| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win ME - AV-Programm meldet Trojaner auf externer FPWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.05.2016, 17:02
| #1 |
| |  Win ME - AV-Programm meldet Trojaner auf externer FP Hallo TB-Community, da ich ein Notebook entsorgen wollte, dessen Netzteil schon Ewigkeiten nicht mehr verfügbar war, habe ich die FP ausgebaut und diese nun an ein anderes Gerät angeschlossen, um die vorhandenen Daten zu kopieren und anschließend zu löschen. Der erste Virenscan mit Avira ergab, dass sich 4 Trojaner auf der externen FP befinden. Ein weiterer Virenscan mit Bitdefender auf einem anderen Gerät meldete 6 Funde. Schock! Um das Bitdefender-Gerät nicht zu verseuchen, habe ich nun die Trojaner-Beseitigung auf dem Gerät, auf dem Avira installiert ist, fortgeführt und die Trojaner in die Quarantäne verschoben. Hier ein Teil des Berichts: Code:
ATTFilter Konfiguration für den aktuellen Suchlauf:
Job Name..............................: ShlExt
Konfigurationsdatei...................: C:\Users\*****\AppData\Local\Temp\0312ca1a.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: G:,
Durchsuche aktive Programme...........: aus
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Auszulassende Dateien.................:
Beginn des Suchlaufs: Freitag, 13. Mai 2016 11:08
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'G:\' <WIN_ME>
[0] Archivtyp: RSRC
--> G:\WINDOWS\TEMP\winad2.cab.vir
[1] Archivtyp: CAB (Microsoft)
--> winad2.dll
[FUND] Ist das Trojanische Pferd TR/Tinytest.Dld.3
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
G:\WINDOWS\TEMP\winad2.cab.vir
[FUND] Ist das Trojanische Pferd TR/Tinytest.Dld.3
--> G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
[1] Archivtyp: CAB (Microsoft)
--> YSBactivex.dll
[FUND] Ist das Trojanische Pferd TR/Dldr.IstBar.FA
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
[FUND] Ist das Trojanische Pferd TR/Dldr.IstBar.FA
Beginne mit der Desinfektion:
G:\WINDOWS\Temporary Internet Files\Content.IE5\ZS6KBN0E\ysb_1001958[1].cab.vir
[FUND] Ist das Trojanische Pferd TR/Dldr.IstBar.FA
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a8f2928.qua' verschoben!
G:\WINDOWS\TEMP\winad2.cab.vir
[FUND] Ist das Trojanische Pferd TR/Tinytest.Dld.3
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '18e47337.qua' verschoben!
Ende des Suchlaufs: Freitag, 13. Mai 2016 12:01
Benötigte Zeit: 52:33 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
548 Verzeichnisse wurden überprüft
148449 Dateien wurden geprüft
4 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
148445 Dateien ohne Befall
1994 Archive wurden durchsucht
2 Warnungen
2 Hinweise
Code:
ATTFilter G:\WINDOWS\Temporary Internet Files\Content.IE5\WLAV05AV\Angst_lyrics[1].htm HTML/ScrInject.B Trojaner gelöscht
G:\WINDOWS\Temporary Internet Files\Content.IE5\OHQJWHU7\cab_refreshing_chat[1].htm JS/Tivso.Gen Trojaner Gesäubert durch Löschen
Auf der externen FP ist Win ME installiert gewesen. Angeschlossen ist diese an ein Gerät, auf dem Win 7 SP 1 läuft. Die Anleitung für Hilfesuchende bei Trojaner- und Virenbefall habe ich mir durchgelesen. 1. Frage: soll jetzt trotz Befalls der ext. FP ein Systemscan mit Farbar's Recovery Scan Tool durchgeführt werden? Für Antwort und Hilfe bedanke ich mich im Voraus bereits recht herzlich, vG ratte Geändert von ratte98 (15.05.2016 um 18:02 Uhr) |
|
16.05.2016, 13:03
| #2 |
| /// TB-Ausbilder   | Win ME - AV-Programm meldet Trojaner auf externer FP Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
16.05.2016, 14:00
| #3 |
| | Win ME - AV-Programm meldet Trojaner auf externer FP Hallo Matthias,
__________________vielen Dank, dass Du Dich meines Problems annimmst. Ich bin Andrea. Anbei die Datei (meinen Namen habe ich durch *** ersetzt): Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-05-2016
durchgeführt von *** (2016-05-16 14:22:52)
Gestartet von C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-15 18:18:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3147491749-1704817828-3195401907-500 - Administrator - Disabled)
Gast (S-1-5-21-3147491749-1704817828-3195401907-501 - Limited - Disabled)
*** (S-1-5-21-3147491749-1704817828-3195401907-1000 - Administrator - Enabled) => C:\Users\***
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 EasyLogin (HKLM-x32\...\1&1 EasyLogin) (Version: - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Anti-Twin (Installation 10.05.2015) (HKLM-x32\...\Anti-Twin 2015-05-10 17.09.17) (Version: - Joerg Rosenthal, Germany)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.260 - ArcSoft)
ARIS Express (HKLM-x32\...\{1252F398-5142-4D81-AD31-8B0204C26E8C}) (Version: 1.00 - Ihr Firmenname)
ARIS Express 2.3 (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\ARIS Express 2.3) (Version: - Software AG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{68201122-5B1D-70CF-6B4B-AB7732A782A5}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006203630.48.56.5901682 - Audible, Inc.)
