1030 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:19:01.0851 0x1030 adpu320 - ok
17:19:01.0867 0x1030 Aeclicem - ok
17:19:01.0898 0x1030 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:19:01.0913 0x1030 AeLookupSvc - ok
17:19:01.0945 0x1030 [ 158ED54CE49CF828C1E46A811FFF8804, 6955EAA1B12A8BF07F3CFDF0451425D429A4CD4BF21F25D4D6A31EB88DC991D4 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
17:19:01.0945 0x1030 afcdp - ok
17:19:02.0101 0x1030 [ 93AF1F96A0C974C7E71A41E8054C40B0, 87977D0E88582A7164C3B4F915C394341A7F24AB4621B3DC7BA096323CE2A539 ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
17:19:02.0179 0x1030 afcdpsrv - ok
17:19:02.0225 0x1030 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
17:19:02.0257 0x1030 AFD - ok
17:19:02.0272 0x1030 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:19:02.0288 0x1030 agp440 - ok
17:19:02.0444 0x1030 [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
17:19:02.0506 0x1030 AGSService - ok
17:19:02.0522 0x1030 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:19:02.0537 0x1030 aic78xx - ok
17:19:02.0553 0x1030 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:19:02.0569 0x1030 ALG - ok
17:19:02.0584 0x1030 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:19:02.0600 0x1030 aliide - ok
17:19:02.0615 0x1030 [ B19505648F033393E907E2E419FDE8B3, BEF76AAD61FE0CA1F2B91C491FD94DE1BE67E776BBB7972D57ADFBE0333E9615 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:19:02.0631 0x1030 AMD External Events Utility - ok
17:19:02.0647 0x1030 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:19:02.0662 0x1030 amdagp - ok
17:19:02.0693 0x1030 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:19:02.0709 0x1030 amdide - ok
17:19:02.0709 0x1030 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:19:02.0725 0x1030 AmdK8 - ok
17:19:02.0740 0x1030 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:19:02.0756 0x1030 AmdPPM - ok
17:19:02.0787 0x1030 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:19:02.0803 0x1030 amdsata - ok
17:19:02.0818 0x1030 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:19:02.0818 0x1030 amdsbs - ok
17:19:02.0834 0x1030 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:19:02.0849 0x1030 amdxata - ok
17:19:02.0881 0x1030 [ 34A44AF3D786BB28B445821461331E19, 1E7B64AE5BDEE2530EDD1822AF5CB013113C5146FB7669BD413820FCC0D70E69 ] AppID C:\Windows\system32\drivers\appid.sys
17:19:02.0896 0x1030 AppID - ok
17:19:02.0927 0x1030 [ 1C9127BAD6E198C241E731EF90800A3B, AFB1709DF4A962ABBCE9DBE67E61B7FDE4B2202BF5FEE6BCB76D6779CC0795EC ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:19:02.0943 0x1030 AppIDSvc - ok
17:19:02.0974 0x1030 [ 7AE586A76A171B915F7BE478C7542138, B7CDA2DE9C1E3F8997FE3F7D93288C61C9199FA87D24AF541851B8AFBB584D13 ] Appinfo C:\Windows\System32\appinfo.dll
17:19:02.0990 0x1030 Appinfo - ok
17:19:03.0083 0x1030 [ 2AF8899B07D4E997D0D189D83EDF2709, 2992B159779C138F3BE343475B4B0615CF096E5B69A8EE145E1D1A07291EE4B1 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:03.0099 0x1030 Apple Mobile Device - ok
17:19:03.0130 0x1030 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:19:03.0161 0x1030 AppMgmt - ok
17:19:03.0161 0x1030 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:19:03.0177 0x1030 arc - ok
17:19:03.0193 0x1030 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:19:03.0208 0x1030 arcsas - ok
17:19:03.0286 0x1030 [ 753F1E09345D7B2C06B9999EA8F9AAB1, C5A53052EE78FA8DC199C77F63654F5F850C111A7DC2B056E09A7D6C2F5B2BCD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:19:03.0302 0x1030 aspnet_state - ok
17:19:03.0317 0x1030 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:19:03.0333 0x1030 AsyncMac - ok
17:19:03.0364 0x1030 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:19:03.0380 0x1030 atapi - ok
17:19:03.0411 0x1030 [ 11D2302C9B515B4E4BF5A8F190483B59, ABC3095611456391A01E9BD5BCE9DF0188CBB7E1D5789931BC8751033A421C51 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:19:03.0427 0x1030 AtiHDAudioService - ok
17:19:03.0567 0x1030 [ 04F09923A393E4E0E8453A8F78361E73, B5C0B9D1195B87AF823887AD9355CD2B4C4F4DDF34103891EE48EA86F0F544E7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:19:03.0692 0x1030 atikmdag - ok
17:19:03.0739 0x1030 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:19:03.0754 0x1030 AudioEndpointBuilder - ok
17:19:03.0801 0x1030 [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:19:03.0817 0x1030 Audiosrv - ok
17:19:03.0941 0x1030 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
17:19:03.0957 0x1030 AVP15.0.1 - ok
17:19:04.0019 0x1030 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:19:04.0051 0x1030 AxInstSV - ok
17:19:04.0097 0x1030 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:19:04.0129 0x1030 b06bdrv - ok
17:19:04.0144 0x1030 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:19:04.0160 0x1030 b57nd60x - ok
17:19:04.0191 0x1030 [ A6FE70357A68AD1E279CD1012419CCE6, 561B0E21383600F9A0BFB8562AAE648BBC48A320F58E4189C508123B8F106A29 ] Bdahstsvcrvp C:\Windows\system32\drivers\acedrv11.sys
17:19:04.0191 0x1030 Bdahstsvcrvp - ok
17:19:04.0222 0x1030 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:19:04.0238 0x1030 BDESVC - ok
17:19:04.0285 0x1030 [ 4C44D82E372A87B3CB439A7F14CFEF03, D88781818380E34E04372575EA75EF5C0B3A9486E3B7CE73AD617CA2FA7AA5E2 ] bdfsfltr C:\Windows\system32\DRIVERS\bdfsfltr.sys
17:19:04.0300 0x1030 bdfsfltr - ok
17:19:04.0363 0x1030 bdselfpr - ok
17:19:04.0363 0x1030 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:19:04.0394 0x1030 Beep - ok
17:19:04.0441 0x1030 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:19:04.0472 0x1030 BFE - ok
17:19:04.0503 0x1030 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:19:04.0550 0x1030 BITS - ok
17:19:04.0550 0x1030 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:19:04.0565 0x1030 blbdrive - ok
17:19:04.0628 0x1030 [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:19:04.0659 0x1030 Bonjour Service - ok
17:19:04.0690 0x1030 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:19:04.0706 0x1030 bowser - ok
17:19:04.0721 0x1030 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:19:04.0721 0x1030 BrFiltLo - ok
17:19:04.0737 0x1030 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:19:04.0753 0x1030 BrFiltUp - ok
17:19:04.0784 0x1030 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:19:04.0799 0x1030 Browser - ok
17:19:04.0815 0x1030 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:19:04.0831 0x1030 Brserid - ok
17:19:04.0846 0x1030 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:19:04.0862 0x1030 BrSerWdm - ok
17:19:04.0877 0x1030 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:19:04.0877 0x1030 BrUsbMdm - ok
17:19:04.0909 0x1030 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:19:04.0909 0x1030 BrUsbSer - ok
17:19:04.0924 0x1030 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:19:04.0940 0x1030 BTHMODEM - ok
17:19:04.0971 0x1030 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:19:05.0002 0x1030 bthserv - ok
17:19:05.0127 0x1030 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:19:05.0174 0x1030 c2cautoupdatesvc - ok
17:19:05.0267 0x1030 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:19:05.0330 0x1030 c2cpnrsvc - ok
17:19:05.0361 0x1030 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:19:05.0377 0x1030 cdfs - ok
17:19:05.0423 0x1030 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:19:05.0423 0x1030 cdrom - ok
17:19:05.0486 0x1030 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:19:05.0501 0x1030 CertPropSvc - ok
17:19:05.0517 0x1030 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:19:05.0533 0x1030 circlass - ok
17:19:05.0595 0x1030 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
17:19:05.0626 0x1030 CLFS - ok
17:19:05.0767 0x1030 [ 31D91373A93CB97882DB67EA2461661B, 98421C4A7795B569F7696F6633260DF6A74BF24E8DB1FBB5D4BF59CCC9230EE8 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
17:19:05.0813 0x1030 ClickToRunSvc - ok
17:19:05.0891 0x1030 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:05.0907 0x1030 clr_optimization_v2.0.50727_32 - ok
17:19:05.0954 0x1030 [ 3CB2944297E7A762F9665A63D7876A3C, 696B8D5FD1DC5E662072CBF1C7CD6270B56643802783013C22848E1BB697625D ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:05.0954 0x1030 clr_optimization_v4.0.30319_32 - ok
17:19:05.0969 0x1030 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:19:05.0985 0x1030 CmBatt - ok
