| |
| |||||||
Log-Analyse und Auswertung: Trojan.Agent - Windows VistaWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.02.2016, 20:23
| #1 |
 |  Trojan.Agent - Windows Vista Hallo Zusammen, ich denke, der alte PC meines Vaters ist infiziert. Zunächst waren es einige PUP's mit dem Namen Crossrider - Malwarebytes Logfile s. unten. Dann wurde auch noch ein Trojan.Agent von Malwarebytes entdeckt. (s. 2. Logfile). Beides mal wurden die Dateien in die Quarantäne verschoben und dann gelöscht. Allerdings denke ich, dass sein Adressbuch von Yahoo Mail gehackt wurde. Ich und andere erhalten infizierte Emails von einer Email Adresse mit seinem Namen, allerdings von der Domain ...@goo.jp. Das Email Konto auf Yahoo habe ich heute vorsichtshalber deaktiviert. Ich lasse gerade noch den Eset Online Scanner laufen. Poste dann die Logfile, sobald es fertig ist. Mein McAffee LiveSafe meldet keine Bedrohungen. Würde mich über eure Tips freuen! Danke schon mal im Voraus! Hier das damalige Logfile mit den PUP's Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.12.2015 Suchlaufzeit: 15:45:25 Protokolldatei: mbam_181215.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.18.03 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x64 Dateisystem: NTFS Benutzer: Home Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 390086 Abgelaufene Zeit: 24 Min., 25 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 5 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-chromeinstaller, Löschen bei Neustart, [7912e7bfe2a954e2196237753bc7e11f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-codedownloader, Löschen bei Neustart, [39527e28b9d265d181fa901cb250e61a], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-enabler, Löschen bei Neustart, [d0bba8fe800b989ea3d87c304ab87888], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-firefoxinstaller, Löschen bei Neustart, [b6d53d69216ae650e7943e6e23df9e62], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Media_Play_AIR+-updater, Löschen bei Neustart, [6922bceaed9e78beafcc9b11897955ab], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 19.01.2016 Suchlaufzeit: 13:33:42 Protokolldatei: mbam_190116.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.19.03 Rootkit-Datenbank: v2016.01.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x64 Dateisystem: NTFS Benutzer: Home Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 393995 Abgelaufene Zeit: 23 Min., 51 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 Trojan.Agent, C:\WINDOWS\System32\odbcjt42.exe, In Quarantäne, [83fceb502d6ce353fb34527b946d7d83], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Die Suche mit Eset Online Scanner hat keine Funde ergeben: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6f44bf28ca0adb44bc76b267368792fa
# end=init
# utc_time=2016-02-09 04:16:52
# local_time=2016-02-09 05:16:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 28048
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6f44bf28ca0adb44bc76b267368792fa
# end=updated
# utc_time=2016-02-09 05:16:13
# local_time=2016-02-09 06:16:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6f44bf28ca0adb44bc76b267368792fa
# engine=28048
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-09 07:47:21
# local_time=2016-02-09 08:47:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5131 16777214 100 100 12703028 40010626 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776638 100 100 12706814 292571146 0 0
# scanned=255367
# found=0
# cleaned=0
# scan_time=9066
Geändert von MoThePo (09.02.2016 um 20:56 Uhr) |
|
10.02.2016, 13:00
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Trojan.Agent - Windows Vista Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.02.2016, 21:19
| #3 |
| | Trojan.Agent - Windows Vista Hallo Jürgen,
__________________danke schon mal für deine Hilfe! Hier die Ergebnisse aus Schritt 1: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von Home (Administrator) auf HOME-PC (10-02-2016 21:05:35)
Gestartet von C:\Users\Home\Desktop
Geladene Profile: Home (Verfügbare Profile: Home & Gast)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ATI Technologies Inc.) C:\WINDOWS\System32\Ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(ATI Technologies Inc.) C:\WINDOWS\System32\Ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Realtek Semiconductor) C:\WINDOWS\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6150656 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [70912 2008-03-14] (Hewlett-Packard)
HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [718248 2015-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\MountPoints2: {0061f5ed-6d18-11de-8b85-00221526174f} - K:\pcwstart.exe
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\MountPoints2: {6c5b72ba-ad02-11df-a44c-00221526174f} - wd_windows_tools\setup.exe
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\MountPoints2: {d68e194b-fafb-11df-bd8c-00221526174f} - J:\pushinst.exe
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\MountPoints2: {edfdbac5-a091-11de-8dc8-00221526174f} - starter.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2012-06-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2012-06-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-09-15]
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-09-15]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{84D3C1C7-A189-4DD8-B6B1-579D20420AB0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E55A0798-7191-429B-859B-D2AC7088880C}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {1ABA2C13-E36C-4497-8234-1E146E69EAA4} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM -> {FB5DD038-132F-4EA1-8871-F5F9A3D5AC1E} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000 -> {1ABA2C13-E36C-4497-8234-1E146E69EAA4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-09-15] (McAfee)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-24] (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-09-15] (McAfee)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-24] (Oracle Corporation)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-09-15] (McAfee)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-09-15] (McAfee)
DPF: HKLM-x32 {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-23] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-23] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-23] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-23] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-17] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-17] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085
FF Homepage: hxxps://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2012-12-24] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-24] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-08-18] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085\searchplugins\McSiteAdvisor.xml [2016-02-10]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF Extension: NoScript - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-03]
FF Extension: Bitdefender QuickScan - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-02-08]
FF Extension: McAfee SafeKey - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2015-09-15] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\0yk7tulu.default-1410973344085\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-09-15] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-14]
CHR Extension: (McAfee SafeKey) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2015-09-24]
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-14]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Cast) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-10-21]
CHR Extension: (Google-Suche) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Tabellen) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-14]
CHR Extension: (SiteAdvisor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-09-24]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (Google Mail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-15]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2015-09-15]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-15]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-04-06] (SUPERAntiSpyware.com)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
S2 gupdate1ca23fa2f8d54a0; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-12] (Google Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-03-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-12-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [752232 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [605472 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-02-24] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-15] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 nmwcdnsux64; system32\drivers\nmwcdnsux64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 21:05 - 2016-02-10 21:06 - 00025248 _____ C:\Users\Home\Desktop\FRST.txt
2016-02-10 21:05 - 2016-02-10 21:05 - 00000000 ____D C:\FRST
2016-02-10 20:58 - 2016-02-10 20:58 - 02370560 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2016-02-10 15:03 - 2016-01-09 18:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 15:03 - 2016-01-09 17:42 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 15:03 - 2016-01-07 16:27 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 15:02 - 2016-01-30 04:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 15:02 - 2016-01-30 03:44 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 15:00 - 2016-02-01 18:25 - 01589376 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 15:00 - 2016-02-01 18:25 - 01171696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdohlp.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-02-10 15:00 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 15:00 - 2016-01-30 04:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 15:00 - 2016-01-30 04:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 15:00 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-02-10 15:00 - 2016-01-30 04:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 15:00 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-02-10 15:00 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-02-10 15:00 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-02-10 15:00 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2016-02-10 15:00 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasdatastore.dll
2016-02-10 15:00 - 2016-01-30 04:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 15:00 - 2016-01-30 03:48 - 04693952 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 15:00 - 2016-01-30 03:44 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-10 15:00 - 2016-01-30 03:44 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-10 15:00 - 2016-01-30 03:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-10 15:00 - 2016-01-30 03:44 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 15:00 - 2016-01-30 03:44 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-10 15:00 - 2016-01-30 03:43 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-10 15:00 - 2016-01-30 03:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-10 15:00 - 2016-01-30 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-10 15:00 - 2016-01-30 02:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 15:00 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashost.exe
2016-02-10 15:00 - 2016-01-30 02:24 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 15:00 - 2016-01-30 02:24 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 15:00 - 2016-01-30 02:24 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 15:00 - 2016-01-07 16:32 - 02799104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 17:13 - 2016-02-09 17:13 - 00000000 ____D C:\Program Files (x86)\ESET
2016-02-08 20:41 - 2016-02-08 20:45 - 02870984 _____ (ESET) C:\Users\Home\Desktop\esetsmartinstaller_deu.exe
2016-02-03 17:58 - 2016-02-03 17:58 - 00021556 _____ C:\Users\Home\Desktop\PB_Überweisung_KtoNr0103529438_03-02-2016_1748.pdf
2016-02-03 09:45 - 2016-02-03 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-02-02 17:49 - 2016-02-10 20:54 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15dd9bbfdaad4.job
2016-02-02 17:49 - 2016-02-02 17:49 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15dd9bbfdaad4
2016-02-01 21:53 - 2016-02-01 21:53 - 00036261 _____ C:\Users\Home\Desktop\2016-01-13 AGB ab-in-den-urlaub Spezial.pdf
2016-02-01 21:52 - 2016-02-01 21:52 - 00002040 _____ C:\Users\Home\Desktop\SEPA_Mandat_900268372.pdf
2016-02-01 21:51 - 2016-02-01 21:51 - 00181815 _____ C:\Users\Home\Desktop\Rechnung_900268372.pdf
2016-01-23 10:06 - 2016-01-23 10:06 - 00000000 ____D C:\Users\Home\Doctor Web
2016-01-23 09:02 - 2016-01-23 09:02 - 00001285 _____ C:\Users\Home\Desktop\mbam_190116.txt
2016-01-23 09:01 - 2016-01-23 09:01 - 00002128 _____ C:\Users\Home\Desktop\mbam_181215.txt
2016-01-16 09:43 - 2016-01-16 09:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-16 09:43 - 2016-01-16 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-14 15:13 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-14 15:13 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-14 15:13 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-14 15:13 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-14 15:13 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ADEC.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-14 15:13 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-14 15:13 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-14 15:13 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-14 15:13 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-14 15:13 - 2015-12-05 17:41 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 01539072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 01127424 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 01090560 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-14 15:13 - 2015-12-05 17:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 00819200 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-14 15:13 - 2015-12-05 17:41 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-14 15:13 - 2015-12-05 17:40 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-14 15:13 - 2015-12-05 17:40 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-14 15:13 - 2015-12-05 17:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-14 15:13 - 2015-12-05 17:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-14 15:13 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-14 15:13 - 2015-12-05 17:40 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-14 15:13 - 2015-12-05 17:39 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-14 15:13 - 2015-12-05 17:39 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-14 15:13 - 2015-12-05 17:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-14 15:13 - 2015-12-05 17:39 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-14 15:13 - 2015-12-05 17:39 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-14 15:13 - 2015-12-05 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-14 15:13 - 2015-12-05 17:39 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-14 15:13 - 2015-12-05 17:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-14 15:13 - 2015-12-05 17:39 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-14 15:13 - 2015-12-05 17:22 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-14 15:13 - 2011-01-20 17:14 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-14 15:13 - 2011-01-20 17:04 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-14 15:13 - 2011-01-20 15:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-14 15:00 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-14 15:00 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-14 15:00 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-14 15:00 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-14 15:00 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 16:22 - 2015-12-17 02:19 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 16:22 - 2015-12-17 02:18 - 01491968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 16:22 - 2015-12-17 02:18 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 16:22 - 2015-12-17 02:18 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 16:22 - 2015-12-17 02:18 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-01-13 16:22 - 2015-12-17 02:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 09344000 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 00742912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 16:22 - 2015-12-17 02:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 12480000 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 02359296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 01538560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 16:22 - 2015-12-17 02:14 - 00820224 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-01-13 