Beetle Ju 3 (VOLLVERSION) (HKLM-x32\...\Beetle Ju 3 (VOLLVERSION)) (Version: 1.0.0.0 - INTENIUM GmbH)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
ccc-core-static (x32 Version: 2009.1124.2131.38610 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
EaseUS Todo Backup Free 5.8 (HKLM-x32\...\EaseUS Todo Backup Free 5.8_is1) (Version: 5.8 - CHENGDU YIWO Tech Development Co., Ltd)
eDocPrintPro v3.17.5 (HKLM\...\{2F592033-5008-4011-8CC1-7F57531BDE5F}) (Version: 3.17.5 - MAY-Computer)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Excel Protection Remover (HKLM-x32\...\ST6UNST #2) (Version: - )
FiBu on Screen (HKLM-x32\...\{DAB590AF-7C64-4D52-BED0-1ED962230D2A}) (Version: - )
FreeFileSync 6.15 (HKLM-x32\...\FreeFileSync) (Version: 6.15 - www.FreeFileSync.org)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Gpg4win (2.1.0-rc2) (HKLM-x32\...\GPG4Win) (Version: 2.1.0-rc2 - The Gpg4win Project)
gs_x64 (HKLM\...\{2E415339-7210-4A3B-84EA-E50FE7565F0D}) (Version: 9.00 - MAY-Computer)
gs_x64 (HKLM\...\{BB41FF1B-4D74-496E-91CE-E6AB8EB58215}) (Version: 8.71 - MAY-Computer)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.17.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP User Guides (HKLM-x32\...\{4D5927FF-F3A0-4E03-9DE9-8265499164CF}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{F9A43C0C-F274-4EC0-B02E-202C15C09C00}) (Version: 3.50.12.1 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.0.01.09151 - Sony Corporation)
inSSIDer (HKLM-x32\...\{C7DEE429-4C9B-4126-894F-50B4F54FF196}) (Version: 1.2.8 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet-Radio Player Version 2.01.5 (HKLM-x32\...\Internet-Radio Player_is1) (Version: - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Kinder des Mondes (HKLM-x32\...\Kinder des Mondes) (Version: 1.0.0.0 - INTENIUM GmbH)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
MAGIX Foto Manager 10 deluxe Download-Version (HKLM-x32\...\MAGIX_MSI_Digital_Foto_Maker_10) (Version: 8.0.1.147 - MAGIX AG)
MAGIX Foto Manager 10 deluxe Download-Version (x32 Version: 8.0.1.147 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{17ADCD9C-F753-47A1-A50D-19C69EDD4C2B}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{DF95EAF0-9C2D-4DD7-824F-FC2A6FBF8C18}) (Version: 7.0.2.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Project 2000 (HKLM-x32\...\{1E9678A0-B4C1-11D2-863F-00C04F6E09F2}) (Version: 9.00.3818 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd)
Moorhuhn Schatzjäger 3 (HKLM-x32\...\Moorhuhn Schatzjäger 3) (Version: 1.00 - phenomedia publishing gmbh)
Mountain Crime: Die Vergeltung (HKLM-x32\...\Mountain Crime: Die Vergeltung) (Version: 1.0.0.0 - INTENIUM GmbH)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 5.1.0.5314 - MyHeritage.com)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
Neptunia Vollversion (HKLM-x32\...\Neptunia Vollversion) (Version: - )
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Phantasmat Sammleredition (HKLM-x32\...\BFG-Phantasmat Sammleredition) (Version: - )
Photo Loader 3.0G (HKLM-x32\...\{70B45586-B51E-4947-A258-A895596C5CED}) (Version: - )
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
R für Windows (HKLM-x32\...\R für Windows) (Version: - )
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version: - )
Sandman (HKLM-x32\...\Sandman) (Version: 1.0.0.0 - INTENIUM GmbH)
scilab-5.4.1 (64-bit) (HKLM\...\scilab-5.4.1 (64-bit)_is1) (Version: - Scilab Enterprises)
Self-Service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Sherlock Holmes und der Hund der Baskervilles (HKLM-x32\...\Sherlock Holmes und der Hund der Baskervilles) (Version: 1.0.0.0 - INTENIUM GmbH)
soft Xpansion Perfect PDF 5 Premium (HKLM-x32\...\{1FD1567B-0129-4FA0-914C-F3E02833F77B}) (Version: 5.0 - )
SPIRIT Bauteile 2013 (HKLM-x32\...\SPIRIT Bauteile 2013_is1) (Version: 2013.01 - SOFTTECH GmbH)
SpyOFF (HKLM-x32\...\{926D963B-C5AB-4988-8415-62889073F0B2}) (Version: 1.0.1.14 - Sareta S.r.l.)