17:19:06.0016 0x1030 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:19:06.0032 0x1030 cmdide - ok
17:19:06.0063 0x1030 [ 1A5800ECFBB105B2674D2C0F3885C3E1, 8FF7205CEEAD7EAE71BCA940F62F4724B59EB10D97E1D3F8BB69A125246BFD7D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
17:19:06.0079 0x1030 cm_km_w - ok
17:19:06.0110 0x1030 [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG C:\Windows\system32\Drivers\cng.sys
17:19:06.0125 0x1030 CNG - ok
17:19:06.0141 0x1030 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:19:06.0157 0x1030 Compbatt - ok
17:19:06.0172 0x1030 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:19:06.0188 0x1030 CompositeBus - ok
17:19:06.0203 0x1030 COMSysApp - ok
17:19:06.0219 0x1030 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:19:06.0219 0x1030 crcdisk - ok
17:19:06.0250 0x1030 [ 6F8E0D147E53D4CE2F4D975AB976E80A, F357380C46EB7C886CE0A7DB6AB1403AFB221E3D8B8D4BD4A826EC5D9EB1C80B ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:19:06.0266 0x1030 CryptSvc - ok
17:19:06.0313 0x1030 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
17:19:06.0328 0x1030 CSC - ok
17:19:06.0359 0x1030 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
17:19:06.0391 0x1030 CscService - ok
17:19:06.0437 0x1030 [ BE13DB08BAF1F6F3EAC9D8048241A8DB, 04A7172BB122239796123EE650EB690551070E048F0BA3B360B4517307966047 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:19:06.0453 0x1030 ctxusbm - ok
17:19:06.0500 0x1030 [ 48297BF3339BC56DD7D7524D7A1740AA, A0D750FE7745C7D2A53CB61A6FF33B867675053B56F8DB1F52B01A74FB755190 ] DBService C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
17:19:06.0515 0x1030 DBService - detected UnsignedFile.Multi.Generic ( 1 )
17:19:06.0609 0x1030 Detect skipped due to KSN trusted
17:19:06.0609 0x1030 DBService - ok
17:19:06.0671 0x1030 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:19:06.0703 0x1030 DcomLaunch - ok
17:19:06.0749 0x1030 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:19:06.0765 0x1030 defragsvc - ok
17:19:06.0812 0x1030 [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:19:06.0827 0x1030 DfsC - ok
17:19:06.0859 0x1030 [ CFD472DDF02D675D74144A8BD63B4B10, 58D7142129F49F38D832419BDAC70F21851807918343222F6B58FDFA2408F8EF ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:19:06.0874 0x1030 dg_ssudbus - ok
17:19:06.0905 0x1030 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:19:06.0921 0x1030 Dhcp - ok
17:19:07.0030 0x1030 [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack C:\Windows\system32\diagtrack.dll
17:19:07.0077 0x1030 DiagTrack - ok
17:19:07.0093 0x1030 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:19:07.0108 0x1030 discache - ok
17:19:07.0139 0x1030 [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk C:\Windows\system32\drivers\disk.sys
17:19:07.0155 0x1030 Disk - ok
17:19:07.0186 0x1030 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:19:07.0186 0x1030 Dnscache - ok
17:19:07.0233 0x1030 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:19:07.0249 0x1030 dot3svc - ok
17:19:07.0295 0x1030 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:19:07.0311 0x1030 DPS - ok
17:19:07.0342 0x1030 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:19:07.0358 0x1030 drmkaud - ok
17:19:07.0405 0x1030 [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:19:07.0420 0x1030 DXGKrnl - ok
17:19:07.0436 0x1030 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:19:07.0467 0x1030 EapHost - ok
17:19:07.0561 0x1030 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:19:07.0623 0x1030 ebdrv - ok
17:19:07.0654 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] EFS C:\Windows\System32\lsass.exe
17:19:07.0670 0x1030 EFS - ok
17:19:07.0701 0x1030 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:19:07.0717 0x1030 ehRecvr - ok
17:19:07.0732 0x1030 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:19:07.0748 0x1030 ehSched - ok
17:19:07.0779 0x1030 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:19:07.0795 0x1030 elxstor - ok
17:19:07.0826 0x1030 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:19:07.0841 0x1030 ErrDev - ok
17:19:07.0857 0x1030 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:19:07.0888 0x1030 EventSystem - ok
17:19:07.0904 0x1030 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:19:07.0935 0x1030 exfat - ok
17:19:07.0951 0x1030 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:19:07.0966 0x1030 fastfat - ok
17:19:08.0013 0x1030 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:19:08.0044 0x1030 Fax - ok
17:19:08.0060 0x1030 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:19:08.0060 0x1030 fdc - ok
17:19:08.0075 0x1030 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:19:08.0091 0x1030 fdPHost - ok
17:19:08.0107 0x1030 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:19:08.0122 0x1030 FDResPub - ok
17:19:08.0138 0x1030 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:19:08.0138 0x1030 FileInfo - ok
17:19:08.0153 0x1030 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:19:08.0169 0x1030 Filetrace - ok
17:19:08.0185 0x1030 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:19:08.0200 0x1030 flpydisk - ok
17:19:08.0216 0x1030 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:19:08.0231 0x1030 FltMgr - ok
17:19:08.0309 0x1030 [ 27C75AC6D6FC808D8244D9C9CEA681D1, A68D79F64FF12769BE361BF3316909BB83E33772989EF3AA95613930B2B07C24 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
17:19:08.0325 0x1030 fltsrv - ok
17:19:08.0372 0x1030 [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache C:\Windows\system32\FntCache.dll
17:19:08.0403 0x1030 FontCache - ok
17:19:08.0450 0x1030 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:19:08.0465 0x1030 FontCache3.0.0.0 - ok
17:19:08.0481 0x1030 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:19:08.0497 0x1030 FsDepends - ok
17:19:08.0543 0x1030 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
17:19:08.0559 0x1030 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:19:08.0653 0x1030 Detect skipped due to KSN trusted
17:19:08.0653 0x1030 FsUsbExDisk - ok
17:19:08.0762 0x1030 [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
17:19:08.0777 0x1030 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
17:19:08.0855 0x1030 Detect skipped due to KSN trusted
17:19:08.0855 0x1030 FsUsbExService - ok
17:19:08.0887 0x1030 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:19:08.0918 0x1030 Fs_Rec - ok
17:19:08.0949 0x1030 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:19:08.0965 0x1030 fvevol - ok
17:19:08.0996 0x1030 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:19:09.0011 0x1030 gagp30kx - ok
17:19:09.0105 0x1030 [ 8C0A6229A1256930DEF4D79B2C0BA25C, 2C4EA836494F148E7C83FC81593305E986C8E2D801A35903CF603FC86D925DCE ] Garmin Device Interaction Service C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
17:19:09.0136 0x1030 Garmin Device Interaction Service - ok
17:19:09.0183 0x1030 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:09.0199 0x1030 GEARAspiWDM - ok
17:19:09.0230 0x1030 [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc C:\Windows\System32\gpsvc.dll
17:19:09.0261 0x1030 gpsvc - ok
17:19:09.0339 0x1030 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:09.0370 0x1030 gupdate - ok
17:19:09.0386 0x1030 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:19:09.0401 0x1030 gupdatem - ok
17:19:09.0448 0x1030 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:19:09.0464 0x1030 gusvc - ok
17:19:09.0479 0x1030 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:19:09.0495 0x1030 hcw85cir - ok
17:19:09.0542 0x1030 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:19:09.0557 0x1030 HdAudAddService - ok
17:19:09.0589 0x1030 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:19:09.0604 0x1030 HDAudBus - ok
17:19:09.0604 0x1030 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:19:09.0620 0x1030 HidBatt - ok
17:19:09.0635 0x1030 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:19:09.0651 0x1030 HidBth - ok
17:19:09.0667 0x1030 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:19:09.0682 0x1030 HidIr - ok
17:19:09.0698 0x1030 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:19:09.0729 0x1030 hidserv - ok
17:19:09.0776 0x1030 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:19:09.0776 0x1030 HidUsb - ok
17:19:09.0807 0x1030 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:19:09.0838 0x1030 hkmsvc - ok
17:19:09.0869 0x1030 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:19:09.0885 0x1030 HomeGroupListener - ok