16:22 - 2015-12-17 02:14 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 16:22 - 2015-12-17 02:13 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 16:22 - 2015-12-17 02:13 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 16:22 - 2015-12-17 02:12 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2016-01-13 16:22 - 2015-12-16 23:34 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 16:22 - 2015-12-16 23:00 - 01214976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 16:22 - 2015-12-16 23:00 - 00916992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 16:22 - 2015-12-16 23:00 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 16:22 - 2015-12-16 23:00 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 16:22 - 2015-12-16 23:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-01-13 16:22 - 2015-12-16 22:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 16:22 - 2015-12-16 22:56 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2016-01-13 16:22 - 2015-12-16 22:56 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 16:22 - 2015-12-16 22:55 - 06012416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 16:22 - 2015-12-16 22:55 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 16:22 - 2015-12-16 22:55 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 16:22 - 2015-12-16 22:55 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 11086848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 02006016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 01469440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 16:22 - 2015-12-16 22:54 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-01-13 16:22 - 2015-12-16 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 16:22 - 2015-12-16 22:52 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 16:22 - 2015-12-16 22:52 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 16:22 - 2015-12-16 22:51 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2016-01-13 16:22 - 2015-12-16 21:15 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 16:22 - 2015-12-16 21:15 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 16:22 - 2015-12-16 21:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-01-13 16:22 - 2015-12-16 21:12 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 16:22 - 2015-12-16 20:06 - 00385024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 16:22 - 2015-12-16 18:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2016-01-13 16:22 - 2015-12-16 18:20 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 16:22 - 2015-12-16 18:18 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 16:22 - 2015-12-16 18:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 20:55 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-10 20:55 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-10 20:54 - 2015-12-04 23:43 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12ee542c67590.job
2016-02-10 20:52 - 2013-03-28 10:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-10 20:48 - 2009-08-23 15:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 18:22 - 2009-07-05 21:14 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6118DBC4-466A-4EC0-9522-19066FBBCC47}
2016-02-10 18:22 - 2009-07-05 21:14 - 00000416 ____H C:\Windows\Tasks\User_Feed_Synchronization-{6118DBC4-466A-4EC0-9522-19066FBBCC47}.job
2016-02-10 18:00 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2016-02-10 17:54 - 2015-12-04 23:43 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12ee5429b9cd0.job
2016-02-10 17:50 - 2015-09-25 14:53 - 00003574 _____ C:\Windows\System32\Tasks\HP Health Check
2016-02-10 17:47 - 2009-08-23 15:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 17:41 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-10 15:27 - 2006-11-02 16:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-10 15:24 - 2008-06-18 07:22 - 00674024 _____ C:\Windows\system32\perfh007.dat
2016-02-10 15:24 - 2008-06-18 07:22 - 00146036 _____ C:\Windows\system32\perfc007.dat
2016-02-10 15:24 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2016-02-10 15:24 - 2006-11-02 13:46 - 01567488 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 15:18 - 2015-09-15 19:42 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-02-10 15:18 - 2006-11-02 16:21 - 00335744 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 15:15 - 2013-09-02 11:31 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 15:15 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 15:15 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-10 15:03 - 2006-11-02 13:35 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-09 18:52 - 2013-03-28 10:57 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 18:52 - 2012-04-30 23:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 18:52 - 2011-08-21 09:27 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 17:45 - 2012-03-18 11:29 - 00000000 ____D C:\Users\Home\Documents\Ueberweisungen
2016-02-09 17:36 - 2014-05-31 13:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-09 07:54 - 2014-05-30 22:42 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-02-08 20:07 - 2013-06-02 14:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-06 14:02 - 2011-12-24 10:27 - 00000000 ____D C:\Users\Home\Documents\Kündigungen_Widersrpüche
2016-02-06 13:43 - 2013-01-06 15:44 - 00078183 _____ C:\Users\Home\Desktop\Malteser_StundenZettel_2013.ods
2016-02-05 09:00 - 2014-12-13 15:40 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 09:00 - 2014-12-13 15:40 - 00002019 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-03 09:45 - 2014-05-08 16:55 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-02-03 09:45 - 2014-05-08 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-03 09:44 - 2014-05-08 16:55 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2016-02-02 17:49 - 2015-12-04 23:43 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d12ee542c67590
2016-02-02 17:49 - 2015-12-04 23:43 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12ee5429b9cd0
2016-01-30 22:15 - 2009-07-07 16:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\Skype
2016-01-29 17:33 - 2009-07-07 16:05 - 00000000 ____D C:\ProgramData\Skype
2016-01-28 11:23 - 2013-03-10 10:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-27 15:14 - 2015-09-22 22:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-24 16:39 - 2014-10-03 11:07 - 00000000 ____D C:\ProgramData\Oracle
2016-01-24 16:35 - 2014-10-03 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-24 16:35 - 2014-10-03 11:06 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-24 16:34 - 2015-09-26 12:52 - 00000000 ____D C:\Users\Home\.oracle_jre_usage
2016-01-24 16:34 - 2015-03-15 17:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-23 10:06 - 2009-07-05 20:55 - 00000000 ____D C:\Users\Home
2016-01-16 16:26 - 2010-01-06 00:40 - 00000000 ____D C:\ProgramData\TEMP
2016-01-16 16:25 - 2014-11-08 15:35 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-01-16 09:43 - 2014-04-24 10:26 - 00001892 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-16 09:43 - 2014-04-24 10:26 - 00000000 ____D C:\Users\Home\AppData\Local\Skype
2016-01-14 15:34 - 2014-12-13 14:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 15:32 - 2008-06-17 21:29 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-01-14 15:16 - 2014-12-13 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 16:08 - 2014-12-26 10:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-15 20:10 - 2015-09-15 20:10 - 32372200 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2010-06-27 13:36 - 2010-06-27 13:36 - 0000268 ___RH () C:\Users\Home\AppData\Roaming\Components
2010-06-27 14:16 - 2010-06-27 14:16 - 0000268 ___RH () C:\Users\Home\AppData\Roaming\Conditionals
2010-06-27 16:44 - 2010-08-03 13:39 - 0052304 _____ () C:\Users\Home\AppData\Roaming\mdbu.bin
2014-01-12 16:44 - 2015-01-02 12:32 - 0000404 _____ () C:\Users\Home\AppData\Roaming\wklnhst.dat
2013-10-27 14:34 - 2013-10-27 14:34 - 0000037 ___SH () C:\Users\Home\AppData\Local\70149b02515b3bb20dd492.47983420
2009-07-07 07:16 - 2014-10-16 14:47 - 0000680 _____ () C:\Users\Home\AppData\Local\d3d9caps.dat
2009-07-07 15:50 - 2015-01-07 17:46 - 0071680 _____ () C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-25 17:24 - 2010-07-25 17:24 - 0410036 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI1607.txt
2014-12-30 20:32 - 2014-12-30 20:32 - 0377314 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI4756.txt
2014-12-30 20:32 - 2014-12-30 20:33 - 0387596 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI476D.txt
2015-01-03 16:53 - 2015-01-03 16:53 - 0366946 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI581A.txt
2010-12-19 14:20 - 2010-12-19 14:20 - 0446042 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI664D.txt
2009-07-05 22:17 - 2009-07-05 22:17 - 0425828 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI74D3.txt
2013-11-16 12:18 - 2013-11-16 12:18 - 0378548 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI782A.txt
2013-11-16 12:18 - 2013-11-16 12:18 - 0387012 _____ () C:\Users\Home\AppData\Local\dd_vcredistMSI784B.txt
2010-07-25 17:24 - 2010-07-25 17:24 - 0013844 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI1607.txt
2014-12-30 20:32 - 2014-12-30 20:32 - 0013552 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI4756.txt
2014-12-30 20:32 - 2014-12-30 20:33 - 0013536 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI476D.txt
2015-01-03 16:53 - 2015-01-03 16:53 - 0013346 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI581A.txt
2010-12-19 14:20 - 2010-12-19 14:20 - 0013786 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI664D.txt
2009-07-05 22:17 - 2009-07-05 22:17 - 0011426 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI74D3.txt
2013-11-16 12:17 - 2013-11-16 12:18 - 0013632 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI782A.txt
2013-11-16 12:18 - 2013-11-16 12:18 - 0013536 _____ () C:\Users\Home\AppData\Local\dd_vcredistUI784B.txt
2010-10-03 16:39 - 2010-10-03 18:29 - 0002432 _____ () C:\Users\Home\AppData\Local\TempaI3912.html
2010-11-13 21:27 - 2010-11-13 21:31 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempaj4392.html
2010-10-03 10:31 - 2010-10-03 14:59 - 0002432 _____ () C:\Users\Home\AppData\Local\TempAT4212.html
2010-10-17 12:07 - 2010-10-17 12:12 - 0002432 _____ () C:\Users\Home\AppData\Local\TempAz2476.html
2010-11-07 12:59 - 2010-11-07 21:40 - 0002089 _____ () C:\Users\Home\AppData\Local\TempBn3528.html
2010-10-22 18:58 - 2010-10-22 23:42 - 0002432 _____ () C:\Users\Home\AppData\Local\TempbV4624.html
2010-11-02 19:38 - 2010-11-02 21:41 - 0002089 _____ () C:\Users\Home\AppData\Local\TempCK3696.html
2010-11-05 17:55 - 2010-11-06 05:26 - 0002089 _____ () C:\Users\Home\AppData\Local\Tempdy3596.html
2010-10-02 14:04 - 2010-10-02 14:18 - 0002432 _____ () C:\Users\Home\AppData\Local\TempEEg736.html
2010-10-16 01:54 - 2010-10-16 02:00 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempex1536.html
2011-01-01 19:37 - 2011-01-01 19:55 - 0002432 _____ () C:\Users\Home\AppData\Local\TempfJ4600.html
2010-09-29 16:45 - 2010-09-29 16:51 - 0002089 _____ () C:\Users\Home\AppData\Local\TempfK1512.html
2010-10-16 20:16 - 2010-10-17 01:24 - 0002089 _____ () C:\Users\Home\AppData\Local\Tempfy3060.html
2010-11-01 15:15 - 2010-11-01 18:22 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempgf4392.html
2010-11-23 17:27 - 2010-11-23 19:42 - 0002432 _____ () C:\Users\Home\AppData\Local\TempHb4840.html
2010-12-12 18:13 - 2010-12-12 18:16 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempht2296.html
2010-09-25 21:22 - 2010-09-26 00:21 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempix4920.html
2010-10-16 20:16 - 2010-10-17 01:24 - 0002432 _____ () C:\Users\Home\AppData\Local\TempJo3060.html
2010-11-23 17:27 - 2010-11-23 19:42 - 0002089 _____ () C:\Users\Home\AppData\Local\TempJv4840.html
2010-10-06 19:03 - 2010-10-06 19:16 - 0002432 _____ () C:\Users\Home\AppData\Local\TempKmR772.html
2010-09-29 16:45 - 2010-09-29 16:51 - 0002432 _____ () C:\Users\Home\AppData\Local\TempKT1512.html
2010-11-12 22:29 - 2010-11-13 00:55 - 0002089 _____ () C:\Users\Home\AppData\Local\TempLl3988.html
2010-10-31 20:30 - 2010-11-01 14:16 - 0002432 _____ () C:\Users\Home\AppData\Local\TemplR4464.html
2010-10-22 18:58 - 2010-10-22 23:42 - 0002089 _____ () C:\Users\Home\AppData\Local\TempLU4624.html
2010-11-12 22:29 - 2010-11-13 00:55 - 0002432 _____ () C:\Users\Home\AppData\Local\TempmC3988.html
2010-11-03 20:22 - 2010-11-03 21:13 - 0002432 _____ () C:\Users\Home\AppData\Local\TempnY2480.html
2010-10-08 19:55 - 2010-10-08 19:57 - 0002432 _____ () C:\Users\Home\AppData\Local\TempPY2776.html
2010-11-05 17:55 - 2010-11-06 05:26 - 0002432 _____ () C:\Users\Home\AppData\Local\TempQb3596.html
2010-11-02 19:38 - 2010-11-02 21:41 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempqi3696.html
2010-11-07 12:59 - 2010-11-07 21:40 - 0002432 _____ () C:\Users\Home\AppData\Local\TempQx3528.html
2010-10-02 17:03 - 2010-10-02 17:36 - 0002432 _____ () C:\Users\Home\AppData\Local\TempQx3760.html
2010-10-17 15:16 - 2010-10-17 17:03 - 0002432 _____ () C:\Users\Home\AppData\Local\TempRA5068.html
2010-10-22 23:43 - 2010-10-23 02:26 - 0002432 _____ () C:\Users\Home\AppData\Local\TempRk4832.html
2010-09-26 15:32 - 2010-09-26 19:03 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempsa4504.html
2010-10-31 17:51 - 2010-10-31 17:53 - 0002432 _____ () C:\Users\Home\AppData\Local\TempVT2204.html
2010-10-31 19:09 - 2010-10-31 19:19 - 0002432 _____ () C:\Users\Home\AppData\Local\TempwH1128.html
2010-07-24 23:40 - 2010-07-25 00:34 - 0002432 _____ () C:\Users\Home\AppData\Local\TempWl1616.html
2010-10-02 23:24 - 2010-10-03 02:17 - 0002432 _____ () C:\Users\Home\AppData\Local\TempWN3832.html
2010-10-20 18:58 - 2010-10-20 20:04 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempwo1856.html
2010-08-14 16:56 - 2010-08-14 23:22 - 0002432 _____ () C:\Users\Home\AppData\Local\TempxqF996.html
2010-10-27 18:59 - 2010-10-27 19:00 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempxu3248.html
2010-09-26 09:48 - 2010-09-26 15:30 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempyj4176.html
2010-10-13 19:54 - 2010-10-13 20:12 - 0002432 _____ () C:\Users\Home\AppData\Local\Tempyl1572.html
2010-09-29 16:52 - 2010-09-29 19:00 - 0002432 _____ () C:\Users\Home\AppData\Local\TempZE2128.html
2011-08-03 22:26 - 2011-08-03 22:26 - 0000000 _____ () C:\Users\Home\AppData\Local\{09924D0A-51FA-48F3-A9D9-EB034DA72180}
2011-10-27 23:18 - 2011-10-27 23:18 - 0000000 _____ () C:\Users\Home\AppData\Local\{4A54AD50-2052-462E-A5B7-7859F97160F1}
2010-06-27 13:36 - 2010-06-27 13:36 - 0000268 ___RH () C:\ProgramData\Console
2010-06-27 14:16 - 2010-06-27 14:16 - 0000268 ___RH () C:\ProgramData\Contextual Menu Items
2010-06-27 13:36 - 2010-08-03 11:55 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-06-27 14:16 - 2010-09-18 13:02 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 17:47
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von Home (2016-02-10 21:07:18)
Gestartet von C:\Users\Home\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-07-05 19:48:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2310858669-3201491733-1471162819-500 - Administrator - Disabled)
Gast (S-1-5-21-2310858669-3201491733-1471162819-501 - Limited - Enabled) => C:\Users\Gast
Home (S-1-5-21-2310858669-3201491733-1471162819-1000 - Administrator - Enabled) => C:\Users\Home
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 2.2.5 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ATI Catalyst Install Manager (HKLM\...\{53EAA030-4FE6-0B32-DD63-1DB9C02AA917}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{2E4609A3-F5AF-4408-B0C4-B8B84BC753DF}) (Version: 1.00.0000 - ATI)
ccc-core-static (x32 Version: 2008.0225.2153.39091 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConsumerUpdate (HKLM-x32\...\{77D339DC-2A1E-403F-B4BA-1E6C98394009}) (Version: 3.1.2.0 - Fuzhou Rockchip)
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1329 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2726 - CyberLink Corp.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
Dropbox (HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\Dropbox) (Version: 1.4.12 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.5 - Nikon)
Garmin Express (HKLM-x32\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{E1476612-02D6-42A3-BDC1-E292B4115738}) (Version: 5.7.0.2611 - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{F31E534B-4199-4552-8154-5C130710D68E}) (Version: 2.4.6651.2902 - Ihr Firmenname)
HP Update (HKLM-x32\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2529 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Lizardtech DjVu Control (autoinstall) (HKLM-x32\...\DjVu) (Version: - )
Logitech QuickCam-Treiberpaket (HKLM\...\lvdrivers_11.80) (Version: - )
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.285 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.7.0.366 - McAfee, Inc.)