Statistiklabor 3 (HKLM-x32\...\Statistiklabor 3) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Studio C++ 9.0 Runtime (HKLM-x32\...\{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}) (Version: 1.0.0 - TomTom International B.V.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WISO Steuer 2013 (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer 2014 (HKLM-x32\...\{2AE0DAFD-7FDA-4B35-80D1-6BBEB3747CD8}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Xpress 7.3 (HKLM-x32\...\{A25BDF4B-9CA5-4202-8541-EEB245F14862}) (Version: 7.3 - FICO)
Zeta Producer 11 11.2.3 (nur entfernen) (HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\ZetaProducer11) (Version: 11.2.3 - Zeta Software GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02C68EBA-91D2-4BAA-A103-6E069BD4A122} - System32\Tasks\{955570D2-5F44-4E34-911C-6A5FA2791E4C} => F:\ETS2204\Install.exe
Task: {03678F24-21E8-4E67-9030-CA31A0D20908} - System32\Tasks\{B55DAB1B-0C85-4130-9815-C8CEDC8A397A} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {044D7E3D-1956-446A-8994-1429582B8C87} - System32\Tasks\{BEC046BA-EE44-49CD-8325-E8CD58257BA7} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {061021F8-5705-4CCA-BCDC-C9267AD5CB1B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {072CCBD9-BECB-4034-94B6-6F4C6E7E50EF} - System32\Tasks\{E9A582AB-32A3-44EE-A3AA-A103E6285603} => pcalua.exe -a C:\Users\***\Downloads\EX-Z750_102.exe -d C:\Users\***\Downloads
Task: {09B8CE39-737C-4F90-B0FB-9106F7541B84} - System32\Tasks\{536CBBA3-B1BF-4996-9B81-13906773F958} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {0D0C9567-9827-4C93-8AF2-7E9E076FED52} - System32\Tasks\{8ED7DDBB-A116-4934-9E29-60BE6398A48D} => F:\SETUP.EXE
Task: {0D4C11C3-3A27-4342-910B-EF22997C9C8E} - System32\Tasks\{37937F6C-60AA-45BB-AC4F-B16731550678} => F:\SETUP.EXE
Task: {120D22AE-5489-420D-91B0-4202255F1478} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {1620A232-F6F8-4B63-9026-1AACC38ED32B} - System32\Tasks\{9F099718-DC6B-4B20-883D-B3D72C5F133C} => C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe [2009-01-09] (ArcSoft, Inc.)