17:19:09.0901 0x1030 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:19:09.0916 0x1030 HomeGroupProvider - ok
17:19:09.0947 0x1030 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:19:09.0963 0x1030 HpSAMD - ok
17:19:09.0994 0x1030 [ 06C01427CEAD2C285BB47608BFB9BF88, 7370F7BF8338D056ED253ED4173A3248675E722545BA4F7C75A2D8194395CBC6 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:19:09.0994 0x1030 HTCAND32 - ok
17:19:10.0025 0x1030 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:19:10.0057 0x1030 HTTP - ok
17:19:10.0072 0x1030 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:19:10.0088 0x1030 hwpolicy - ok
17:19:10.0119 0x1030 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:19:10.0135 0x1030 i8042prt - ok
17:19:10.0150 0x1030 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:19:10.0166 0x1030 iaStorV - ok
17:19:10.0229 0x1030 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:19:10.0260 0x1030 idsvc - ok
17:19:10.0292 0x1030 IEEtwCollectorService - ok
17:19:10.0323 0x1030 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:19:10.0323 0x1030 iirsp - ok
17:19:10.0385 0x1030 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:19:10.0401 0x1030 IKEEXT - ok
17:19:10.0432 0x1030 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:19:10.0432 0x1030 intelide - ok
17:19:10.0448 0x1030 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:19:10.0463 0x1030 intelppm - ok
17:19:10.0479 0x1030 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:19:10.0510 0x1030 IPBusEnum - ok
17:19:10.0526 0x1030 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:19:10.0541 0x1030 IpFilterDriver - ok
17:19:10.0588 0x1030 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:19:10.0604 0x1030 iphlpsvc - ok
17:19:10.0635 0x1030 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:19:10.0650 0x1030 IPMIDRV - ok
17:19:10.0666 0x1030 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:19:10.0682 0x1030 IPNAT - ok
17:19:10.0744 0x1030 [ FB38511C33BB70533FC5A336931CB792, 0FDF7B25DE64C8230AB116B4C9F95ECE76262AA31BA14FE2C568B1062573C8F9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:19:10.0760 0x1030 iPod Service - ok
17:19:10.0775 0x1030 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:19:10.0791 0x1030 IRENUM - ok
17:19:10.0822 0x1030 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:19:10.0822 0x1030 isapnp - ok
17:19:10.0853 0x1030 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:19:10.0853 0x1030 iScsiPrt - ok
17:19:10.0884 0x1030 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:19:10.0900 0x1030 kbdclass - ok
17:19:10.0916 0x1030 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:19:10.0931 0x1030 kbdhid - ok
17:19:10.0962 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] KeyIso C:\Windows\system32\lsass.exe
17:19:10.0978 0x1030 KeyIso - ok
17:19:11.0025 0x1030 [ 48A104DDC01F6547DED5F9C4C796DD46, C310E1A5ED192416D618AF949CCB45C60F9929072C9887CB9F824EADD58D476C ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
17:19:11.0056 0x1030 KL1 - ok
17:19:11.0118 0x1030 [ 31AF8A6B7FFDD3FF8D0025353E0787EE, CF6FAC4469728814E5B3BF24F2B00198E3B0296B8DD8C707D57B11DDCF1DC9BB ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
17:19:11.0134 0x1030 kldisk - ok
17:19:11.0212 0x1030 [ F2EE426C11FE6E73D1F72CD188B2A68C, C5F4CFFF2A3E2E97F7BC6AB3589770278D9B86C64700190196878DB168FB24BA ] klflt C:\Windows\system32\DRIVERS\klflt.sys
17:19:11.0228 0x1030 klflt - ok
17:19:11.0274 0x1030 [ 81AB5C082CEA061D618C019F4234FD4E, 9E4491B50E647D03F670F88AED444DBADFAB007032F5CF59D06F992775065268 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
17:19:11.0290 0x1030 klhk - ok
17:19:11.0337 0x1030 [ 4E19CDEEBDE3CE8987B3D7A5123FFAC9, 0A0F79947C1D9A1FD9883FCB7B7C988D689BBA5F0328C57E5BE2DCDF8A8F17E7 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:19:11.0368 0x1030 KLIF - ok
17:19:11.0399 0x1030 [ D1FC14342F8CAD20A0764305AD62483D, FC3010AAD57C7CEB987AE930C1B7A7C1AD9291B98F92F5C9448D56C92270C9F1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
17:19:11.0399 0x1030 KLIM6 - ok
17:19:11.0415 0x1030 [ 9C7132A2E609E0BACF2A54AC13C9BDCB, E7E3949C6FA35CC06A1B010DA04462824BC7F3EE6A498F64CB2457C901F999F7 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:19:11.0415 0x1030 klkbdflt - ok
17:19:11.0430 0x1030 [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:19:11.0430 0x1030 klmouflt - ok
17:19:11.0477 0x1030 [ EB0D72D2844C57F5F146D7A15B04FBF9, 3DFEDA024AD5D54EEAF7D4411153CFA8AD95FCF217E09F2B7AFD2D91EE623BF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
17:19:11.0493 0x1030 klpd - ok
17:19:11.0540 0x1030 [ EDB35F43026CC3CA52DD11D5FBC625A9, 47F486914F3199DB91DAC69FE7A7BA75F6D800FF184C47970AB11BCF8FB38AF8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:19:11.0555 0x1030 kltdi - ok
17:19:11.0586 0x1030 [ 43057A1680FFBBB9B47986BC1734AC11, A9EEA846EEC1F0E8EB73DB14AF7053AFBC4A0A580BF4402170CCB32F4CD6BB23 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
17:19:11.0602 0x1030 Klwtp - ok
17:19:11.0664 0x1030 [ 24025B8E6A6AE596EC6C7E4B1A10C660, 4ED3837F7C2934AEC4AA4046E1069EAC2896B581FB6C898369F2998C98CC9778 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:19:11.0680 0x1030 kneps - ok
17:19:11.0711 0x1030 [ 58975F4DBB4A40D58FD1B913B6C912DA, 28FC71ABF07776073101CC886359FE7B0A9FB2B1135797AD6BB6CEEFC233F72C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:19:11.0711 0x1030 KSecDD - ok
17:19:11.0727 0x1030 [ EF8C60DD465C56837E1CC53D996A65C2, D932FA8A4A9073C8661B7EC6C598CF543B9D728DD866379C384DE60BCB35F82E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:19:11.0742 0x1030 KSecPkg - ok
17:19:11.0774 0x1030 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:19:11.0805 0x1030 KtmRm - ok
17:19:11.0836 0x1030 [ F7CDABA15C7E853F0A11AF6D77FCA990, 14486B8C9535D62AD8FA98A21DA76E793B3FB275D82FAF4423526D340ABCD785 ] L1E C:\Windows\system32\DRIVERS\L1E62x86.sys
17:19:11.0852 0x1030 L1E - ok
17:19:11.0867 0x1030 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:19:11.0883 0x1030 LanmanServer - ok
17:19:11.0914 0x1030 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:19:11.0945 0x1030 LanmanWorkstation - ok
17:19:12.0054 0x1030 [ 5CF3787D3109D8B7C0A68BDDE0F351E2, 6E942199C4B74E910B706876493E16D1C3487102CC480E8639401A34FB941D88 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:19:12.0070 0x1030 LBTServ - ok
17:19:12.0117 0x1030 [ B9E077D03FCCD05A8829DC5E0653E60B, 4752C4D77D2E9FFE82F1151289A78EB238F434795655F392BC1B749A7B695B33 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:19:12.0117 0x1030 LHidFilt - ok
17:19:12.0164 0x1030 [ CB5D13966F74D7F000724A907F614193, 720374DE3C3E930B3C679DEF41A7073477F0C9C3156A0400F2F23672CCFCC981 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
17:19:12.0164 0x1030 libusb0 - ok
17:19:12.0210 0x1030 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:19:12.0242 0x1030 lltdio - ok
17:19:12.0304 0x1030 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:19:12.0351 0x1030 lltdsvc - ok
17:19:12.0351 0x1030 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:19:12.0382 0x1030 lmhosts - ok
17:19:12.0413 0x1030 [ FBB88DD2236B263FF412AA7067BDFEE6, 8F6347B8CE4C5175208D45B60B04878886D955F90B37AFD33E414E795D68D8CC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:19:12.0413 0x1030 LMouFilt - ok
17:19:12.0429 0x1030 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:19:12.0444 0x1030 LSI_FC - ok
17:19:12.0460 0x1030 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:19:12.0476 0x1030 LSI_SAS - ok
17:19:12.0491 0x1030 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:19:12.0491 0x1030 LSI_SAS2 - ok
17:19:12.0507 0x1030 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:19:12.0522 0x1030 LSI_SCSI - ok
17:19:12.0538 0x1030 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:19:12.0554 0x1030 luafv - ok
17:19:12.0600 0x1030 [ B8EAC4507EB4655377B1E094FCE7F12E, FF094A752224F2A5F4866B56D84B80DB18467776645C01B4CADAB85C377B9EE8 ] Macromedia Licensing Service C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
17:19:12.0600 0x1030 Macromedia Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:19:12.0678 0x1030 Detect skipped due to KSN trusted
17:19:12.0678 0x1030 Macromedia Licensing Service - ok
17:19:12.0725 0x1030 [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:19:12.0741 0x1030 MBAMProtector - ok
17:19:12.0850 0x1030 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:19:12.0881 0x1030 MBAMScheduler - ok
17:19:12.0928 0x1030 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