Media Markt Fotoservice (HKLM-x32\...\Media Markt Fotoservice_is1) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.3 - Nikon)
Nitro PDF Professional (HKLM\...\{853F9C53-2518-4AD0-ABA2-A72EDF4441A4}) (Version: 5.5.2.0 - Nitro PDF Software )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version: - Hewlett-Packard)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.9 - Nikon)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3917 - CyberLink Corp.)
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5591 - Realtek Semiconductor Corp.)
Skins (x32 Version: 2008.0225.2153.39091 - ATI) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Testversion von Microsoft Office Home and Student 2007 (HKLM\...\OfficeTrial) (Version: - )
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.5.2 - Nikon)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0415C28D-7897-496D-BCFB-2F44E8C7EDDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {086191E0-E0CF-4CD0-AF61-94E76C47D733} - System32\Tasks\{567BEC0B-39B7-4708-B390-C817DBC41D96} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe"
Task: {1E7D71B9-A8F9-4058-95A8-EB9C05518344} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\SDP\RemEngine.exe [2008-03-17] ()
Task: {2369EDF4-4255-458B-8463-1FC5CC979B81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {275E459F-973C-4719-A41F-A7455526F88A} - System32\Tasks\{4CDB68A9-376B-46EA-906F-29B15EBEFA36} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18] (Skype Technologies S.A.)
Task: {2C7D6D84-2897-4EB7-87D3-6A771EB0D511} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {341773AB-835F-4DD6-91F6-1FE95DB7C5AC} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-03-14] (Hewlett-Packard)
Task: {39BF4947-BD2C-4B2D-A885-75CBC391681C} - \Media_Play_AIR+-updater -> Keine Datei <==== ACHTUNG
Task: {45A1EAEE-7175-4519-B9AD-FE21E706FFEA} - \Media_Play_AIR+-codedownloader -> Keine Datei <==== ACHTUNG
Task: {4C8085F4-70DF-46C6-B61F-552976E0C433} - System32\Tasks\GoogleUpdateTaskMachineCore1d12ee5429b9cd0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {550B715B-5680-4FE8-824A-468346CAF60A} - System32\Tasks\{5AC164FF-0685-4173-B523-0273C63B3B91} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.136.259&LastError=206
Task: {58E6C8FA-AFB3-43D5-BC93-FCE84E6B1C44} - System32\Tasks\{DB965085-31C7-41CC-B126-9D83CE554DA1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/eula
Task: {697A59BD-DFDE-4F00-A34D-20B23614E6FE} - System32\Tasks\{F784F923-EBA7-490A-AD27-0C2856B5E176} => pcalua.exe -a C:\Users\Home\Desktop\Thunderbird_Setup_2.0.0.23_DE.exe -d C:\Users\Home\Desktop
Task: {84E21F9F-6251-49CC-80A6-D6A995C6D17C} - \Media_Play_AIR+-firefoxinstaller -> Keine Datei <==== ACHTUNG
Task: {875187FE-AC14-477B-84C3-2941554C504D} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\SDP\RemEngine.exe [2008-03-17] ()
Task: {88B168FB-2E8E-404E-A04C-B541D7DFBC6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {95628B80-3AD3-4F4E-AA3E-CF81B41C1311} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {9C4379EF-B049-41EB-88E2-5CF830B9EAAD} - System32\Tasks\GoogleUpdateTaskMachineUA1d15dd9bbfdaad4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {A9FE2A9A-F4CE-4399-AD0F-AA22F66C17E0} - \Media_Play_AIR+-chromeinstaller -> Keine Datei <==== ACHTUNG
Task: {AB9172F9-0F7C-49FE-B697-79BA650A9416} - System32\Tasks\{0C09F896-CA02-4C29-861E-E6811855DC5D} => pcalua.exe -a C:\Users\Home\Downloads\Nokia_PC_Suite_7_1_30_9_ger_web.exe -d C:\Users\Home\Downloads
Task: {AC56A280-5BBB-49CF-93B0-E18231316FA5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {AF1B7FB2-1D27-4B42-9DF4-C27211185FB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {B1F614E1-2F46-48E1-AB7C-954AFA1C2CDE} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-27] (Lavasoft Limited )
Task: {C1E8D013-DC94-4261-B418-86B6A4B7788B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12ee542c67590 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {C8C503B5-2CE1-4DEE-B5F9-1532462821ED} - System32\Tasks\{6D8D9082-A868-4606-AC56-2E2A64D52E70} => pcalua.exe -a "C:\Users\Home\Desktop\Thunderbird Setup 2.0.0.23.exe" -d C:\Users\Home\Desktop
Task: {CCC1F0C9-0B3E-4AA5-86FF-2FB3760D30B2} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {DB80D70B-D06E-42C6-B066-EEA3A09EA768} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Home => C:\Program Files (x86)\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {FA034210-2656-4752-8877-BD1360A834DA} - System32\Tasks\{C84BA7B7-4951-4239-86E7-0976AE1F8FE1} => pcalua.exe -a C:\Users\Home\Downloads\esetsmartinstaller_enu.exe -d C:\Users\Home\Downloads
Task: {FC2C1D5D-1799-41C7-A6BB-6D5FBA87625D} - System32\Tasks\{F875BEB7-1449-4220-9405-7CC9A65BDF20} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.136.259&LastError=206
Task: {FD19804B-0BCB-482E-846C-58DDFA282C5F} - \Media_Play_AIR+-enabler -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12ee5429b9cd0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12ee542c67590.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15dd9bbfdaad4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{6118DBC4-466A-4EC0-9522-19066FBBCC47}.job => C:\Windows\system32\msfeedssync.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-06-17 21:38 - 2008-02-25 23:10 - 00116736 _____ () C:\Windows\system32\atitmm64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:9D718DA3
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2310858669-3201491733-1471162819-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\img24.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: Nikon Transfer Monitor => C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
MSCONFIG\startupreg: Nitro PDF Printer Monitor => "C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe"
MSCONFIG\startupreg: SAFEOEM HotKeys => "C:\Program Files (x86)\Steganos Safe OEM\SteganosHotKeyService.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B3307365-12DA-49E7-BE5D-B4DDDBB98149}] => (Allow) c:\Program Files (x86)\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{F53C1062-7338-4622-A564-424DAEB359C7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8043B781-D57F-4FA5-9165-854A18F644B7}] => (Allow) C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
FirewallRules: [{3AE51038-0FD4-431C-9F8F-257A785B692E}] => (Allow) C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
FirewallRules: [{F9F7DF24-C2F0-474F-86E7-37DFD08EF0AB}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C093DA87-7E24-4092-B4DC-691E7912E209}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AC3BB669-48F8-4FCA-8ABD-C4124CA521B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2698F633-86F2-4B0B-B18D-49A732468106}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A9BB2886-8886-4270-A105-BBCADD6E23E2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8BA04115-05D7-4C5F-A5AE-95BBE7A40178}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FD37CD82-2DCC-444A-BFC2-1CA321B5909F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C0B028DF-E7C0-4D65-8CA4-F55A60CAB940}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FDAF1B7-F945-4BE6-A7A2-A07A99029A2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8F18294-4602-4D22-9D55-3784985BC72E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4DD31BE-88F7-4C91-B1CA-7CA4F24E03D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BA17F6AC-0D40-46B9-A7F5-2AC1A407680C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9B6A7764-1E60-4960-B912-C87335CE887C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C09CF1A1-50DA-4CFC-B7CA-0A73DBAA4AB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 05:43:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2016 03:18:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2016 03:15:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8
Error: (02/10/2016 03:15:32 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8
Error: (02/10/2016 03:06:21 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (02/10/2016 12:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/09/2016 09:19:50 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (02/09/2016 05:26:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Error: (02/09/2016 05:13:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Error: (02/09/2016 05:13:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Systemfehler:
=============
Error: (02/10/2016 05:43:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Lbd
Error: (02/10/2016 05:43:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Garmin Device Interaction Service
Error: (02/10/2016 03:22:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (02/10/2016 03:20:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Lbd
Error: (02/10/2016 03:20:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Garmin Device Interaction Service
Error: (02/10/2016 12:48:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Lbd
Error: (02/10/2016 12:48:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Garmin Device Interaction Service
Error: (02/09/2016 06:16:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Home\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (02/09/2016 06:16:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Home\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (02/09/2016 06:16:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Home\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2016-02-10 21:06:35.707
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-10 21:06:35.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-10 21:06:34.964
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-10 21:06:34.614
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:14.579
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:14.298
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:14.033
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:13.752
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:13.487
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-09 08:25:13.222
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 4094.39 MB
Verfügbarer physikalischer RAM: 1552.36 MB
Summe virtueller Speicher: 8367.91 MB
Verfügbarer virtueller Speicher: 5749.15 MB
==================== Laufwerke ================================
Drive c: (HP) (Fixed) (Total:584.5 GB) (Free:486.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.67 GB) (Free:1.56 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=584.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
10.02.2016, 21:22
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Hi, Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
10.02.2016, 22:18
| #5 |
| | Trojan.Agent - Windows Vista Hallo, zum Glück keine Funde durch TDSSKiller. Hier die Logfile: Code:
ATTFilter 22:11:53.0751 0x0610 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:12:00.0119 0x0610 ============================================================
22:12:00.0119 0x0610 Current date / time: 2016/02/10 22:12:00.0119
22:12:00.0119 0x0610 SystemInfo:
22:12:00.0119 0x0610
22:12:00.0119 0x0610 OS Version: 6.0.6002 ServicePack: 2.0
22:12:00.0119 0x0610 Product type: Workstation
22:12:00.0119 0x0610 ComputerName: HOME-PC
22:12:00.0119 0x0610 UserName: Home
22:12:00.0119 0x0610 Windows directory: C:\Windows
22:12:00.0120 0x0610 System windows directory: C:\Windows
22:12:00.0120 0x0610 Running under WOW64
22:12:00.0120 0x0610 Processor architecture: Intel x64