Task: {1A00FFBF-2895-4D4C-A8CD-71B8D3C9CCED} - System32\Tasks\{9B21145B-4564-4E03-8932-8397392894B0} => F:\SETUP.EXE
Task: {1BCD1E06-7186-4830-834C-E67DDCBE4B81} - System32\Tasks\{7B7D10B3-A22F-4483-AD6D-F94861E2A7E7} => F:\ETS2204\Install.exe
Task: {2092E184-8031-4103-8AF3-683DE7A5AF36} - System32\Tasks\{E84ABE35-4142-4E76-A8C2-891CAEE6EDA6} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {24EADC05-2238-4CEC-B4ED-7EB54E839E3E} - System32\Tasks\{CB64D34E-91EF-4B33-AD6E-71E3E6C23597} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {260CF82A-1311-4866-A58F-CA5FC336E52C} - System32\Tasks\{B48CD537-D176-42F1-AB15-65F60BDEFA9F} => pcalua.exe -a C:\Users\***\Downloads\Authorware_Web_Player_Plugin.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {2C62B602-6DA7-4CD7-BE8B-634E41AD24BE} - System32\Tasks\{91C25797-9CFF-4CC9-ABEB-48D162218EBE} => F:\SETUP.EXE
Task: {302A10D7-A09A-4C72-90F5-7041129B36D7} - System32\Tasks\{3C4D6DE5-56A1-466F-9D25-0CECB847E3A3} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {32ACAD8A-9FE2-4478-B848-C35D4DBC9FF5} - System32\Tasks\{25716C9B-9323-48EE-B736-02259F8BA4E7} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {3369E11B-3A47-4721-AA54-216335A6B2A2} - System32\Tasks\{77BADCFB-0A89-4C35-ABEB-3AFBB265AB89} => pcalua.exe -a C:\Users\***\Downloads\mmswbila.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {35734605-3310-4FFC-A56A-EED274CCD0FB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3147491749-1704817828-3195401907-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {40638962-45FB-4C75-B032-ECB11B3015CA} - System32\Tasks\{4E797F87-C934-452B-9EB4-B3405210B16B} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {41ED893B-2B89-4E5B-93D6-E53B2CF04641} - System32\Tasks\{BF8D48B6-A9CB-40EB-916C-08FD942B2FFA} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {435015B0-6A7C-42B9-AE4C-5470B231ECBC} - System32\Tasks\{19FBDFA0-C3A2-46FE-A166-975E07D399D9} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {44A8A50B-EDC7-42C7-97B7-C74AA869FFE2} - System32\Tasks\{450AE944-7C6B-408D-81C3-F331C8A81CC5} => F:\ETS2204\Install.exe
Task: {44EC511B-0E95-47E2-BBF5-707CADF87C4D} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-05-14] (RealNetworks, Inc.)
Task: {488DE9B8-C9DA-49E1-A011-9FCEA436B634} - System32\Tasks\{0E658B51-B7DF-4D24-B86A-0F5C71888BFD} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {49F1F93D-988D-4D6F-8EAA-2CB2A364E796} - System32\Tasks\{E42DB200-73FC-461B-81E2-18AE22F099D0} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {4A91E392-F4D6-4B6C-A347-8B6ADDCC4852} - System32\Tasks\{120FA4BF-2B18-40B0-B15B-865CB3AB6759} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {4AAACCF6-C732-4102-B32B-EC0C9635499C} - System32\Tasks\{AE2AE7A2-A1CC-40BB-BCA4-A072BAFE8004} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {4B081A34-0E43-4ECB-A01B-5B7565981457} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {4BB74F0E-8173-494D-BF71-87C37973E4AB} - System32\Tasks\{4F0DC2CE-4A1A-42CE-82B7-591A1557AD11} => pcalua.exe -a F:\fibusetup.exe -d F:\
Task: {5090A572-5F7C-4A26-BD1E-35725BBC2739} - System32\Tasks\{EDF3F5D1-F465-4344-B9CC-BDF5073E9DA5} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {539D3A04-18E1-4D46-B510-CC8DA262B0F1} - System32\Tasks\{2C4A2476-AAC1-430F-A578-707677548D32} => pcalua.exe -a "C:\Program Files (x86)\OXXOGames\GPlayer\\MyInstall.exe" -c ScriptUInst "C:\Program Files (x86)\OXXOGames\GPlayer\Install\\Game_Die4Elemente2.log"
Task: {548A99CE-B83E-4923-BE6D-60F50C97F7F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {55C38FD8-77C8-45F6-B301-ED3097055D71} - System32\Tasks\{39CFF968-807B-4198-B6D9-175798939346} => pcalua.exe -a C:\Users\***\Desktop\SoftonicToolbar.exe -d C:\Users\***\Desktop <==== ACHTUNG
Task: {586599BF-F92A-4D95-ADCB-600D252B48CA} - System32\Tasks\{174BD41F-5DE5-4895-9CDB-DA7EFAF2AE22} => Firefox.exe
Task: {58C99680-50CE-4BC1-8D7E-AD08319A6178} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {5B546275-E70E-4B68-980D-6178DF8A473A} - System32\Tasks\{CDECEBD1-D4FF-4B9C-817E-E71027B35BE6} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {63B28470-51AF-46D6-8D7A-A0D1923EB34B} - System32\Tasks\{EC737A9D-A344-42E9-A430-9FAE8B0C93F3} => F:\SETUP.EXE