17:19:12.0959 0x1030 MBAMService - ok
17:19:13.0006 0x1030 [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:19:13.0006 0x1030 MBAMSwissArmy - ok
17:19:13.0037 0x1030 [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:19:13.0037 0x1030 MBAMWebAccessControl - ok
17:19:13.0068 0x1030 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:19:13.0084 0x1030 Mcx2Svc - ok
17:19:13.0131 0x1030 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:19:13.0146 0x1030 MDM - detected UnsignedFile.Multi.Generic ( 1 )
17:19:13.0240 0x1030 Detect skipped due to KSN trusted
17:19:13.0240 0x1030 MDM - ok
17:19:13.0256 0x1030 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:19:13.0271 0x1030 megasas - ok
17:19:13.0287 0x1030 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:19:13.0302 0x1030 MegaSR - ok
17:19:13.0318 0x1030 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:19:13.0334 0x1030 MMCSS - ok
17:19:13.0365 0x1030 MoboroboAssDriver - ok
17:19:13.0365 0x1030 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:19:13.0396 0x1030 Modem - ok
17:19:13.0427 0x1030 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:19:13.0443 0x1030 monitor - ok
17:19:13.0458 0x1030 [ 111A023266532C621EE69AE96E47081E, D933340AF838D94F25C74F9D46A74DE3B45F29B896AFA49A03676BAB8CD400CF ] MonitorFunction C:\Windows\system32\DRIVERS\TVMonitor.sys
17:19:13.0458 0x1030 MonitorFunction - ok
17:19:13.0505 0x1030 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:19:13.0505 0x1030 mouclass - ok
17:19:13.0521 0x1030 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:19:13.0536 0x1030 mouhid - ok
17:19:13.0552 0x1030 [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:19:13.0568 0x1030 mountmgr - ok
17:19:13.0614 0x1030 [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:19:13.0630 0x1030 MozillaMaintenance - ok
17:19:13.0646 0x1030 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:19:13.0661 0x1030 mpio - ok
17:19:13.0692 0x1030 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:19:13.0708 0x1030 mpsdrv - ok
17:19:13.0755 0x1030 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:19:13.0786 0x1030 MpsSvc - ok
17:19:13.0817 0x1030 [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:19:13.0833 0x1030 MRxDAV - ok
17:19:13.0880 0x1030 [ DFF7080C28D25B9629406FBC53F0AC24, EC87D28756997E36CD7808916863E9EDF6E04984595D468C55A389EB896EFBC2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:19:13.0895 0x1030 mrxsmb - ok
17:19:13.0926 0x1030 [ B63F11492664EA49F07BB0E50938F746, 6493968CC6C2B35988521C7C0F5EF9C69C9EC5AED44ED317164ABF73AD302DF9 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:19:13.0942 0x1030 mrxsmb10 - ok
17:19:14.0004 0x1030 [ 0E55102EA96B20FA945102A223D69DA5, 0A7C40CAF47C953CE60669BCAA519A4323CA36637D30E349575D0224C4ED7C19 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:19:14.0036 0x1030 mrxsmb20 - ok
17:19:14.0082 0x1030 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:19:14.0098 0x1030 msahci - ok
17:19:14.0207 0x1030 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:19:14.0223 0x1030 msdsm - ok
17:19:14.0238 0x1030 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:19:14.0254 0x1030 MSDTC - ok
17:19:14.0285 0x1030 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:19:14.0301 0x1030 Msfs - ok
17:19:14.0301 0x1030 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:19:14.0332 0x1030 mshidkmdf - ok
17:19:14.0363 0x1030 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:19:14.0363 0x1030 msisadrv - ok
17:19:14.0394 0x1030 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:19:14.0426 0x1030 MSiSCSI - ok
17:19:14.0426 0x1030 msiserver - ok
17:19:14.0441 0x1030 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:19:14.0472 0x1030 MSKSSRV - ok
17:19:14.0488 0x1030 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:19:14.0519 0x1030 MSPCLOCK - ok
17:19:14.0519 0x1030 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:19:14.0535 0x1030 MSPQM - ok
17:19:14.0550 0x1030 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:19:14.0566 0x1030 MsRPC - ok
17:19:14.0582 0x1030 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:19:14.0597 0x1030 mssmbios - ok
17:19:14.0613 0x1030 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:19:14.0628 0x1030 MSTEE - ok
17:19:14.0644 0x1030 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:19:14.0644 0x1030 MTConfig - ok
17:19:14.0675 0x1030 [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:19:14.0691 0x1030 MTsensor - ok
17:19:14.0706 0x1030 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:19:14.0722 0x1030 Mup - ok
17:19:14.0753 0x1030 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:19:14.0784 0x1030 napagent - ok
17:19:14.0816 0x1030 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:19:14.0831 0x1030 NativeWifiP - ok
17:19:14.0925 0x1030 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
17:19:14.0956 0x1030 NAUpdate - ok
17:19:15.0034 0x1030 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:19:15.0081 0x1030 NDIS - ok
17:19:15.0096 0x1030 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:19:15.0128 0x1030 NdisCap - ok
17:19:15.0143 0x1030 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:19:15.0159 0x1030 NdisTapi - ok
17:19:15.0190 0x1030 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:19:15.0221 0x1030 Ndisuio - ok
17:19:15.0252 0x1030 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:19:15.0268 0x1030 NdisWan - ok
17:19:15.0299 0x1030 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:19:15.0315 0x1030 NDProxy - ok
17:19:15.0330 0x1030 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:19:15.0346 0x1030 NetBIOS - ok
17:19:15.0377 0x1030 [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:19:15.0393 0x1030 NetBT - ok
17:19:15.0408 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] Netlogon C:\Windows\system32\lsass.exe
17:19:15.0424 0x1030 Netlogon - ok
17:19:15.0455 0x1030 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:19:15.0486 0x1030 Netman - ok
17:19:15.0518 0x1030 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0533 0x1030 NetMsmqActivator - ok
17:19:15.0564 0x1030 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0580 0x1030 NetPipeActivator - ok
17:19:15.0596 0x1030 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:19:15.0627 0x1030 netprofm - ok
17:19:15.0642 0x1030 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0642 0x1030 NetTcpActivator - ok
17:19:15.0658 0x1030 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:19:15.0674 0x1030 NetTcpPortSharing - ok
17:19:15.0705 0x1030 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:19:15.0705 0x1030 nfrd960 - ok
17:19:15.0752 0x1030 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:19:15.0767 0x1030 NlaSvc - ok
17:19:15.0783 0x1030 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:19:15.0814 0x1030 Npfs - ok
17:19:15.0830 0x1030 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:19:15.0861 0x1030 nsi - ok
17:19:15.0861 0x1030 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:19:15.0892 0x1030 nsiproxy - ok
17:19:15.0970 0x1030 [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:19:16.0001 0x1030 Ntfs - ok
17:19:16.0017 0x1030 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:19:16.0032 0x1030 Null - ok
17:19:16.0064 0x1030 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:19:16.0064 0x1030 nvraid - ok
17:19:16.0095 0x1030 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:19:16.0110 0x1030 nvstor - ok
17:19:16.0142 0x1030 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:19:16.0157 0x1030 nv_agp - ok
17:19:16.0188 0x1030 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:19:16.0204 0x1030 ohci1394 - ok
17:19:16.0298 0x1030 [ AC3F00222CB7A2677FD0C3412DF79D1C, 59FC8F41CA15ADED4E912691B8BC716CAA856346A9C371059B887E4621F33351 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:19:16.0329 0x1030 ose - ok
17:19:16.0516 0x1030 [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:19:16.0625 0x1030 osppsvc - ok
17:19:16.0672 0x1030 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:19:16.0688 0x1030 p2pimsvc - ok
17:19:16.0703 0x1030 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:19:16.0719 0x1030 p2psvc - ok
17:19:16.0734 0x1030 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:19:16.0750 0x1030 Parport - ok
17:19:16.0766 0x1030 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:19:16.0781 0x1030 partmgr - ok
17:19:16.0797 0x1030 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:19:16.0812 0x1030 Parvdm - ok