22:12:00.0120 0x0610 Number of processors: 4
22:12:00.0120 0x0610 Page size: 0x1000
22:12:00.0120 0x0610 Boot type: Normal boot
22:12:00.0120 0x0610 ============================================================
22:12:00.0258 0x0610 KLMD registered as C:\Windows\system32\drivers\52587758.sys
22:12:01.0328 0x0610 System UUID: {3310FE69-C588-E075-B95A-A9D7ED178E12}
22:12:02.0231 0x0610 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:12:02.0248 0x0610 ============================================================
22:12:02.0248 0x0610 \Device\Harddisk0\DR0:
22:12:02.0248 0x0610 MBR partitions:
22:12:02.0248 0x0610 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x490FD98E
22:12:02.0248 0x0610 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x490FD9CD, BlocksNum 0x17594F4
22:12:02.0248 0x0610 ============================================================
22:12:02.0263 0x0610 C: <-> \Device\Harddisk0\DR0\Partition1
22:12:02.0325 0x0610 D: <-> \Device\Harddisk0\DR0\Partition2
22:12:02.0325 0x0610 ============================================================
22:12:02.0325 0x0610 Initialize success
22:12:02.0325 0x0610 ============================================================
22:14:34.0148 0x17f8 ============================================================
22:14:34.0148 0x17f8 Scan started
22:14:34.0148 0x17f8 Mode: Manual; SigCheck; TDLFS;
22:14:34.0148 0x17f8 ============================================================
22:14:34.0148 0x17f8 KSN ping started
22:14:47.0831 0x17f8 KSN ping finished: true
22:14:48.0415 0x17f8 ================ Scan system memory ========================
22:14:48.0415 0x17f8 System memory - ok
22:14:48.0416 0x17f8 ================ Scan services =============================
22:14:48.0514 0x17f8 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:14:48.0698 0x17f8 !SASCORE - ok
22:14:48.0855 0x17f8 [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys
22:14:48.0882 0x17f8 ACPI - ok
22:14:48.0950 0x17f8 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:14:48.0966 0x17f8 AdobeARMservice - ok
22:14:49.0089 0x17f8 [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:14:49.0112 0x17f8 AdobeFlashPlayerUpdateSvc - ok
22:14:49.0159 0x17f8 [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:14:49.0192 0x17f8 adp94xx - ok
22:14:49.0226 0x17f8 [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:14:49.0254 0x17f8 adpahci - ok
22:14:49.0273 0x17f8 [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:14:49.0295 0x17f8 adpu160m - ok
22:14:49.0313 0x17f8 [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:14:49.0343 0x17f8 adpu320 - ok
22:14:49.0385 0x17f8 [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:14:49.0425 0x17f8 AeLookupSvc - ok
22:14:49.0485 0x17f8 [ 8C771D6FBEE9D6F2E7DDE165940CB513, 1DDD7B495D12446F7FF206102D64D92D063C84EEA8D2F015F727721DC970BBE1 ] AFD C:\Windows\system32\drivers\afd.sys
22:14:49.0524 0x17f8 AFD - ok
22:14:49.0557 0x17f8 [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:14:49.0576 0x17f8 agp440 - ok
22:14:49.0588 0x17f8 [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:14:49.0609 0x17f8 aic78xx - ok
22:14:49.0623 0x17f8 [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe
22:14:49.0664 0x17f8 ALG - ok
22:14:49.0679 0x17f8 [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide C:\Windows\system32\drivers\aliide.sys
22:14:49.0695 0x17f8 aliide - ok
22:14:49.0719 0x17f8 [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys
22:14:49.0734 0x17f8 amdide - ok
22:14:49.0745 0x17f8 [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:14:49.0785 0x17f8 AmdK8 - ok
22:14:49.0843 0x17f8 [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo C:\Windows\System32\appinfo.dll
22:14:49.0862 0x17f8 Appinfo - ok
22:14:49.0886 0x17f8 [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys
22:14:49.0907 0x17f8 arc - ok
22:14:49.0938 0x17f8 [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:14:49.0956 0x17f8 arcsas - ok
22:14:50.0062 0x17f8 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:14:50.0085 0x17f8 aspnet_state - ok
22:14:50.0109 0x17f8 [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:14:50.0153 0x17f8 AsyncMac - ok
22:14:50.0183 0x17f8 [ 1898FAE8E07D97F2F6C2D5326C633FAC, 62142E7B720C0A7FAD36577EE985B5793CB395574A3ECA9F2AF613C0F889D39C ] atapi C:\Windows\system32\drivers\atapi.sys
22:14:50.0202 0x17f8 atapi - ok
22:14:50.0267 0x17f8 [ 3A708621E033DA063289295ABD29D1AD, 106614807CDE98C72992FBD56759A6F2BDBFF96A0C15E21DB188566363AA822E ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
22:14:50.0315 0x17f8 Ati External Event Utility - ok
22:14:50.0476 0x17f8 [ A2A7A93838ECA2D42DE56D6B7B0ABBAD, 8C84067262987A9F04084BAF5D853B0B6084EC000EB2F239CA7A8D2B65F3377F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:14:50.0717 0x17f8 atikmdag - ok
22:14:50.0766 0x17f8 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:14:50.0809 0x17f8 AudioEndpointBuilder - ok
22:14:50.0827 0x17f8 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:14:50.0862 0x17f8 AudioSrv - ok
22:14:50.0922 0x17f8 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
22:14:50.0943 0x17f8 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
22:14:53.0282 0x17f8 Detect skipped due to KSN trusted
22:14:53.0282 0x17f8 AVM WLAN Connection Service - ok
22:14:53.0297 0x17f8 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
22:14:53.0317 0x17f8 avmeject - ok
22:14:53.0367 0x17f8 [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll
22:14:53.0407 0x17f8 BFE - ok
22:14:53.0495 0x17f8 [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\System32\qmgr.dll
22:14:53.0580 0x17f8 BITS - ok
22:14:53.0619 0x17f8 [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:14:53.0658 0x17f8 blbdrive - ok
22:14:53.0687 0x17f8 [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:14:53.0722 0x17f8 bowser - ok
22:14:53.0746 0x17f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:14:53.0776 0x17f8 BrFiltLo - ok
22:14:53.0790 0x17f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:14:53.0821 0x17f8 BrFiltUp - ok
22:14:53.0841 0x17f8 [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll
22:14:53.0883 0x17f8 Browser - ok
22:14:53.0905 0x17f8 [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:14:53.0962 0x17f8 Brserid - ok
22:14:53.0975 0x17f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:14:54.0031 0x17f8 BrSerWdm - ok
22:14:54.0037 0x17f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:14:54.0092 0x17f8 BrUsbMdm - ok
22:14:54.0103 0x17f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:14:54.0157 0x17f8 BrUsbSer - ok
22:14:54.0173 0x17f8 [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:14:54.0228 0x17f8 BTHMODEM - ok
22:14:54.0262 0x17f8 [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:14:54.0303 0x17f8 cdfs - ok
22:14:54.0329 0x17f8 [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:14:54.0361 0x17f8 cdrom - ok
22:14:54.0390 0x17f8 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll
22:14:54.0421 0x17f8 CertPropSvc - ok
22:14:54.0488 0x17f8 [ 71BC80BF1B93EB7C8B58E706A9B486F4, 7C1B67A2E71EB4016015F70CC0A2EE0802EED2B7337FBC1C9140626210D84A9F ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:14:54.0506 0x17f8 cfwids - ok
22:14:54.0521 0x17f8 [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\drivers\circlass.sys
22:14:54.0561 0x17f8 circlass - ok
22:14:54.0593 0x17f8 [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS C:\Windows\system32\CLFS.sys
22:14:54.0631 0x17f8 CLFS - ok
22:14:54.0715 0x17f8 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:14:54.0736 0x17f8 clr_optimization_v2.0.50727_32 - ok
22:14:54.0784 0x17f8 [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:14:54.0805 0x17f8 clr_optimization_v2.0.50727_64 - ok
22:14:54.0872 0x17f8 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:14:54.0897 0x17f8 clr_optimization_v4.0.30319_32 - ok
22:14:54.0937 0x17f8 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:14:54.0965 0x17f8 clr_optimization_v4.0.30319_64 - ok
22:14:54.0979 0x17f8 [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:14:54.0997 0x17f8 cmdide - ok
22:14:55.0006 0x17f8 [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:14:55.0024 0x17f8 Compbatt - ok
22:14:55.0031 0x17f8 COMSysApp - ok
22:14:55.0042 0x17f8 [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:14:55.0060 0x17f8 crcdisk - ok
22:14:55.0117 0x17f8 [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:14:55.0151 0x17f8 CryptSvc - ok
22:14:55.0220 0x17f8 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll
22:14:55.0272 0x17f8 DcomLaunch - ok
22:14:55.0315 0x17f8 [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:14:55.0348 0x17f8 DfsC - ok
22:14:55.0497 0x17f8 [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe
22:14:55.0664 0x17f8 DFSR - ok
22:14:55.0752 0x17f8 [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:14:55.0788 0x17f8 Dhcp - ok
22:14:55.0819 0x17f8 [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys
22:14:55.0838 0x17f8 disk - ok
22:14:55.0873 0x17f8 [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:14:55.0895 0x17f8 Dnscache - ok
22:14:55.0928 0x17f8 [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll
22:14:55.0975 0x17f8 dot3svc - ok
22:14:56.0015 0x17f8 [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll
22:14:56.0058 0x17f8 DPS - ok
22:14:56.0083 0x17f8 [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:14:56.0102 0x17f8 drmkaud - ok
22:14:56.0154 0x17f8 [ 362CCEF305F45829316D62D3410F2062, 35033749E9B6B5AFC9C8C305F4AA1597E9776D465E7BBC24A20E836B7BEF0D73 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:14:56.0229 0x17f8 DXGKrnl - ok
22:14:56.0300 0x17f8 [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
22:14:56.0346 0x17f8 E1G60 - ok
22:14:56.0378 0x17f8 [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll
22:14:56.0415 0x17f8 EapHost - ok
22:14:56.0435 0x17f8 [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:14:56.0458 0x17f8 Ecache - ok
22:14:56.0509 0x17f8 [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:14:56.0538 0x17f8 ehRecvr - ok
22:14:56.0558 0x17f8 [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe
22:14:56.0580 0x17f8 ehSched - ok
22:14:56.0610 0x17f8 [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll
22:14:56.0627 0x17f8 ehstart - ok
22:14:56.0656 0x17f8 [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:14:56.0692 0x17f8 elxstor - ok
22:14:56.0764 0x17f8 [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:14:56.0805 0x17f8 EMDMgmt - ok
22:14:56.0835 0x17f8 [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:14:56.0872 0x17f8 ErrDev - ok
22:14:56.0917 0x17f8 [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll
22:14:56.0957 0x17f8 EventSystem - ok
22:14:57.0008 0x17f8 [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys
22:14:57.0041 0x17f8 exfat - ok
22:14:57.0047 0x17f8 ezSharedSvc - ok
22:14:57.0080 0x17f8 [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:14:57.0106 0x17f8 fastfat - ok
22:14:57.0136 0x17f8 [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:14:57.0179 0x17f8 fdc - ok
22:14:57.0187 0x17f8 [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll
22:14:57.0227 0x17f8 fdPHost - ok
22:14:57.0238 0x17f8 [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll
22:14:57.0294 0x17f8 FDResPub - ok
22:14:57.0309 0x17f8 [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:14:57.0326 0x17f8 FileInfo - ok