Task: {6436AB49-FC75-4751-B12F-A63F9F62460B} - System32\Tasks\{6B542FF7-C5C5-49E9-BA6D-5E8C1E7702DA} => F:\SETUP.EXE
Task: {655D0720-1FA2-4C0E-A797-3FBFEDBE76DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {6599C2F8-4E0E-4A0E-8435-0521EC213A7E} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {69A5FA5C-8640-49F3-94DD-5E4FEE7FFFBE} - System32\Tasks\{001B7076-6095-431C-ACED-3F5A59D16A44} => F:\SETUP.EXE
Task: {6E86F686-D50A-4FC9-A80C-4C18325BE8ED} - System32\Tasks\{15654592-E61D-4B39-83F3-EC8EDE7A0F5D} => F:\SETUP.EXE
Task: {701822AC-E59B-41EE-B27E-656B2FEEB6A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {70CF44DA-E7D6-46C2-92D6-79FD9E91FE2C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {74412BCC-451E-4B34-8E86-046DDFF3F86D} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {7609F695-3BED-4956-A1DA-2B7658993433} - System32\Tasks\{E418731C-A50D-47BE-95CB-B37DA0D4CB1B} => pcalua.exe -a C:\Users\***\Downloads\digitaleditions_172.exe -d C:\Users\***\Downloads
Task: {78B6EF22-DD39-4711-B89D-00FE3B4511DB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3147491749-1704817828-3195401907-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A035F24-B927-4CF1-949F-E620C9EA512D} - System32\Tasks\{EDD69F6D-5046-467F-87CE-DF303CE07D47} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7B250953-67DB-4E13-BC02-0540EB36D0A1} - System32\Tasks\{C8A0FB54-AC4C-4996-9975-9455C49001E4} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7BA44B0B-643B-4C2C-BAE4-8CE80039A345} - System32\Tasks\{7345E4F7-75AB-4C5A-A0F3-2780040F6331} => pcalua.exe -a C:\Users\***\Downloads\jre.exe -d C:\Users\***\Downloads
Task: {7C496898-0394-4EFD-AA4C-DA668CD6C192} - System32\Tasks\{4A42890E-ED34-4945-B047-6E9D27D0C8EB} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {7F34DBC0-6407-46F9-BD16-1E5E43FE1F0E} - System32\Tasks\{7DDEE26D-9ADD-46AA-BAFE-0885B461830E} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {80E2CA56-0DA5-420A-8026-8824B02E228B} - System32\Tasks\{B3F97CBF-3AFE-4BE3-9916-422FFA8836D2} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {8A3C6B70-DE14-4295-9AA0-A922C57BC39B} - System32\Tasks\{FC2F4E7A-43F5-4E11-9032-9562F8C2C606} => Firefox.exe
Task: {933B94FE-43CD-44C6-A54C-5307C0A72FE8} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {94172650-D64C-4A02-8BBE-44EC7A71D922} - System32\Tasks\{4419CDF5-8BA9-466F-8742-C59E1ECFB88A} => F:\SETUP.EXE
Task: {95DB24F4-2837-4873-AEF7-D06C6CBF2E8B} - System32\Tasks\{C2BE814C-2980-4FCF-9A19-453D59220250} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9640A57A-9848-4719-B659-466C880483BB} - System32\Tasks\{BB045A00-962D-4AEF-A7FF-A19FB36496DB} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe"
Task: {96DE29A2-DDC2-479D-836B-4BDAA9103706} - System32\Tasks\{983E7244-1A4E-4275-B63D-DBA7BC88D9D1} => pcalua.exe -a F:\start.exe -d F:\
Task: {98053BB0-FB13-4D3B-AD1A-EC0EDB029638} - System32\Tasks\{2CCD5BE6-B439-4C8B-B100-142CBBB2D481} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {980934E1-201A-4821-A662-E0D5EF22EA5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {987BB664-FBED-4F7D-A9FE-8AC6F3AF3E82} - System32\Tasks\{0DD9FE5E-71C5-403B-9003-CC3C04FAA301} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Skype\Phone\Skype.exe"
Task: {98A68AD1-ABFC-4F03-8835-1FA998ADD75A} - System32\Tasks\{35292543-D197-4719-A29D-8037C408EB29} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9B91305F-4DFC-4718-98C5-1103374886B7} - System32\Tasks\{92223E9D-65F5-4070-BD3E-D42B203E6E34} => F:\ETS2204\Install.exe
Task: {9D59B2D4-4177-43EA-8902-25838591A47E} - System32\Tasks\{F859BA81-36EF-4289-84FD-B235388A665F} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {9F7C03DC-2A39-45A5-AA94-334A596EF8B4} - System32\Tasks\{FB2C8A83-81F2-426B-AF64-1FFC679C18D9} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {A551FAD1-F3BD-4211-9E5B-20FFFE0401BF} - System32\Tasks\{6BE74B63-B296-4AD1-ACB3-F5F7FD82144A} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {A606D093-E49B-4D47-9E34-D6786044FBF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A6BFDBE2-724C-417F-86EE-2C2456BCF9C2} - System32\Tasks\{8DE9EABE-9C0C-4A83-9540-63BCAEC628F2} => F:\SETUP.EXE