17:19:16.0828 0x1030 [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:19:16.0844 0x1030 PcaSvc - ok
17:19:16.0875 0x1030 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:19:16.0890 0x1030 pci - ok
17:19:16.0922 0x1030 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:19:16.0937 0x1030 pciide - ok
17:19:16.0953 0x1030 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:19:16.0968 0x1030 pcmcia - ok
17:19:16.0968 0x1030 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:19:16.0984 0x1030 pcw - ok
17:19:17.0031 0x1030 [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:19:17.0046 0x1030 PEAUTH - ok
17:19:17.0093 0x1030 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:19:17.0124 0x1030 PeerDistSvc - ok
17:19:17.0202 0x1030 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:19:17.0249 0x1030 pla - ok
17:19:17.0296 0x1030 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:19:17.0312 0x1030 PlugPlay - ok
17:19:17.0327 0x1030 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:19:17.0343 0x1030 PNRPAutoReg - ok
17:19:17.0358 0x1030 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:19:17.0374 0x1030 PNRPsvc - ok
17:19:17.0405 0x1030 [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:19:17.0421 0x1030 PolicyAgent - ok
17:19:17.0452 0x1030 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:19:17.0483 0x1030 Power - ok
17:19:17.0514 0x1030 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:19:17.0530 0x1030 PptpMiniport - ok
17:19:17.0561 0x1030 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:19:17.0577 0x1030 Processor - ok
17:19:17.0608 0x1030 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:19:17.0624 0x1030 ProfSvc - ok
17:19:17.0639 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:19:17.0655 0x1030 ProtectedStorage - ok
17:19:17.0670 0x1030 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:19:17.0702 0x1030 Psched - ok
17:19:17.0748 0x1030 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:19:17.0780 0x1030 ql2300 - ok
17:19:17.0795 0x1030 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:19:17.0811 0x1030 ql40xx - ok
17:19:17.0826 0x1030 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:19:17.0842 0x1030 QWAVE - ok
17:19:17.0858 0x1030 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:19:17.0873 0x1030 QWAVEdrv - ok
17:19:17.0951 0x1030 [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:19:17.0967 0x1030 RapiMgr - ok
17:19:17.0982 0x1030 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:19:17.0998 0x1030 RasAcd - ok
17:19:18.0029 0x1030 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:19:18.0045 0x1030 RasAgileVpn - ok
17:19:18.0060 0x1030 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:19:18.0092 0x1030 RasAuto - ok
17:19:18.0092 0x1030 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:19:18.0123 0x1030 Rasl2tp - ok
17:19:18.0154 0x1030 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:19:18.0185 0x1030 RasMan - ok
17:19:18.0185 0x1030 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:19:18.0216 0x1030 RasPppoe - ok
17:19:18.0216 0x1030 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:19:18.0248 0x1030 RasSstp - ok
17:19:18.0263 0x1030 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:19:18.0294 0x1030 rdbss - ok
17:19:18.0294 0x1030 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:19:18.0310 0x1030 rdpbus - ok
17:19:18.0326 0x1030 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:19:18.0341 0x1030 RDPCDD - ok
17:19:18.0372 0x1030 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:19:18.0388 0x1030 RDPDR - ok
17:19:18.0404 0x1030 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:19:18.0435 0x1030 RDPENCDD - ok
17:19:18.0450 0x1030 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:19:18.0466 0x1030 RDPREFMP - ok
17:19:18.0544 0x1030 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:19:18.0560 0x1030 RdpVideoMiniport - ok
17:19:18.0606 0x1030 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:19:18.0638 0x1030 RDPWD - ok
17:19:18.0716 0x1030 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:19:18.0731 0x1030 rdyboost - ok
17:19:18.0747 0x1030 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:19:18.0778 0x1030 RemoteAccess - ok
17:19:18.0794 0x1030 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:19:18.0825 0x1030 RemoteRegistry - ok
17:19:18.0840 0x1030 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:19:18.0856 0x1030 RpcEptMapper - ok
17:19:18.0887 0x1030 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:19:18.0903 0x1030 RpcLocator - ok
17:19:18.0934 0x1030 [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs C:\Windows\system32\rpcss.dll
17:19:18.0950 0x1030 RpcSs - ok
17:19:18.0965 0x1030 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:19:18.0996 0x1030 rspndr - ok
17:19:19.0012 0x1030 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:19:19.0028 0x1030 s3cap - ok
17:19:19.0043 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] SamSs C:\Windows\system32\lsass.exe
17:19:19.0059 0x1030 SamSs - ok
17:19:19.0090 0x1030 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:19:19.0106 0x1030 sbp2port - ok
17:19:19.0121 0x1030 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:19:19.0152 0x1030 SCardSvr - ok
17:19:19.0168 0x1030 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:19:19.0184 0x1030 scfilter - ok
17:19:19.0277 0x1030 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
17:19:19.0324 0x1030 Schedule - ok
17:19:19.0355 0x1030 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:19:19.0371 0x1030 SCPolicySvc - ok
17:19:19.0402 0x1030 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:19:19.0418 0x1030 SDRSVC - ok
17:19:19.0511 0x1030 [ 206387AB881E93A1A6EB89966C8651F1, 3BF9DFF3E70F0787F7F94BE5B9717DFADD9E13AB8154FAE295CEAC834F0835E5 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
17:19:19.0527 0x1030 SDScannerService - ok
17:19:19.0605 0x1030 [ A529CFE32565C0B145578FFB2B32C9A5, 4B1596CBDDA74D510707FD475AAB3A89B1203E0B95ECAE3756CAA56555F9F66D ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:19:19.0652 0x1030 SDUpdateService - ok
17:19:19.0683 0x1030 [ CB63BDB77BB86549FC3303C2F11EDC18, 1C96C082B9CE08C8F3C088D5DE68BA8783E6F6A837A88E2654BC4CBCF7B81846 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:19:19.0698 0x1030 SDWSCService - ok
17:19:19.0761 0x1030 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:19:19.0776 0x1030 secdrv - ok
17:19:19.0808 0x1030 [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon C:\Windows\system32\seclogon.dll
17:19:19.0823 0x1030 seclogon - ok
17:19:19.0839 0x1030 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:19:19.0870 0x1030 SENS - ok
17:19:19.0901 0x1030 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:19:19.0917 0x1030 SensrSvc - ok
17:19:19.0932 0x1030 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:19:19.0948 0x1030 Serenum - ok
17:19:19.0964 0x1030 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:19:19.0964 0x1030 Serial - ok
17:19:19.0979 0x1030 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:19:19.0995 0x1030 sermouse - ok
17:19:20.0026 0x1030 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:19:20.0042 0x1030 SessionEnv - ok
17:19:20.0073 0x1030 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:19:20.0073 0x1030 sffdisk - ok
17:19:20.0088 0x1030 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:19:20.0104 0x1030 sffp_mmc - ok
17:19:20.0104 0x1030 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:19:20.0120 0x1030 sffp_sd - ok
17:19:20.0135 0x1030 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:19:20.0151 0x1030 sfloppy - ok
17:19:20.0182 0x1030 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:19:20.0213 0x1030 SharedAccess - ok
17:19:20.0229 0x1030 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:19:20.0260 0x1030 ShellHWDetection - ok
17:19:20.0276 0x1030 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:19:20.0276 0x1030 sisagp - ok
17:19:20.0307 0x1030 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:19:20.0322 0x1030 SiSRaid2 - ok
17:19:20.0322 0x1030 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:19:20.0338 0x1030 SiSRaid4 - ok
17:19:20.0416 0x1030 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:19:20.0447 0x1030 SkypeUpdate - ok
17:19:20.0463 0x1030 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:19:20.0494 0x1030 Smb - ok