22:14:57.0339 0x17f8 [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:14:57.0378 0x17f8 Filetrace - ok
22:14:57.0393 0x17f8 [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:14:57.0434 0x17f8 flpydisk - ok
22:14:57.0465 0x17f8 [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:14:57.0499 0x17f8 FltMgr - ok
22:14:57.0575 0x17f8 [ DE26C43A170809645297C1B479B7F791, C76AAA07E6C4DD3E9C2035D88F63549D6A32C04329640617959BF86F50AEF735 ] FontCache C:\Windows\system32\FntCache.dll
22:14:57.0710 0x17f8 FontCache - ok
22:14:57.0766 0x17f8 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:14:57.0788 0x17f8 FontCache3.0.0.0 - ok
22:14:57.0818 0x17f8 [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:14:57.0837 0x17f8 Fs_Rec - ok
22:14:57.0895 0x17f8 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
22:14:58.0006 0x17f8 fwlanusbn - ok
22:14:58.0024 0x17f8 [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:14:58.0042 0x17f8 gagp30kx - ok
22:14:58.0156 0x17f8 [ 8C0A6229A1256930DEF4D79B2C0BA25C, 2C4EA836494F148E7C83FC81593305E986C8E2D801A35903CF603FC86D925DCE ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
22:14:58.0197 0x17f8 Garmin Device Interaction Service - ok
22:14:58.0272 0x17f8 [ B93252C4C5A3733ECD5522CAF88DE02D, 382450F0FF238B6077A78F75AC5D4E53AD7D884706B90E7AC4D4DF467C9A2162 ] GigasetGenericUSB_x64 C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys
22:14:58.0292 0x17f8 GigasetGenericUSB_x64 - ok
22:14:58.0334 0x17f8 [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc C:\Windows\System32\gpsvc.dll
22:14:58.0398 0x17f8 gpsvc - ok
22:14:58.0489 0x17f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate1ca23fa2f8d54a0 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:14:58.0509 0x17f8 gupdate1ca23fa2f8d54a0 - ok
22:14:58.0547 0x17f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:14:58.0568 0x17f8 gupdatem - ok
22:14:58.0603 0x17f8 [ 68E732382B32417FF61FD663259B4B09, 10C5365AEAC46DF4F5F6A8F96D15141B4709851D4752613233E57EB20CE16446 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:14:58.0638 0x17f8 HdAudAddService - ok
22:14:58.0691 0x17f8 [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:14:58.0784 0x17f8 HDAudBus - ok
22:14:58.0798 0x17f8 [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:14:58.0860 0x17f8 HidBth - ok
22:14:58.0877 0x17f8 [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:14:58.0935 0x17f8 HidIr - ok
22:14:58.0956 0x17f8 [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\system32\hidserv.dll
22:14:58.0987 0x17f8 hidserv - ok
22:14:59.0007 0x17f8 [ D02C82CB3A20F391C8AEFF94E8E0BAA1, A540FC4EDDBA899CDABD43FCD5FA0F3EC5BD9DA40BF0CCD796421EA1AF77184A ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:14:59.0061 0x17f8 HidUsb - ok
22:14:59.0103 0x17f8 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:14:59.0122 0x17f8 HipShieldK - ok
22:14:59.0143 0x17f8 [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:14:59.0187 0x17f8 hkmsvc - ok
22:14:59.0293 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:14:59.0317 0x17f8 HomeNetSvc - ok
22:14:59.0401 0x17f8 [ CB383AB0B8BA871D893B86D3C9A3ED9F, 0DFFA243CE59871556149A4C9C41BDE41280E755139EC5F199A755FC9DDE0F31 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:14:59.0413 0x17f8 HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
22:15:01.0768 0x17f8 Detect skipped due to KSN trusted
22:15:01.0768 0x17f8 HP Health Check Service - ok
22:15:01.0798 0x17f8 [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:15:01.0822 0x17f8 HpCISSs - ok
22:15:01.0869 0x17f8 [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:15:01.0973 0x17f8 HTTP - ok
22:15:01.0990 0x17f8 [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:15:02.0015 0x17f8 i2omp - ok
22:15:02.0045 0x17f8 [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:15:02.0091 0x17f8 i8042prt - ok
22:15:02.0153 0x17f8 [ 1117AF8C53AA278A4C5B7EF1B00E08F4, 84CA25F488ABCDA161F5CB5F11809EFEA9BD15F09B8DB6CCDA38B009C42353B6 ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22:15:02.0191 0x17f8 IAANTMON - ok
22:15:02.0225 0x17f8 [ 5979854E6FDA990107E3170327022117, 6D578735352A181662A5774CD838ED780A1096F929DDE27E09537996459A8180 ] iaStor C:\Windows\system32\drivers\iastor.sys
22:15:02.0249 0x17f8 iaStor - ok
22:15:02.0301 0x17f8 [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:15:02.0334 0x17f8 iaStorV - ok
22:15:02.0392 0x17f8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:15:02.0400 0x17f8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:15:04.0750 0x17f8 Detect skipped due to KSN trusted
22:15:04.0750 0x17f8 IDriverT - ok
22:15:04.0825 0x17f8 [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:15:04.0891 0x17f8 idsvc - ok
22:15:04.0917 0x17f8 [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:15:04.0941 0x17f8 iirsp - ok
22:15:04.0981 0x17f8 [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll
22:15:05.0038 0x17f8 IKEEXT - ok
22:15:05.0144 0x17f8 [ 2C62599E693372A9221C262B8040E3AC, 5C5D1E959BF95DDBB9662CEEB79613257C5891927EFF7D2E9A91F244FA2828E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:15:05.0273 0x17f8 IntcAzAudAddService - ok
22:15:05.0324 0x17f8 [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys
22:15:05.0347 0x17f8 intelide - ok
22:15:05.0375 0x17f8 [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:15:05.0431 0x17f8 intelppm - ok
22:15:05.0457 0x17f8 [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:15:05.0502 0x17f8 IPBusEnum - ok
22:15:05.0530 0x17f8 [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:15:05.0563 0x17f8 IpFilterDriver - ok
22:15:05.0593 0x17f8 [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:15:05.0631 0x17f8 iphlpsvc - ok
22:15:05.0637 0x17f8 IpInIp - ok
22:15:05.0659 0x17f8 [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:15:05.0701 0x17f8 IPMIDRV - ok
22:15:05.0724 0x17f8 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:15:05.0764 0x17f8 IPNAT - ok
22:15:05.0780 0x17f8 [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:15:05.0819 0x17f8 IRENUM - ok
22:15:05.0854 0x17f8 [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:15:05.0872 0x17f8 isapnp - ok
22:15:05.0902 0x17f8 [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:15:05.0924 0x17f8 iScsiPrt - ok
22:15:05.0946 0x17f8 [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:15:05.0962 0x17f8 iteatapi - ok
22:15:05.0997 0x17f8 [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:15:06.0013 0x17f8 iteraid - ok
22:15:06.0029 0x17f8 [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:15:06.0045 0x17f8 kbdclass - ok
22:15:06.0061 0x17f8 [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:15:06.0100 0x17f8 kbdhid - ok
22:15:06.0133 0x17f8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe
22:15:06.0153 0x17f8 KeyIso - ok
22:15:06.0197 0x17f8 [ 8A4507582C71261627A7F89198A91B51, B591CB996EA109CD167FBE7CB61A2FEFF8C864B3BF6B0C1D566881936E213EAB ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:15:06.0234 0x17f8 KSecDD - ok
22:15:06.0260 0x17f8 [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:15:06.0299 0x17f8 ksthunk - ok
22:15:06.0348 0x17f8 [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:15:06.0409 0x17f8 KtmRm - ok
22:15:06.0446 0x17f8 [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:15:06.0485 0x17f8 LanmanServer - ok
22:15:06.0510 0x17f8 [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:15:06.0552 0x17f8 LanmanWorkstation - ok
22:15:06.0557 0x17f8 Lbd - ok
22:15:06.0610 0x17f8 [ DFEFF67508D3A9AEB1A85D7B0F513B24, 34A02E6BEAFB22B1527C72E0E2D65FA1DBCFB022672116BFF4A903FBBEA8419D ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:15:06.0618 0x17f8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
22:15:08.0966 0x17f8 Detect skipped due to KSN trusted
22:15:08.0966 0x17f8 LightScribeService - ok
22:15:09.0001 0x17f8 [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:15:09.0056 0x17f8 lltdio - ok
22:15:09.0094 0x17f8 [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:15:09.0150 0x17f8 lltdsvc - ok
22:15:09.0165 0x17f8 [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll
22:15:09.0204 0x17f8 lmhosts - ok
22:15:09.0231 0x17f8 [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:15:09.0250 0x17f8 LSI_FC - ok
22:15:09.0276 0x17f8 [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:15:09.0295 0x17f8 LSI_SAS - ok
22:15:09.0321 0x17f8 [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:15:09.0342 0x17f8 LSI_SCSI - ok
22:15:09.0362 0x17f8 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys
22:15:09.0403 0x17f8 luafv - ok
22:15:09.0438 0x17f8 [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
22:15:09.0452 0x17f8 lvpepf64 - ok
22:15:09.0508 0x17f8 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:15:09.0522 0x17f8 LVPr2M64 - ok
22:15:09.0526 0x17f8 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:15:09.0540 0x17f8 LVPr2Mon - ok
22:15:09.0598 0x17f8 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
22:15:09.0616 0x17f8 LVPrcS64 - ok
22:15:09.0640 0x17f8 [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
22:15:09.0675 0x17f8 LVRS64 - ok
22:15:09.0717 0x17f8 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
22:15:09.0735 0x17f8 LVUSBS64 - ok
22:15:09.0768 0x17f8 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:15:09.0788 0x17f8 MBAMProtector - ok
22:15:09.0863 0x17f8 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:15:09.0929 0x17f8 MBAMService - ok
22:15:09.0998 0x17f8 [ 56568E341C4C230E024F82FF3A0CCCB7, F8A194810EE2943B24779FED30856042AF3D48FC670F324A7F8FB9DB6441E84A ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:15:10.0016 0x17f8 MBAMWebAccessControl - ok
22:15:10.0071 0x17f8 [ 4EB86A9A959E1B794B151C6C80397101, 0ED165D78EB115993145E563B3B6BA454E49617CABA8E7DC4256A8A9FE7D453C ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
22:15:10.0092 0x17f8 McAfee SiteAdvisor Service - ok
22:15:10.0159 0x17f8 [ 143D3F28E4709E6345F286D4A5A76B75, 3BEC8256902F324DF9C2D5F1BA63A7C14E34DCDB54A03008ACCB6FB50656EF26 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
22:15:10.0209 0x17f8 McAPExe - ok
22:15:10.0244 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:15:10.0273 0x17f8 McMPFSvc - ok
22:15:10.0319 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:15:10.0348 0x17f8 McNaiAnn - ok
22:15:10.0417 0x17f8 [ 60ADF1B097B0D20BF9AE1E3F5D79870C, 04530480F95EB2745DF2D61DC95F1404A78874CB81D37348BD0AB145A7970C42 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
22:15:10.0461 0x17f8 McODS - ok
22:15:10.0479 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:15:10.0512 0x17f8 mcpltsvc - ok
22:15:10.0550 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:15:10.0573 0x17f8 McProxy - ok
22:15:10.0638 0x17f8 [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:15:10.0659 0x17f8 Mcx2Svc - ok
22:15:10.0686 0x17f8 [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys
22:15:10.0703 0x17f8 megasas - ok
22:15:10.0732 0x17f8 [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:15:10.0767 0x17f8 MegaSR - ok
22:15:10.0802 0x17f8 [ B069A1B8072AC23CA31638CAF6E1CC90, 726E3B744F39E265C9B8FDDCD7EBD1B87327A92719EEB1924820BC90FE67B277 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
22:15:10.0837 0x17f8 mfeaack - ok
22:15:10.0863 0x17f8 [ B540EED782123308F865ACAF0F1C2E64, D1F163AA2E37A72958E78B5F96D1E087AF3B9AA33ABB89ADCEBF6CA5A44C8DFA ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:15:10.0896 0x17f8 mfeavfk - ok