Task: {A7CDB3B3-179C-4C01-B1D5-78D370975816} - System32\Tasks\{DDDB3642-8E31-4E7D-A2C0-AAF691A3F398} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {AD2E2C0E-0748-45B1-A0AF-665A42E80AA2} - System32\Tasks\{8B6493A6-C86E-4D8E-9ACA-867487666EE8} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {B066712A-282D-416A-8320-7AEBEA21E6F9} - System32\Tasks\{5DCDEA97-F9BF-4682-B61C-59F2703D3EC8} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {B25CEC1A-B261-45E5-B9F3-F3073DE8A538} - System32\Tasks\{0BC1A2AF-12A7-40E6-93B7-62FDF3ED44A5} => F:\INSTALL\START.EXE
Task: {B4FA9BD0-15AC-488B-B0EA-524CD0907C7A} - System32\Tasks\{0A2B9BF4-C887-48B7-B638-8D5A1D117DED} => F:\SETUP.EXE
Task: {BA347D1A-FEC5-48C1-8794-AFE3E72B3236} - System32\Tasks\{9283EDF0-DA7A-4975-AAA5-8F4AD52B9689} => F:\SETUP.EXE
Task: {BC768571-F11B-435B-B5BB-3F8043827E46} - System32\Tasks\{3840312C-A1C6-4BDC-8C18-EB3E9EFC3002} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {BF41916F-7C0D-4D4C-8D5D-43EB0231E82C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {C1B6991A-4936-4195-BCEF-98E79AFFA0E3} - System32\Tasks\{38A13B52-DBAD-418F-B3B1-2EC60D46AD2B} => F:\ETS2204\Install.exe
Task: {C1EDF6F2-7AAB-44C3-BC6A-2CC9AB850F8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-01-06] (HP Inc.)
Task: {C4530DDC-0273-48CF-A5E4-F2CC3E104685} - System32\Tasks\{DCB65088-84E3-4A8D-8410-637E169EA40B} => pcalua.exe -a "C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe" -d C:\Users\***\Desktop
Task: {C48DA263-546A-490E-A333-5EFB9620B98D} - System32\Tasks\{FCF601C3-3DC8-4AA2-828E-DF3084F385F4} => F:\SETUP.EXE
Task: {CD4AA4C1-0554-40AD-8D30-88CF3CA78602} - System32\Tasks\{E36C2F24-CEA4-446C-A0DD-8A18D5E87AB6} => F:\SETUP.EXE
Task: {D18B4B1E-F5C9-4F14-B215-A03E92D0266F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {D1EFE84D-BCC3-46D8-86C3-B569F6C0819D} - System32\Tasks\{AF03B8DB-EE2F-4EEF-A8C8-A3BB3CC2CED9} => F:\SETUP.EXE
Task: {D3F37B6A-F036-40F7-9F0E-BEF9D00BAE62} - System32\Tasks\{7AA278AD-2BDB-4E96-9EB3-1F88950C0C1B} => F:\SETUP.EXE
Task: {D6D06B38-758C-49EE-897D-74EA193C8694} - System32\Tasks\{40237B5D-9EB5-40CB-8804-45B68CF5605B} => pcalua.exe -a "C:\Program Files (x86)\Zylom Games\UninstallPlugin.exe" -d "C:\Program Files (x86)\Zylom Games"
Task: {D732B75B-8B2B-4FAA-B3D9-052052F728E7} - System32\Tasks\{6F769306-CA22-482D-A965-355C63E3309C} => F:\SETUP.EXE
Task: {D778B6ED-6615-4059-A150-8DB55EB66093} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3147491749-1704817828-3195401907-1000
Task: {DB754D56-76CC-4590-911D-B49883B74927} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {DB8459AD-BFE9-4734-94C5-AD2BD475161A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {E0B38C90-F57E-46C1-AEFE-F430B7C50DE1} - System32\Tasks\{9580C869-DDE0-46C4-86C8-D4AA893EF5E2} => pcalua.exe -a C:\Users\***\Downloads\pl302g.exe -d C:\Users\***\Downloads
Task: {E26A19B4-E786-48FE-AEA0-5C3CC5AB3E4F} - System32\Tasks\{376788F5-FDCC-4FCD-878A-8EEEBCDB2F14} => F:\SETUP.EXE
Task: {E65EB961-331D-4B33-B4B9-AA34F03BB888} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {E6E1AB3C-5B24-408C-AAA5-57A58A94F0D6} - System32\Tasks\{18127638-ECBB-4524-A942-47C59AE5146B} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {E79C90BA-582D-4D6C-8ADC-F4FBAFC457B5} - System32\Tasks\{6081ACFB-6C04-41FA-9C30-E9C5752D4C94} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {E7A6BE4F-ACEB-42A3-83E3-2C8D3C75397B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {E7E3F7C2-1E2B-4BC2-8D3E-B0BFA6D8DF82} - System32\Tasks\{2256D4AC-3424-4468-95F8-2A73C65F8593} => F:\SETUP.EXE
Task: {EBD22F96-9990-4D4B-95C7-E59058FE1899} - System32\Tasks\{FFFB84F1-91A1-4802-A28E-37F97A7188FF} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {ECD0CCBD-41FA-46CD-BAE5-3E88162CD8CF} - System32\Tasks\{714733C6-981E-4AE1-8DF5-3AE03C49617B} => pcalua.exe -a C:\Users\***\Downloads\GameCenterAktualisierung.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {EF342DCD-DDF0-442F-B2E2-15674B09E6AD} - System32\Tasks\{0DD0CCED-FCA1-4678-8013-4704FA598345} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {F2C67801-3010-4683-A859-DBC257946D42} - System32\Tasks\{B219FF33-53C8-4308-966C-F7483FA8D446} => F:\SETUP.EXE
Task: {F36B5A63-97A1-4649-8EEA-44D3FE36EC9D} - System32\Tasks\{7DDA0713-B2CA-4D5B-83E5-7B1F18378A21} => C:\Program Files (x86)\Auerswald\ETS2204I\2.5\ets2204w.exe
Task: {F3DC503B-7D11-428C-B4EB-7639C2D1F0F9} - System32\Tasks\{DA9C65AF-9022-481A-969E-2E4B234D05C0} => F:\SETUP.EXE