17:19:20.0572 0x1030 [ 43E51FC3E2008542A42ACAD282840D8C, 68557AAD48A32975C6723801227451843E1A7D0FDD2993FD1E7CD9C076E2D7D3 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
17:19:20.0603 0x1030 snapman - ok
17:19:20.0650 0x1030 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:19:20.0681 0x1030 SNMPTRAP - ok
17:19:20.0681 0x1030 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:19:20.0697 0x1030 spldr - ok
17:19:20.0759 0x1030 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:19:20.0775 0x1030 Spooler - ok
17:19:20.0915 0x1030 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:19:20.0993 0x1030 sppsvc - ok
17:19:21.0024 0x1030 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:19:21.0056 0x1030 sppuinotify - ok
17:19:21.0087 0x1030 [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:19:21.0102 0x1030 srv - ok
17:19:21.0134 0x1030 [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:19:21.0149 0x1030 srv2 - ok
17:19:21.0165 0x1030 [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:19:21.0165 0x1030 srvnet - ok
17:19:21.0180 0x1030 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:19:21.0212 0x1030 SSDPSRV - ok
17:19:21.0212 0x1030 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:19:21.0243 0x1030 SstpSvc - ok
17:19:21.0274 0x1030 [ ECAD7536931CDEC9988E64DDD9AC08DE, A0B582774123F09141A0C083CB15424B81A070737228DBF015FF59F99B44667B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:19:21.0290 0x1030 ssudmdm - ok
17:19:21.0400 0x1030 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
17:19:21.0431 0x1030 ss_conn_service - ok
17:19:21.0447 0x1030 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:19:21.0462 0x1030 stexstor - ok
17:19:21.0478 0x1030 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:19:21.0509 0x1030 StiSvc - ok
17:19:21.0540 0x1030 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:19:21.0540 0x1030 storflt - ok
17:19:21.0571 0x1030 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
17:19:21.0571 0x1030 StorSvc - ok
17:19:21.0603 0x1030 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:19:21.0618 0x1030 storvsc - ok
17:19:21.0634 0x1030 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
17:19:21.0634 0x1030 swenum - ok
17:19:21.0665 0x1030 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:19:21.0696 0x1030 swprv - ok
17:19:21.0883 0x1030 [ D29491D27DEEBA168284FD71CDCCE204, 49491AF92831CDADE1749607E0CD65118C380BC2A51A0F62BC3E27DCF884C0F7 ] syncagentsrv C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
17:19:22.0008 0x1030 syncagentsrv - ok
17:19:22.0071 0x1030 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
17:19:22.0102 0x1030 SysMain - ok
17:19:22.0117 0x1030 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:19:22.0133 0x1030 TabletInputService - ok
17:19:22.0164 0x1030 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:19:22.0180 0x1030 TapiSrv - ok
17:19:22.0273 0x1030 [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:19:22.0320 0x1030 Tcpip - ok
17:19:22.0351 0x1030 [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:19:22.0398 0x1030 TCPIP6 - ok
17:19:22.0445 0x1030 [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:19:22.0445 0x1030 tcpipreg - ok
17:19:22.0476 0x1030 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:19:22.0492 0x1030 TDPIPE - ok
17:19:22.0554 0x1030 [ EA97B9855D8F2C427CF96A2B63FAFE07, 5875A4A01566A8A10AE2C427A39C2A162BE4EF9DE0E674C3C5486AD78A249A14 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
17:19:22.0570 0x1030 tdrpman - ok
17:19:22.0632 0x1030 [ 3630F5B8181554DEECFE2E4252BC4C4C, 4C827CD4C3880854DE1CE232118F21E09A8731441D7203D5CA1ACBF8CDDF8B70 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
17:19:22.0648 0x1030 tdrpman251 - ok
17:19:22.0679 0x1030 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:19:22.0695 0x1030 TDTCP - ok
17:19:22.0741 0x1030 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:19:22.0741 0x1030 tdx - ok
17:19:23.0007 0x1030 [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer C:\Program Files\TeamViewer\TeamViewer_Service.exe
17:19:23.0163 0x1030 TeamViewer - ok
17:19:23.0209 0x1030 [ 9101FFFCFCCD1A30E870A5B8A9091B10, 58AAB0F6FF78FD0ECDD8D9DA1B6852E9E57E3DAA39489ABDDBA106ECE0B3BCA7 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
17:19:23.0225 0x1030 teamviewervpn - ok
17:19:23.0256 0x1030 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:19:23.0272 0x1030 TermDD - ok
17:19:23.0319 0x1030 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:19:23.0334 0x1030 TermService - ok
17:19:23.0381 0x1030 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:19:23.0412 0x1030 Themes - ok
17:19:23.0428 0x1030 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:19:23.0443 0x1030 THREADORDER - ok
17:19:23.0490 0x1030 [ 9853EFF7FB1AF233E05D2BC813FCEE8E, 6D1B89EFE167438ED506F8E2652151BD95CC6D318A64C3DACB5689E0118A7057 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
17:19:23.0521 0x1030 timounter - ok
17:19:23.0568 0x1030 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:19:23.0584 0x1030 TrkWks - ok
17:19:23.0646 0x1030 [ 21D940160C67ADE7448DAD6C1D504A62, FBF1DA642C06995AE958AB3ACF77211A0251A4B45816E8EB19F28A0AA3DEED51 ] Trufos C:\Windows\system32\DRIVERS\Trufos.sys
17:19:23.0677 0x1030 Trufos - detected UnsignedFile.Multi.Generic ( 1 )
17:19:23.0989 0x1030 Detect skipped due to KSN trusted
17:19:23.0989 0x1030 Trufos - ok
17:19:24.0036 0x1030 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:19:24.0067 0x1030 TrustedInstaller - ok
17:19:24.0099 0x1030 [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:19:24.0114 0x1030 tssecsrv - ok
17:19:24.0161 0x1030 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:19:24.0161 0x1030 TsUsbFlt - ok
17:19:24.0208 0x1030 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:19:24.0239 0x1030 tunnel - ok
17:19:24.0255 0x1030 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:19:24.0270 0x1030 uagp35 - ok
17:19:24.0286 0x1030 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:19:24.0317 0x1030 udfs - ok
17:19:24.0348 0x1030 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:19:24.0348 0x1030 UI0Detect - ok
17:19:24.0457 0x1030 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:19:24.0473 0x1030 uliagpkx - ok
17:19:24.0504 0x1030 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
17:19:24.0520 0x1030 umbus - ok
17:19:24.0535 0x1030 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:19:24.0551 0x1030 UmPass - ok
17:19:24.0582 0x1030 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
17:19:24.0598 0x1030 UmRdpService - ok
17:19:24.0613 0x1030 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:19:24.0645 0x1030 upnphost - ok
17:19:24.0660 0x1030 [ 5C2BDC152BBAB34F36473DEAF7713F22, DC7D6FD3BE2F4D8832BB62AB76E5332BB65255AB45F6E28E6B1991A976C1A058 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:19:24.0676 0x1030 USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
17:19:24.0769 0x1030 Detect skipped due to KSN trusted
17:19:24.0769 0x1030 USBAAPL - ok
17:19:24.0801 0x1030 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:19:24.0816 0x1030 usbaudio - ok
17:19:24.0847 0x1030 [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
17:19:24.0847 0x1030 usbccgp - ok
17:19:24.0879 0x1030 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:19:24.0894 0x1030 usbcir - ok
17:19:24.0910 0x1030 [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:19:24.0925 0x1030 usbehci - ok
17:19:24.0972 0x1030 [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
17:19:25.0003 0x1030 usbhub - ok
17:19:25.0035 0x1030 [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:19:25.0050 0x1030 usbohci - ok
17:19:25.0066 0x1030 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:19:25.0081 0x1030 usbprint - ok
17:19:25.0113 0x1030 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\drivers\usbscan.sys
17:19:25.0128 0x1030 usbscan - ok
17:19:25.0159 0x1030 [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:19:25.0175 0x1030 USBSTOR - ok
17:19:25.0191 0x1030 [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:19:25.0206 0x1030 usbuhci - ok
17:19:25.0237 0x1030 [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:19:25.0253 0x1030 usb_rndisx - ok
17:19:25.0269 0x1030 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:19:25.0284 0x1030 UxSms - ok
17:19:25.0300 0x1030 [ 7C37F3B5A4D5777687F60D71B3DB3CF7, 945C5E12FD5DA05761A378D77DAB52C2790ADCCBF41249570220F91A2CBB5A90 ] VaultSvc C:\Windows\system32\lsass.exe
17:19:25.0315 0x1030 VaultSvc - ok