22:15:10.0933 0x17f8 [ 225CC932EDDC7935147FC5FD43920EAB, 868872EB3F11BA29FAABA4CCF5A075D12C8B705DC737BD3DAC5886788579934D ] mfedisk C:\Windows\system32\DRIVERS\mfedisk.sys
22:15:10.0951 0x17f8 mfedisk - ok
22:15:10.0994 0x17f8 [ B080F4161DFC8B4555ADE5AEF8BEA10C, AEB88FACB90981BF5A9B532D83A0792F78D30F6CCCA107FBDC4EECD6D29AD124 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:15:11.0016 0x17f8 mfefire - ok
22:15:11.0068 0x17f8 [ 7E44DEBA7851496841C7D4849668B4E9, 6B5E42BB81B3F841D7C1B312A309542969D6FECEAD9379BD88213809AA2DEC5B ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:15:11.0102 0x17f8 mfefirek - ok
22:15:11.0161 0x17f8 [ E66C388028FC6D4B837504BB350FF368, 517B03CC0F622EE7027923051696326472924F43513C1E6201FBB3F29D7F6DD1 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:15:11.0200 0x17f8 mfehidk - ok
22:15:11.0260 0x17f8 [ 27128C7477939762465EB162C097B457, 3B8DF0A00C6AC1728C832B229FAE08B5AF879334A36BEAC72CCF00AF15D735DD ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:15:11.0293 0x17f8 mfemms - ok
22:15:11.0349 0x17f8 [ D870D25906294B259D81894009A596E9, 8E259BA5356F82546E264A7F6BCAEBBA2A9A0D0335EAB0FE420BCA684B9EB31E ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
22:15:11.0384 0x17f8 mfencbdc - ok
22:15:11.0436 0x17f8 [ 51E636C4F93CC48F9B4B6C774C41B2C8, 97FB15DFA04EE4CCC6AA0C556AA84EC813D4362AC9906D3D932132C737F27B4A ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
22:15:11.0456 0x17f8 mfencrk - ok
22:15:11.0476 0x17f8 [ F9881B099DD511A9A53B0B9DB668EA9D, 3E57AC8137F893760C7C3DD06D47CCAE9F3EA419E698E5A08925120F3186E11F ] mfevtp C:\Windows\system32\mfevtps.exe
22:15:11.0510 0x17f8 mfevtp - ok
22:15:11.0535 0x17f8 [ 06E22CD1696D37862CFB154E008C7921, 3994F3749716CC956E35AE699027FC2BEFA5F5402E0774323C9C9EA4FBBBC5BD ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
22:15:11.0564 0x17f8 mfewfpk - ok
22:15:11.0609 0x17f8 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll
22:15:11.0653 0x17f8 MMCSS - ok
22:15:11.0666 0x17f8 [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys
22:15:11.0710 0x17f8 Modem - ok
22:15:11.0751 0x17f8 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:15:11.0796 0x17f8 monitor - ok
22:15:11.0812 0x17f8 [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:15:11.0829 0x17f8 mouclass - ok
22:15:11.0851 0x17f8 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:15:11.0891 0x17f8 mouhid - ok
22:15:11.0915 0x17f8 [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:15:11.0936 0x17f8 MountMgr - ok
22:15:11.0977 0x17f8 [ 4DA42FB0A8294C9FBD52B0EF2EA9EE07, 4C327BC4DCE86CE5DFDD57F2CF09DD9EF52E3E1D0D74BB5825808975FFA7B0FD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:15:11.0998 0x17f8 MozillaMaintenance - ok
22:15:12.0029 0x17f8 [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys
22:15:12.0050 0x17f8 mpio - ok
22:15:12.0071 0x17f8 [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:15:12.0104 0x17f8 mpsdrv - ok
22:15:12.0154 0x17f8 [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:15:12.0224 0x17f8 MpsSvc - ok
22:15:12.0243 0x17f8 [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:15:12.0260 0x17f8 Mraid35x - ok
22:15:12.0288 0x17f8 [ 0F09F5686FD2025C1607B3CA301E3D28, 04F96858C82EDF636F0C8CF8F2286D3A1229BBC9F06C2AFA7BDB9D5DC5BD69BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:15:12.0318 0x17f8 MRxDAV - ok
22:15:12.0350 0x17f8 [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:15:12.0377 0x17f8 mrxsmb - ok
22:15:12.0406 0x17f8 [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:15:12.0447 0x17f8 mrxsmb10 - ok
22:15:12.0465 0x17f8 [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:15:12.0490 0x17f8 mrxsmb20 - ok
22:15:12.0503 0x17f8 [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci C:\Windows\system32\drivers\msahci.sys
22:15:12.0523 0x17f8 msahci - ok
22:15:12.0540 0x17f8 [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:15:12.0562 0x17f8 msdsm - ok
22:15:12.0587 0x17f8 [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe
22:15:12.0630 0x17f8 MSDTC - ok
22:15:12.0646 0x17f8 [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:15:12.0689 0x17f8 Msfs - ok
22:15:12.0724 0x17f8 [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:15:12.0741 0x17f8 msisadrv - ok
22:15:12.0767 0x17f8 [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:15:12.0811 0x17f8 MSiSCSI - ok
22:15:12.0817 0x17f8 msiserver - ok
22:15:12.0842 0x17f8 [ D45DF21E825C3B35B5C000E0E20EC864, B059D0C25FB42B0B4F85BBE21A97AE011A202DEFAB1EB6FFDAB101A73981FB13 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:15:12.0866 0x17f8 MSK80Service - ok
22:15:12.0917 0x17f8 [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:15:12.0957 0x17f8 MSKSSRV - ok
22:15:12.0976 0x17f8 [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:15:13.0018 0x17f8 MSPCLOCK - ok
22:15:13.0030 0x17f8 [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:15:13.0072 0x17f8 MSPQM - ok
22:15:13.0110 0x17f8 [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:15:13.0135 0x17f8 MsRPC - ok
22:15:13.0153 0x17f8 [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:15:13.0169 0x17f8 mssmbios - ok
22:15:13.0206 0x17f8 [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:15:13.0246 0x17f8 MSTEE - ok
22:15:13.0253 0x17f8 [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys
22:15:13.0272 0x17f8 Mup - ok
22:15:13.0307 0x17f8 [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll
22:15:13.0358 0x17f8 napagent - ok
22:15:13.0416 0x17f8 [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:15:13.0444 0x17f8 NativeWifiP - ok
22:15:13.0498 0x17f8 [ 54803EAE413ED3AB97976674B0EF122A, B06D419B84EA1FB9EA218D5379F2DD32B0739D029A51DD75CA74C01F25BAA806 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:15:13.0537 0x17f8 NDIS - ok
22:15:13.0551 0x17f8 [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:15:13.0586 0x17f8 NdisTapi - ok
22:15:13.0596 0x17f8 [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:15:13.0638 0x17f8 Ndisuio - ok
22:15:13.0671 0x17f8 [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:15:13.0710 0x17f8 NdisWan - ok
22:15:13.0726 0x17f8 [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:15:13.0758 0x17f8 NDProxy - ok
22:15:13.0800 0x17f8 [ BD94210175C488F18ADD3E189EE9304C, 450E10FB0BD4F39477752EAC6088984D216757B7151981B382BE9AED33995BF2 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:15:13.0809 0x17f8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:15:16.0164 0x17f8 Detect skipped due to KSN trusted
22:15:16.0164 0x17f8 Net Driver HPZ12 - ok
22:15:16.0171 0x17f8 [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:15:16.0232 0x17f8 NetBIOS - ok
22:15:16.0276 0x17f8 [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:15:16.0324 0x17f8 netbt - ok
22:15:16.0330 0x17f8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe
22:15:16.0352 0x17f8 Netlogon - ok
22:15:16.0385 0x17f8 [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll
22:15:16.0444 0x17f8 Netman - ok
22:15:16.0501 0x17f8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:16.0522 0x17f8 NetMsmqActivator - ok
22:15:16.0534 0x17f8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:16.0556 0x17f8 NetPipeActivator - ok
22:15:16.0580 0x17f8 [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm C:\Windows\System32\netprofm.dll
22:15:16.0637 0x17f8 netprofm - ok
22:15:16.0645 0x17f8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:16.0668 0x17f8 NetTcpActivator - ok
22:15:16.0676 0x17f8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:15:16.0698 0x17f8 NetTcpPortSharing - ok
22:15:16.0720 0x17f8 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:15:16.0738 0x17f8 nfrd960 - ok
22:15:16.0772 0x17f8 [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:15:16.0805 0x17f8 NlaSvc - ok
22:15:16.0826 0x17f8 nmwcdnsux64 - ok
22:15:16.0847 0x17f8 [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:15:16.0878 0x17f8 Npfs - ok
22:15:16.0894 0x17f8 [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll
22:15:16.0937 0x17f8 nsi - ok
22:15:16.0943 0x17f8 [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:15:16.0984 0x17f8 nsiproxy - ok
22:15:17.0056 0x17f8 [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:15:17.0136 0x17f8 Ntfs - ok
22:15:17.0143 0x17f8 [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys
22:15:17.0191 0x17f8 Null - ok
22:15:17.0233 0x17f8 [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:15:17.0255 0x17f8 nvraid - ok
22:15:17.0276 0x17f8 [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:15:17.0294 0x17f8 nvstor - ok
22:15:17.0310 0x17f8 [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:15:17.0332 0x17f8 nv_agp - ok
22:15:17.0338 0x17f8 NwlnkFlt - ok
22:15:17.0343 0x17f8 NwlnkFwd - ok
22:15:17.0383 0x17f8 [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:15:17.0416 0x17f8 ohci1394 - ok
22:15:17.0486 0x17f8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:15:17.0589 0x17f8 p2pimsvc - ok
22:15:17.0624 0x17f8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll
22:15:17.0674 0x17f8 p2psvc - ok
22:15:17.0710 0x17f8 [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys
22:15:17.0775 0x17f8 Parport - ok
22:15:17.0806 0x17f8 [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:15:17.0827 0x17f8 partmgr - ok
22:15:17.0853 0x17f8 [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll
22:15:17.0877 0x17f8 PcaSvc - ok
22:15:17.0910 0x17f8 [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys
22:15:17.0932 0x17f8 pci - ok
22:15:17.0952 0x17f8 [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide C:\Windows\system32\drivers\pciide.sys
22:15:17.0967 0x17f8 pciide - ok
22:15:17.0989 0x17f8 [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:15:18.0009 0x17f8 pcmcia - ok
22:15:18.0046 0x17f8 [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:15:18.0135 0x17f8 PEAUTH - ok
22:15:18.0215 0x17f8 [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:15:18.0260 0x17f8 PerfHost - ok
22:15:18.0390 0x17f8 [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
22:15:18.0560 0x17f8 PID_PEPI - ok
22:15:18.0650 0x17f8 [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll
22:15:18.0768 0x17f8 pla - ok
22:15:18.0825 0x17f8 [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:15:18.0880 0x17f8 PlugPlay - ok
22:15:18.0923 0x17f8 [ 7FE2AFB17D91CF39843D6766EA31CFC7, A4FF09302976CB204BC9E358ED470BDD54BCDA17E49617FCCCD2820D4C94D631 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:15:18.0934 0x17f8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:15:21.0273 0x17f8 Detect skipped due to KSN trusted
22:15:21.0273 0x17f8 Pml Driver HPZ12 - ok
22:15:21.0326 0x17f8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:15:21.0390 0x17f8 PNRPAutoReg - ok
22:15:21.0443 0x17f8 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:15:21.0527 0x17f8 PNRPsvc - ok
22:15:21.0590 0x17f8 [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:15:21.0651 0x17f8 PolicyAgent - ok
22:15:21.0683 0x17f8 [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:15:21.0715 0x17f8 PptpMiniport - ok
22:15:21.0759 0x17f8 [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\drivers\processr.sys
22:15:21.0798 0x17f8 Processor - ok
22:15:21.0824 0x17f8 [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc C:\Windows\system32\profsvc.dll
22:15:21.0851 0x17f8 ProfSvc - ok
22:15:21.0865 0x17f8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:15:21.0885 0x17f8 ProtectedStorage - ok