17:19:25.0347 0x1030 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:19:25.0362 0x1030 vdrvroot - ok
17:19:25.0393 0x1030 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:19:25.0425 0x1030 vds - ok
17:19:25.0440 0x1030 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:19:25.0456 0x1030 vga - ok
17:19:25.0456 0x1030 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:19:25.0487 0x1030 VgaSave - ok
17:19:25.0534 0x1030 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:19:25.0549 0x1030 vhdmp - ok
17:19:25.0581 0x1030 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:19:25.0581 0x1030 viaagp - ok
17:19:25.0612 0x1030 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:19:25.0612 0x1030 ViaC7 - ok
17:19:25.0643 0x1030 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:19:25.0659 0x1030 viaide - ok
17:19:25.0674 0x1030 [ D1771BEA464E5A521A8BEF86F2019A23, 6FED287CD62A7178ED7B8411FF4F2E87D9C03AB4C020C55FB926CD11CD2EF848 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
17:19:25.0690 0x1030 vididr - ok
17:19:25.0721 0x1030 [ 47AD209A231CA076E292AE207A61E2E3, F30ADE4FDD6FD7553E7DD705D39BA0C75CC8888A195912830D5C5FEE7970796B ] vidsflt58 C:\Windows\system32\DRIVERS\vsflt58.sys
17:19:25.0737 0x1030 vidsflt58 - ok
17:19:25.0752 0x1030 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:19:25.0752 0x1030 vmbus - ok
17:19:25.0783 0x1030 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:19:25.0783 0x1030 VMBusHID - ok
17:19:25.0815 0x1030 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:19:25.0830 0x1030 volmgr - ok
17:19:25.0846 0x1030 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:19:25.0861 0x1030 volmgrx - ok
17:19:25.0893 0x1030 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:19:25.0908 0x1030 volsnap - ok
17:19:25.0924 0x1030 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:19:25.0939 0x1030 vsmraid - ok
17:19:26.0017 0x1030 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:19:26.0064 0x1030 VSS - ok
17:19:26.0080 0x1030 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:19:26.0095 0x1030 vwifibus - ok
17:19:26.0127 0x1030 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:19:26.0158 0x1030 W32Time - ok
17:19:26.0189 0x1030 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:19:26.0205 0x1030 WacomPen - ok
17:19:26.0236 0x1030 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:19:26.0267 0x1030 WANARP - ok
17:19:26.0267 0x1030 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:19:26.0283 0x1030 Wanarpv6 - ok
17:19:26.0376 0x1030 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:19:26.0423 0x1030 WatAdminSvc - ok
17:19:26.0454 0x1030 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:19:26.0485 0x1030 wbengine - ok
17:19:26.0501 0x1030 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:19:26.0517 0x1030 WbioSrvc - ok
17:19:26.0548 0x1030 [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:19:26.0563 0x1030 WcesComm - ok
17:19:26.0595 0x1030 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:19:26.0626 0x1030 wcncsvc - ok
17:19:26.0626 0x1030 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:19:26.0641 0x1030 WcsPlugInService - ok
17:19:26.0657 0x1030 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:19:26.0673 0x1030 Wd - ok
17:19:26.0704 0x1030 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:19:26.0719 0x1030 Wdf01000 - ok
17:19:26.0751 0x1030 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:19:26.0766 0x1030 WdiServiceHost - ok
17:19:26.0782 0x1030 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:19:26.0782 0x1030 WdiSystemHost - ok
17:19:26.0813 0x1030 [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient C:\Windows\System32\webclnt.dll
17:19:26.0829 0x1030 WebClient - ok
17:19:26.0844 0x1030 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:19:26.0875 0x1030 Wecsvc - ok
17:19:26.0875 0x1030 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:19:26.0907 0x1030 wercplsupport - ok
17:19:26.0922 0x1030 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:19:26.0953 0x1030 WerSvc - ok
17:19:26.0953 0x1030 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:19:26.0985 0x1030 WfpLwf - ok
17:19:26.0985 0x1030 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:19:27.0000 0x1030 WIMMount - ok
17:19:27.0063 0x1030 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:19:27.0094 0x1030 WinDefend - ok
17:19:27.0109 0x1030 WinHttpAutoProxySvc - ok
17:19:27.0156 0x1030 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:19:27.0187 0x1030 Winmgmt - ok
17:19:27.0250 0x1030 [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM C:\Windows\system32\WsmSvc.dll
17:19:27.0281 0x1030 WinRM - ok
17:19:27.0328 0x1030 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:19:27.0343 0x1030 WinUsb - ok
17:19:27.0359 0x1030 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:19:27.0390 0x1030 Wlansvc - ok
17:19:27.0484 0x1030 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:19:27.0515 0x1030 wlidsvc - ok
17:19:27.0546 0x1030 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:19:27.0562 0x1030 WmiAcpi - ok
17:19:27.0577 0x1030 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:19:27.0593 0x1030 wmiApSrv - ok
17:19:27.0671 0x1030 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:19:27.0702 0x1030 WMPNetworkSvc - ok
17:19:27.0718 0x1030 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:19:27.0733 0x1030 WPCSvc - ok
17:19:27.0765 0x1030 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:19:27.0780 0x1030 WPDBusEnum - ok
17:19:27.0811 0x1030 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:19:27.0843 0x1030 ws2ifsl - ok
17:19:27.0874 0x1030 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:19:27.0889 0x1030 wscsvc - ok
17:19:27.0889 0x1030 WSearch - ok
17:19:27.0967 0x1030 [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv C:\Windows\system32\wuaueng.dll
17:19:28.0030 0x1030 wuauserv - ok
17:19:28.0061 0x1030 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:19:28.0077 0x1030 WudfPf - ok
17:19:28.0077 0x1030 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:19:28.0092 0x1030 WUDFRd - ok
17:19:28.0108 0x1030 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:19:28.0123 0x1030 wudfsvc - ok
17:19:28.0155 0x1030 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:19:28.0170 0x1030 WwanSvc - ok
17:19:28.0186 0x1030 ================ Scan global ===============================
17:19:28.0217 0x1030 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
17:19:28.0248 0x1030 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
17:19:28.0264 0x1030 [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
17:19:28.0295 0x1030 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:19:28.0326 0x1030 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
17:19:28.0326 0x1030 [ Global ] - ok
17:19:28.0326 0x1030 ================ Scan MBR ==================================
17:19:28.0342 0x1030 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:19:28.0638 0x1030 \Device\Harddisk0\DR0 - ok
17:19:28.0638 0x1030 ================ Scan VBR ==================================
17:19:28.0638 0x1030 [ E93D927090D6C0031B68BDAC43F42231 ] \Device\Harddisk0\DR0\Partition1
17:19:28.0638 0x1030 \Device\Harddisk0\DR0\Partition1 - ok
17:19:28.0654 0x1030 [ 2ADAAF21787D79741CE88DEA419DC039 ] \Device\Harddisk0\DR0\Partition2
17:19:28.0654 0x1030 \Device\Harddisk0\DR0\Partition2 - ok
17:19:28.0654 0x1030 [ 00BCF2316C109D37B48F3F15FC094BB5 ] \Device\Harddisk0\DR0\Partition3
17:19:28.0654 0x1030 \Device\Harddisk0\DR0\Partition3 - ok
17:19:28.0654 0x1030 ================ Scan generic autorun ======================
17:19:28.0872 0x1030 [ BF921C95D3F0AAC1E2479D6D864469D3, CA5341811D79F6B780FAE1E51444ACD6F89627C702A2EC4562D8B07149A6438F ] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
17:19:28.0981 0x1030 TrueImageMonitor.exe - ok
17:19:29.0106 0x1030 [ B5A4EBA9487F08BECC843A87422B8052, EA905E9169CE8C934F2D6F7E319A75E31EA9E1840CC455298BEB3F92E22FCAAE ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
17:19:29.0200 0x1030 SDTray - ok
17:19:29.0340 0x1030 [ CA17F675E133E506589EA1049225D6EB, 9B9BDE5FF8FCD73A43625C74BE16B60F422D4DF32A32EE77745DAA287DAEFF0C ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:19:29.0418 0x1030 EvtMgr6 - ok
17:19:29.0871 0x1030 [ C6EA8429C22C53BC7A738FFEC4831429, BF0B2C1F38F2DDE284C20CA0C4027495F52E52B35B846A1F655C6670816552C8 ] C:\Program Files\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
17:19:29.0964 0x1030 GwxControlPanelMonitor - ok