22:15:21.0923 0x17f8 [ 1D0A3F565397D08707F3D75B88586645, 92EC9C26CD446E86C37CB2FAF235B97D68D9682DD240563EC0C81000FAD7AF25 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
22:15:21.0952 0x17f8 Ps2 - ok
22:15:21.0975 0x17f8 [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:15:22.0011 0x17f8 PSched - ok
22:15:22.0065 0x17f8 [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:15:22.0134 0x17f8 ql2300 - ok
22:15:22.0177 0x17f8 [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:15:22.0196 0x17f8 ql40xx - ok
22:15:22.0229 0x17f8 [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE C:\Windows\system32\qwave.dll
22:15:22.0267 0x17f8 QWAVE - ok
22:15:22.0276 0x17f8 [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:15:22.0299 0x17f8 QWAVEdrv - ok
22:15:22.0310 0x17f8 [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:15:22.0348 0x17f8 RasAcd - ok
22:15:22.0383 0x17f8 [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll
22:15:22.0425 0x17f8 RasAuto - ok
22:15:22.0440 0x17f8 [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:15:22.0476 0x17f8 Rasl2tp - ok
22:15:22.0501 0x17f8 [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll
22:15:22.0551 0x17f8 RasMan - ok
22:15:22.0599 0x17f8 [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:15:22.0629 0x17f8 RasPppoe - ok
22:15:22.0652 0x17f8 [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:15:22.0674 0x17f8 RasSstp - ok
22:15:22.0710 0x17f8 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:15:22.0750 0x17f8 rdbss - ok
22:15:22.0758 0x17f8 [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:15:22.0800 0x17f8 RDPCDD - ok
22:15:22.0828 0x17f8 [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:15:22.0886 0x17f8 rdpdr - ok
22:15:22.0891 0x17f8 [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:15:22.0931 0x17f8 RDPENCDD - ok
22:15:22.0968 0x17f8 [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:15:23.0034 0x17f8 RDPWD - ok
22:15:23.0078 0x17f8 [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:15:23.0119 0x17f8 RemoteAccess - ok
22:15:23.0151 0x17f8 [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:15:23.0190 0x17f8 RemoteRegistry - ok
22:15:23.0219 0x17f8 [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe
22:15:23.0239 0x17f8 RpcLocator - ok
22:15:23.0284 0x17f8 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\system32\rpcss.dll
22:15:23.0338 0x17f8 RpcSs - ok
22:15:23.0377 0x17f8 [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:15:23.0421 0x17f8 rspndr - ok
22:15:23.0465 0x17f8 [ 82B66ABF055611024E5DBB9FA556C11D, 20A57A84F3967E537DC23E00E4EEFEDECBE5468B032786889499D153A8BC97F5 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
22:15:23.0510 0x17f8 RTL8169 - ok
22:15:23.0517 0x17f8 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe
22:15:23.0539 0x17f8 SamSs - ok
22:15:23.0598 0x17f8 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:15:23.0613 0x17f8 SASDIFSV - ok
22:15:23.0632 0x17f8 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:15:23.0647 0x17f8 SASKUTIL - ok
22:15:23.0668 0x17f8 [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:15:23.0686 0x17f8 sbp2port - ok
22:15:23.0714 0x17f8 [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:15:23.0750 0x17f8 SCardSvr - ok
22:15:23.0806 0x17f8 [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule C:\Windows\system32\schedsvc.dll
22:15:23.0905 0x17f8 Schedule - ok
22:15:23.0930 0x17f8 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:15:23.0960 0x17f8 SCPolicySvc - ok
22:15:23.0982 0x17f8 [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:15:24.0016 0x17f8 SDRSVC - ok
22:15:24.0031 0x17f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:15:24.0052 0x17f8 secdrv - ok
22:15:24.0072 0x17f8 [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon C:\Windows\system32\seclogon.dll
22:15:24.0116 0x17f8 seclogon - ok
22:15:24.0130 0x17f8 [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS C:\Windows\System32\sens.dll
22:15:24.0172 0x17f8 SENS - ok
22:15:24.0193 0x17f8 [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:15:24.0250 0x17f8 Serenum - ok
22:15:24.0271 0x17f8 [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys
22:15:24.0330 0x17f8 Serial - ok
22:15:24.0349 0x17f8 [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:15:24.0388 0x17f8 sermouse - ok
22:15:24.0414 0x17f8 [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv C:\Windows\system32\sessenv.dll
22:15:24.0454 0x17f8 SessionEnv - ok
22:15:24.0467 0x17f8 [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:15:24.0507 0x17f8 sffdisk - ok
22:15:24.0517 0x17f8 [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:15:24.0556 0x17f8 sffp_mmc - ok
22:15:24.0575 0x17f8 [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:15:24.0613 0x17f8 sffp_sd - ok
22:15:24.0631 0x17f8 [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:15:24.0693 0x17f8 sfloppy - ok
22:15:24.0769 0x17f8 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:15:24.0827 0x17f8 SharedAccess - ok
22:15:24.0881 0x17f8 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:15:24.0909 0x17f8 ShellHWDetection - ok
22:15:24.0925 0x17f8 [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:15:24.0943 0x17f8 SiSRaid2 - ok
22:15:24.0965 0x17f8 [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:15:24.0985 0x17f8 SiSRaid4 - ok
22:15:25.0022 0x17f8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:15:25.0051 0x17f8 SkypeUpdate - ok
22:15:25.0157 0x17f8 [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe
22:15:25.0326 0x17f8 slsvc - ok
22:15:25.0379 0x17f8 [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:15:25.0418 0x17f8 SLUINotify - ok
22:15:25.0441 0x17f8 [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:15:25.0480 0x17f8 Smb - ok
22:15:25.0512 0x17f8 [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:15:25.0535 0x17f8 SNMPTRAP - ok
22:15:25.0562 0x17f8 [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys
22:15:25.0581 0x17f8 spldr - ok
22:15:25.0609 0x17f8 [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:15:25.0648 0x17f8 Spooler - ok
22:15:25.0686 0x17f8 [ 4A3CE977E95070922EBA8EEE80EF08C0, EDC0DB3CBB20F7E4E517078C67CB4833F415EA386605011B13AE78C117DE0267 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:15:25.0777 0x17f8 srv - ok
22:15:25.0807 0x17f8 [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:15:25.0844 0x17f8 srv2 - ok
22:15:25.0862 0x17f8 [ DA20A8B6800396211638D91F68FF09A6, 624ACDB9C4B20C3556ACD01E0794A7BAC0A8F867580210251540C5E14413A428 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:15:25.0886 0x17f8 srvnet - ok
22:15:25.0906 0x17f8 [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:15:25.0954 0x17f8 SSDPSRV - ok
22:15:25.0988 0x17f8 [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:15:26.0014 0x17f8 SstpSvc - ok
22:15:26.0059 0x17f8 [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll
22:15:26.0110 0x17f8 stisvc - ok
22:15:26.0138 0x17f8 [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:15:26.0154 0x17f8 swenum - ok
22:15:26.0197 0x17f8 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll
22:15:26.0261 0x17f8 swprv - ok
22:15:26.0293 0x17f8 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:15:26.0311 0x17f8 Symc8xx - ok
22:15:26.0331 0x17f8 [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:15:26.0350 0x17f8 Sym_hi - ok
22:15:26.0368 0x17f8 [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:15:26.0385 0x17f8 Sym_u3 - ok
22:15:26.0442 0x17f8 [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain C:\Windows\system32\sysmain.dll
22:15:26.0518 0x17f8 SysMain - ok
22:15:26.0556 0x17f8 [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
22:15:26.0580 0x17f8 TabletInputService - ok
22:15:26.0632 0x17f8 [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:15:26.0680 0x17f8 TapiSrv - ok
22:15:26.0721 0x17f8 [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll
22:15:26.0762 0x17f8 TBS - ok
22:15:26.0825 0x17f8 [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:15:26.0926 0x17f8 Tcpip - ok
22:15:26.0995 0x17f8 [ 00F77C4555FFABC21ADDB3160B2F574A, 292D3D9FC923283A25717831C5F1EA3046CB09F4F1B342BB93A506E68B9D4090 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:15:27.0074 0x17f8 Tcpip6 - ok
22:15:27.0120 0x17f8 [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:15:27.0140 0x17f8 tcpipreg - ok
22:15:27.0154 0x17f8 [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:15:27.0192 0x17f8 TDPIPE - ok
22:15:27.0211 0x17f8 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:15:27.0251 0x17f8 TDTCP - ok
22:15:27.0276 0x17f8 [ A47CD175CF72CA5EEDB47C79532A7622, 1F682B002A64D2A8559005651F742DD3AFB50AE5D6DADAF4A75DD08410385FBF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:15:27.0297 0x17f8 tdx - ok
22:15:27.0582 0x17f8 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:15:27.0863 0x17f8 TeamViewer - ok
22:15:27.0923 0x17f8 [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:15:27.0941 0x17f8 TermDD - ok
22:15:27.0987 0x17f8 [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService C:\Windows\System32\termsrv.dll
22:15:28.0035 0x17f8 TermService - ok
22:15:28.0055 0x17f8 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll
22:15:28.0083 0x17f8 Themes - ok
22:15:28.0116 0x17f8 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll
22:15:28.0159 0x17f8 THREADORDER - ok
22:15:28.0177 0x17f8 [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll
22:15:28.0223 0x17f8 TrkWks - ok
22:15:28.0284 0x17f8 [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:15:28.0314 0x17f8 TrustedInstaller - ok
22:15:28.0342 0x17f8 [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:15:28.0362 0x17f8 tssecsrv - ok
22:15:28.0387 0x17f8 [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:15:28.0406 0x17f8 tunmp - ok
22:15:28.0452 0x17f8 [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:15:28.0471 0x17f8 tunnel - ok
22:15:28.0491 0x17f8 [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:15:28.0510 0x17f8 uagp35 - ok
22:15:28.0556 0x17f8 [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:15:28.0593 0x17f8 udfs - ok
22:15:28.0626 0x17f8 [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:15:28.0669 0x17f8 UI0Detect - ok
22:15:28.0699 0x17f8 [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:15:28.0721 0x17f8 uliagpkx - ok
22:15:28.0742 0x17f8 [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:15:28.0775 0x17f8 uliahci - ok
22:15:28.0785 0x17f8 [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:15:28.0806 0x17f8 UlSata - ok
22:15:28.0842 0x17f8 [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:15:28.0863 0x17f8 ulsata2 - ok
22:15:28.0897 0x17f8 [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:15:28.0941 0x17f8 umbus - ok
22:15:28.0961 0x17f8 [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost C:\Windows\System32\upnphost.dll
22:15:29.0020 0x17f8 upnphost - ok
22:15:29.0025 0x17f8 upperdev - ok
22:15:29.0058 0x17f8 [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:15:29.0090 0x17f8 usbaudio - ok
22:15:29.0138 0x17f8 [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:15:29.0172 0x17f8 usbccgp - ok
22:15:29.0180 0x17f8 [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:15:29.0239 0x17f8 usbcir - ok
22:15:29.0266 0x17f8 [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:15:29.0289 0x17f8 usbehci - ok