17:19:30.0136 0x1030 [ D58FAFFD288F11B93ACBE9F93D7F3C66, 8B4E876FF3A340595DCB812BDA8C0EE7CC452AEC0CEB2CDFEE09775D6EF657B1 ] C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
17:19:30.0183 0x1030 Adobe Creative Cloud - ok
17:19:30.0276 0x1030 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:19:30.0307 0x1030 Sidebar - ok
17:19:30.0339 0x1030 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:19:30.0354 0x1030 mctadmin - ok
17:19:30.0401 0x1030 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:19:30.0432 0x1030 Sidebar - ok
17:19:30.0448 0x1030 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:19:30.0463 0x1030 mctadmin - ok
17:19:30.0510 0x1030 [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:30.0526 0x1030 EPSON BX300F Series - ok
17:19:30.0682 0x1030 [ 1B2B3215F4B6B735813844AC1769E239, FCC4D5E52329531904637C19F0BA6EBD857CDFB814D3DCD799062D049FF2E485 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
17:19:30.0760 0x1030 Spybot-S&D Cleaning - ok
17:19:30.0963 0x1030 [ C2C9E42D6C51E99C1BAB44F108E8851C, F513A2FCE15AD1F7C4A8A4E67CA2C9613EE305FAAE8D674BC3019A96DEEDFF61 ] C:\Program Files\CCleaner\CCleaner.exe
17:19:31.0103 0x1030 CCleaner Monitoring - ok
17:19:31.0150 0x1030 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Wyss Markus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:19:31.0181 0x1030 Dropbox Update - ok
17:19:31.0259 0x1030 [ B393991F172F1A26EEF065E1D114825A, 4BC4EBC5A1400482BD2C09EE8D3C6FFA2E73D89152CC4DF0B697BFC55C29AF2C ] C:\Users\Wyss Markus\AppData\Local\Programs\CodeTwo\Email Signatures Client App\EmailSignatures.Client.exe
17:19:31.0275 0x1030 CodeTwo Email Signatures - ok
17:19:31.0290 0x1030 [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:31.0306 0x1030 EPSON BX300F Series (Kopie 2) - ok
17:19:31.0415 0x1030 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\brigitta\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:19:31.0446 0x1030 Dropbox Update - ok
17:19:31.0633 0x1030 [ C2C9E42D6C51E99C1BAB44F108E8851C, F513A2FCE15AD1F7C4A8A4E67CA2C9613EE305FAAE8D674BC3019A96DEEDFF61 ] C:\Program Files\CCleaner\CCleaner.exe
17:19:31.0774 0x1030 CCleaner Monitoring - ok
17:19:31.0805 0x1030 [ 9C40F419CCD930AB6CBF2F7B35316C60, 22668156D17FC88E27BB2F94F03387BBF0FE5DF3FF04AB44BE433FA6143071FC ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE
17:19:31.0805 0x1030 EPSON BX300F Series - ok
17:19:31.0821 0x1030 Waiting for KSN requests completion. In queue: 168
17:19:32.0866 0x1030 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
17:19:32.0866 0x1030 Win FW state via NFP2: enabled ( trusted )
17:19:33.0022 0x1030 ============================================================
17:19:33.0022 0x1030 Scan finished
17:19:33.0022 0x1030 ============================================================
17:19:33.0022 0x02b8 Detected object count: 0
17:19:33.0022 0x02b8 Actual detected object count: 0
|
|
26.10.2016, 08:36
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PCKeeper und Spacekace auf W7 Prof gefunden. Log von MBAR fehlt. Dafür hast du schon adwCleaner gemacht, obwohl das noch garnicht als Schritt aufgeführt war
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.10.2016, 10:50
| #13 |
| | Sorry Ups Sorry....hier: Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/10/26 10:54:44 +0200</date>
<logfile>mbam-log-2016-10-26 (10-54-39).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.10.26.02</malware-database>
<rootkit-database>v2016.09.26.02</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>HostName</hostname>
<ip>192.168.1.102</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x86</arch>
<username>Markusli</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>429703</objects>
<time>1627</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
Code:
ATTFilter <?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.686306+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="c702b82c-8ace-496d-835c-6983b5a3ec5a" result="Starting" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.686306+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="1d6a0725-4277-476a-951e-ee3ae0ea24e7" result="Started" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:05.701906+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="ce94d26c-0610-4c62-8a44-8bffb8cda715" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T09:28:10.943515+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="9e0b2f04-952d-4321-ac71-93129a6962c1" result="Started" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-10-26T10:14:48.418678+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="Systemname" fromVersion="2016.10.25.1" last_modified_tag="615dc59e-3a0a-4594-adec-4900999d0b92" name="Domain Database" toVersion="2016.10.25.5"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-10-26T10:14:53.254687+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="Systemname" fromVersion="2016.10.25.11" last_modified_tag="0bd56c41-a2b0-4ba9-8b94-3d76a3b7bc30" name="Malware Database" toVersion="2016.10.26.2"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.301487+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="79304081-783c-4a5d-b524-aff40d9a5e0a" result="Starting" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.317087+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="49dd5cca-ae36-4629-981a-e6c8b56512f3" result="Stopping" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:14:53.909888+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="366cec05-8a74-405f-973c-2012597cb447" result="Stopped" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:22.021137+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="9b2dc4ae-1896-42d1-aee6-07d4c64faf4d" result="Success" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:22.036737+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="b2270a1a-fcac-4081-bae8-316153dade1d" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T10:15:24.860342+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="Systemname" last_modified_tag="da91235f-5492-498f-ad47-fee43909efe9" result="Started" subtype="Malicious Website Protection"></record>
<record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-10-26T10:54:44+02:00" datetime="2016-10-26T11:21:51.757837+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="Systemname" last_modified_tag="3ceb1533-8c6d-48c8-b38b-9f7f1bd3acfb" duration="1627" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-10-26T11:42:44.634474+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SystemName" fromVersion="2016.10.26.2" last_modified_tag="f5050e79-73b4-4f2e-bca6-271fb928b6f7" name="Malware Database" toVersion="2016.10.26.3"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:44.695477+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="efa349a4-5a3a-47d4-b7ea-8f1e535cef73" result="Starting" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:44.705478+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="7faf7464-7e81-429c-b9ef-69c6c63287aa" result="Stopping" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:42:46.711592+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="81a12116-31a6-4f78-a63b-dff04f3337aa" result="Stopped" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:15.710251+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="2fcbdb26-7a73-4c2a-96bb-3d1d5656a3a1" result="Success" subtype="Refresh"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:15.727252+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="7cb3e2aa-48df-4fd0-aa24-91a7bb2e5200" result="Starting" subtype="Malicious Website Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-10-26T11:43:18.738424+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SystemName" last_modified_tag="cc6a0204-2f25-4f18-bc60-3503906637b8" result="Started" subtype="Malicious Website Protection"></record>
</logs>
|
|
26.10.2016, 10:53
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PCKeeper und Spacekace auf W7 Prof gefunden. Anleitungen bitte richtig lesen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.10.2016, 17:23
| #15 |
| | Sorry Ja sorry...hatte die Anleitung schon gelesen und die Scans am Vortag auch schon gemacht...daher falsches Log gepostet. Aber was ist nun damit??? |
|
| Themen zu PCKeeper und Spacekace auf W7 Prof gefunden. |
| adwcleaner, ansehen, auf werbung umgeleitet, danke, datei, first, gefunde, gescannt, gestern, mbam, nochmals, ordner, pckeeper, phänomen, probleme, rechner, spacekace, spybot, tdsskiller, umgeleitet, verschwunden, websites, werbung |
Linear-Darstellung