22:15:29.0312 0x17f8 [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:15:29.0350 0x17f8 usbhub - ok
22:15:29.0363 0x17f8 [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:15:29.0422 0x17f8 usbohci - ok
22:15:29.0445 0x17f8 [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:15:29.0485 0x17f8 usbprint - ok
22:15:29.0528 0x17f8 [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:15:29.0548 0x17f8 usbscan - ok
22:15:29.0573 0x17f8 [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:15:29.0605 0x17f8 USBSTOR - ok
22:15:29.0616 0x17f8 [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:15:29.0635 0x17f8 usbuhci - ok
22:15:29.0665 0x17f8 [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll
22:15:29.0696 0x17f8 UxSms - ok
22:15:29.0726 0x17f8 [ C5E70C4E64666DB9D69C9F2FDAE22428, 759696619EEAF757AB28098FD9BF8EE045FFDECCBC249084BF01C60863CD3AAA ] VClone C:\Windows\system32\DRIVERS\VClone.sys
22:15:29.0744 0x17f8 VClone - ok
22:15:29.0780 0x17f8 [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe
22:15:29.0826 0x17f8 vds - ok
22:15:29.0843 0x17f8 [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:15:29.0886 0x17f8 vga - ok
22:15:29.0904 0x17f8 [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:15:29.0947 0x17f8 VgaSave - ok
22:15:29.0976 0x17f8 [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys
22:15:29.0995 0x17f8 viaide - ok
22:15:30.0017 0x17f8 [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:15:30.0042 0x17f8 volmgr - ok
22:15:30.0081 0x17f8 [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:15:30.0116 0x17f8 volmgrx - ok
22:15:30.0162 0x17f8 [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:15:30.0187 0x17f8 volsnap - ok
22:15:30.0206 0x17f8 [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:15:30.0227 0x17f8 vsmraid - ok
22:15:30.0293 0x17f8 [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe
22:15:30.0372 0x17f8 VSS - ok
22:15:30.0432 0x17f8 [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll
22:15:30.0486 0x17f8 W32Time - ok
22:15:30.0511 0x17f8 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:15:30.0568 0x17f8 WacomPen - ok
22:15:30.0642 0x17f8 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:15:30.0675 0x17f8 Wanarp - ok
22:15:30.0680 0x17f8 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:15:30.0712 0x17f8 Wanarpv6 - ok
22:15:30.0741 0x17f8 [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:15:30.0790 0x17f8 wcncsvc - ok
22:15:30.0820 0x17f8 [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:15:30.0852 0x17f8 WcsPlugInService - ok
22:15:30.0873 0x17f8 [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys
22:15:30.0890 0x17f8 Wd - ok
22:15:30.0936 0x17f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:15:30.0989 0x17f8 Wdf01000 - ok
22:15:31.0016 0x17f8 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll
22:15:31.0064 0x17f8 WdiServiceHost - ok
22:15:31.0071 0x17f8 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll
22:15:31.0120 0x17f8 WdiSystemHost - ok
22:15:31.0162 0x17f8 [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient C:\Windows\System32\webclnt.dll
22:15:31.0207 0x17f8 WebClient - ok
22:15:31.0227 0x17f8 [ BD9A749F36710FFA02E0E530F7451936, B57A80CA9D689C0122771205F16E1458BEAC7A68B9C2B492FE5EF329FD0DFAFE ] Wecsvc C:\Windows\system32\wecsvc.dll
22:15:31.0272 0x17f8 Wecsvc - ok
22:15:31.0283 0x17f8 [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:15:31.0317 0x17f8 wercplsupport - ok
22:15:31.0335 0x17f8 [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll
22:15:31.0370 0x17f8 WerSvc - ok
22:15:31.0383 0x17f8 WinDefend - ok
22:15:31.0391 0x17f8 WinHttpAutoProxySvc - ok
22:15:31.0445 0x17f8 [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:15:31.0494 0x17f8 Winmgmt - ok
22:15:31.0553 0x17f8 [ 42717DB2BE3A075D0F0CD5C927C27A43, 7CC116B2F6F2911E05A1E7AAE790D2D75F388438AF050B1A7E7C595ABF5F16A4 ] WinRM C:\Windows\system32\WsmSvc.dll
22:15:31.0642 0x17f8 WinRM - ok
22:15:31.0718 0x17f8 [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll
22:15:31.0774 0x17f8 Wlansvc - ok
22:15:31.0805 0x17f8 [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:15:31.0840 0x17f8 WmiAcpi - ok
22:15:31.0881 0x17f8 [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:15:31.0936 0x17f8 wmiApSrv - ok
22:15:31.0948 0x17f8 WMPNetworkSvc - ok
22:15:31.0970 0x17f8 [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:15:32.0011 0x17f8 WPCSvc - ok
22:15:32.0046 0x17f8 [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:15:32.0074 0x17f8 WPDBusEnum - ok
22:15:32.0128 0x17f8 [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:15:32.0155 0x17f8 WpdUsb - ok
22:15:32.0296 0x17f8 [ 4912865D074482DC8E4A96DB5F6E35EB, 1293617856363424DD3A9450EE47033A89DC81ED6F78473BF7E7C63DD57D90E3 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:15:32.0369 0x17f8 WPFFontCache_v0400 - ok
22:15:32.0401 0x17f8 [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:15:32.0447 0x17f8 ws2ifsl - ok
22:15:32.0473 0x17f8 [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\System32\wscsvc.dll
22:15:32.0502 0x17f8 wscsvc - ok
22:15:32.0508 0x17f8 WSearch - ok
22:15:32.0615 0x17f8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
22:15:32.0748 0x17f8 wuauserv - ok
22:15:32.0799 0x17f8 [ 501A65252617B495C0F1832F908D54D8, CB18A80EAB2F23579D1D38B12CD04CF579C6D0B73127A1E88305CC0488D40B2C ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:15:32.0842 0x17f8 WUDFRd - ok
22:15:32.0869 0x17f8 [ 6CBD51FF913C851D56ED9DC7F2A27DDE, 736C66A944F3D37464052211B2728AD53D31CB631CD33B9E094C00D76BF17399 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:15:32.0909 0x17f8 wudfsvc - ok
22:15:32.0933 0x17f8 ================ Scan global ===============================
22:15:32.0969 0x17f8 [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
22:15:33.0009 0x17f8 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
22:15:33.0038 0x17f8 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
22:15:33.0081 0x17f8 [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
22:15:33.0091 0x17f8 [ Global ] - ok
22:15:33.0092 0x17f8 ================ Scan MBR ==================================
22:15:33.0106 0x17f8 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
22:15:33.0593 0x17f8 \Device\Harddisk0\DR0 - ok
22:15:33.0593 0x17f8 ================ Scan VBR ==================================
22:15:33.0597 0x17f8 [ 023567C94C93FB0D8FB036F3EAE2CBE1 ] \Device\Harddisk0\DR0\Partition1
22:15:33.0633 0x17f8 \Device\Harddisk0\DR0\Partition1 - ok
22:15:33.0637 0x17f8 [ BF4ABC72830A426CA73ADF29B751AEF2 ] \Device\Harddisk0\DR0\Partition2
22:15:33.0669 0x17f8 \Device\Harddisk0\DR0\Partition2 - ok
22:15:33.0669 0x17f8 ================ Scan generic autorun ======================
22:15:33.0670 0x17f8 Windows Defender - ok
22:15:33.0894 0x17f8 [ BBB0A0590C844BF21C05BCB50CF612F1, 72DBF119F1C8E398FE98819F2A5A67684F9ECDEA031F5FDA44B21D50F3853BEA ] C:\Windows\RAVCpl64.exe
22:15:34.0170 0x17f8 RtHDVCpl - ok
22:15:34.0236 0x17f8 [ 731F68141C806BD2359FD878CD05C929, 5D3BBE9C10BE24BC7048B504B99089FDBD9B5C00DE791CC92D2526C7A2B842A7 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
22:15:34.0254 0x17f8 IAAnotif - ok
22:15:34.0325 0x17f8 [ D77FC3C18C05C605D12CA7E27F03C35F, 9C04D9172039E905EA4E5B0D178B0C3245913D57D2CF4D89DBD962A076CF858E ] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
22:15:34.0375 0x17f8 HP Health Check Scheduler - ok
22:15:34.0428 0x17f8 [ 9A4322EE420D6FACD4D4B1FF6CB856B1, 527BF61885161B8D93C317CAC1FC8B8A709F0D4AF3599A000C82FE861D6019EF ] c:\hp\support\hpsysdrv.exe
22:15:34.0436 0x17f8 hpsysdrv - detected UnsignedFile.Multi.Generic ( 1 )
22:15:36.0774 0x17f8 Detect skipped due to KSN trusted
22:15:36.0774 0x17f8 hpsysdrv - ok
22:15:36.0831 0x17f8 [ E1E71D80D078C576801B6FE2A29FCF85, 7A8911FF626E5EEC01D7C1922F8AD6901EFC75952ADB3FAF606506C7DB4BC54A ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:15:36.0844 0x17f8 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
22:15:39.0248 0x17f8 Detect skipped due to KSN trusted
22:15:39.0248 0x17f8 StartCCC - ok
22:15:39.0337 0x17f8 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:15:39.0434 0x17f8 Sidebar - ok
22:15:39.0441 0x17f8 WindowsWelcomeCenter - ok
22:15:39.0518 0x17f8 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:15:39.0598 0x17f8 Sidebar - ok
22:15:39.0605 0x17f8 WindowsWelcomeCenter - ok
22:15:39.0693 0x17f8 [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe
22:15:39.0807 0x17f8 Sidebar - ok
22:15:39.0813 0x17f8 WindowsWelcomeCenter - ok
22:15:39.0887 0x17f8 [ 3C4351029D873EA0B56A441411733B6E, FA7B545EC7EFA0D02771BF7A66E8A9FD9611496963E4B19845E3058920F892E5 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
22:15:39.0940 0x17f8 HPADVISOR - ok
22:15:39.0943 0x17f8 Waiting for KSN requests completion. In queue: 4
22:15:40.0943 0x17f8 Waiting for KSN requests completion. In queue: 4
22:15:41.0943 0x17f8 Waiting for KSN requests completion. In queue: 4
22:15:42.0962 0x17f8 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
22:15:42.0966 0x17f8 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
22:15:45.0347 0x17f8 ============================================================
22:15:45.0347 0x17f8 Scan finished
22:15:45.0347 0x17f8 ============================================================
22:15:45.0360 0x16e8 Detected object count: 0
22:15:45.0361 0x16e8 Actual detected object count: 0
|
|
10.02.2016, 22:48
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Gut. Irgendwelche Auffälligkeiten noch bemerkt?
__________________ --> Trojan.Agent - Windows Vista |
|
10.02.2016, 23:03
| #7 |
| | Trojan.Agent - Windows Vista Hi, weiß nicht genau... im Vergleich zu meinem Browser, sehe ich auf dem hier mehr Werbung. Also zum Beispiel in diesem Thread wird Werbung geschaltet, und wenn ich die Seite über meinen Browser öffne, habe ich keine Werbung. Kann das sein, dass doch noch irgendeine Adware auf dem PC ist? |
|
11.02.2016, 19:24
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Mit dem Firefox siehst Du hier im Thread Werbung obwohl AdblockPlus installiert ist?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.02.2016, 08:38
| #9 |
| | Trojan.Agent - Windows Vista Hallo, ach so... es könnte sein, dass ich Adblock deaktiviert habe. Muss ich nochmal schauen. Leider habe ich bis Sonntag abend keinen Zugriff auf den PC meines Vaters. Sorry! |
|
12.02.2016, 11:20
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Ok. 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
16.02.2016, 20:38
| #11 |
| | Trojan.Agent - Windows Vista Hallo, sorry für die späte Nachricht. Also Adblock war deaktiviert. Hab es jetzt wieder aktiviert und siehe da - keine Werbung. Scheint alles normal zu sein. :-) |
|
16.02.2016, 22:04
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Kauf-Empfehlung:  Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
20.02.2016, 08:42
| #13 |
| | Trojan.Agent - Windows Vista Vielen Dank für Deine Hilfe!!  |
|
20.02.2016, 16:41
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | Trojan.Agent - Windows Vista Gerne.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Trojan.Agent - Windows Vista |
| code, dateien, erkannt, eset, gehackt, infizierte, logfile, löschen, mail, malwarebytes, mbam, microsoft, namen, neustart, online, scan, software, system32, trojan.agent, trojaner, vista, websites, windows, windows vista, yahoo |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