Task: {F3F35BB4-CE29-4CCB-9C23-D55174564DB5} - System32\Tasks\{1E5E6DD4-83C7-4702-A3D6-7DB47A6962DF} => pcalua.exe -a "C:\Program Files (x86)\Common Files\MAYComputer\eDocPrintPro\UnInstallDriver.exe" -d "C:\Program Files (x86)\Common Files\MAYComputer\eDocPrintPro"
Task: {F5D51D4B-6051-4BF2-8BA3-8091E9472276} - System32\Tasks\{F20FCAB3-53BF-49BC-A41E-87A0DE5962F5} => Firefox.exe
Task: {F5E09347-7B65-4464-BBEB-009B8B4D9BC1} - System32\Tasks\{528C7D2C-E419-4188-946D-A050A74A7435} => pcalua.exe -a "C:\Program Files (x86)\OXXOGames\GPlayer\MyInstall.exe" -d "C:\Program Files (x86)\TuneUp Utilities 2011" -c ScriptUInst "C:\Program Files (x86)\OXXOGames\GPlayer\Install\\Game_OxxoBJ2CD.log"
Task: {F6409CE2-9CAC-40A1-8D46-56E707B419A6} - System32\Tasks\{DD55237C-81CC-460B-B4AE-7BE6AA66C676} => pcalua.exe -a F:\Titelthema\GER_R_FUL_CBE_IS.exe -d F:\Titelthema
Task: {F6586D77-6438-437D-8218-AAAFFC1C3D21} - System32\Tasks\{4E81B9A1-FD99-44B9-9BB0-C120E584D673} => F:\SETUP.EXE
Task: {FC7B090C-2A72-4978-AD74-D2D2EB444932} - System32\Tasks\{142E177A-6577-4047-9B82-AD2C4A7D555D} => F:\SETUP.EXE
Task: {FF9E1E68-B13B-4510-B21A-6EE23C5E6076} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-06-30 18:59 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-12-06 20:01 - 2016-03-20 13:10 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2011-02-04 18:53 - 2011-02-04 18:53 - 00224256 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-12-16 18:03 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2011-02-04 18:48 - 2011-02-04 18:48 - 00208384 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2011-02-04 18:45 - 2011-02-04 18:45 - 00048640 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2011-02-04 18:43 - 2011-02-04 18:43 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2011-02-04 18:48 - 2011-02-04 18:48 - 00073216 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2011-02-04 18:49 - 2011-02-04 18:49 - 00603136 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2013-05-15 09:29 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2013-05-15 09:29 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00090696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00022088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-05-15 09:29 - 2013-03-16 12:36 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:53B8C5D2 [215]
AlternateDataStreams: C:\ProgramData\Temp:9D03192E [218]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A3EAEBAB-86DB-46E1-B430-5149755515DF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{DC7BAFD3-57F8-48FD-87E2-337C69B8CF47}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{415322A8-1080-4CB2-8815-A3B492786EB1}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{B023DA4A-B1E1-41CA-B5C4-88E13C78895A}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [TCP Query User{B242C674-D800-4822-A9D0-4C2E09AEB970}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{BDA80B4B-A37A-4AA1-A9BA-D5956919E6A0}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{C20B4234-DF39-47A3-9A81-81C386C91B04}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{2D3F988A-61BE-4AB0-BC07-9B19A90298AF}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{17622597-1D5A-4FD5-B92C-53BCFA73388C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{9EDD052D-4AAB-4741-8AFC-F0804325C7E1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{F715F9F8-5ED6-47DF-9786-EECD78771C4D}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{E81BDDFB-5279-414D-A345-2EC349D72C97}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{DE31AD98-8F62-46F5-8EE1-F038A8D72544}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{F8FC600A-35BD-4100-A2F6-54638EB55F1F}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{AE1238B0-E04F-4D59-A79D-531F7D2F23C7}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{6FCB5F5F-8821-473C-B2FD-E634764D76CE}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{6CF0E793-B7C7-422B-9DDF-B7C5C6340B65}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{FE5ED5CB-91D4-4E1B-A8B2-F206AABA8CD2}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{262DA29F-EA8D-4897-B277-29E0A98BAFAB}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{6F8168DB-9AD4-4AFC-B95A-FC935F9C8FCB}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{67D66C6B-477A-4F06-B693-41A5EED6978A}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{D3F4D384-C333-4405-9C0D-2431CFF05DAA}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{CCECB8F9-E346-448A-BD17-67CDB83EDE19}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{AA41BF8D-8A0F-4C79-8FFB-F1D8AE881B5C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{13BB8D08-676F-45BA-AA7D-7A7F46411210}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{4076A440-19A2-4775-8F1C-50F1ACEF7BD0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{BDAA014F-B126-480A-A084-F763EE410BB5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{23B7C80E-DF51-4F84-8B83-6CEE2A61616A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{FFA68774-4EC0-455C-921C-ACEBC16155DC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{9A25588F-3BA4-4263-A57B-2731A2CE41F3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{622156C4-FCEC-4695-A6E9-EEFB0BF86832}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A42D28E9-0945-4364-8E90-0C4B80FB50E5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{052E6BE7-800D-41BE-AC49-B66EB59413C6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{6A9B2A5C-96F2-4925-9694-834045B81943}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{24883906-68AA-492B-B0EB-5BC9D589ABE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF470072-0CBE-47EE-AB63-632E848136AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3D60294-99D1-4D2C-BB1A-EA40036DCC96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{400FFF54-ACE6-4B41-A657-A6A697813279}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1450C767-8731-4D45-B534-8C5D5D16B2DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BB24727B-835D-4640-9EE8-A23CC1461F93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9DD9EEC0-3DA0-43F9-961D-06E6E6ED43C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{22EC75C2-3FA1-4D50-A888-25FB9A5C1D75}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Wiederherstellungspunkte =========================
05-05-2016 19:48:46 Windows Update
13-05-2016 13:25:46 Windows Update
16-05-2016 00:05:54 Windows Update
16-05-2016 10:29:16 Removed Java 8 Update 45 (64-bit)
16-05-2016 10:31:00 Removed Adobe Reader XI (11.0.16) - Deutsch.
16-05-2016 13:07:48 JRT Pre-Junkware Removal
16-05-2016 13:10:52 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/16/2016 02:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 01:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 12:38:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 10:41:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 08:21:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 08:21:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 08:21:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/16/2016 08:21:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/15/2016 11:59:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/15/2016 11:59:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (05/16/2016 11:04:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/16/2016 11:02:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/16/2016 10:37:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/16/2016 10:35:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/16/2016 10:35:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (05/16/2016 10:27:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\***\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (05/16/2016 10:27:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\***\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/16/2016 10:27:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3957.86 MB
Verfügbarer physikalischer RAM: 2131.83 MB
Summe virtueller Speicher: 7913.9 MB
Verfügbarer virtueller Speicher: 6003.91 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:452.56 GB) (Free:318.56 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (RECOVERY) (Fixed) (Total:12.91 GB) (Free:2.12 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (WIN_ME) (Fixed) (Total:9.35 GB) (Free:2.79 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CB0F1A13)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 9.4 GB) (Disk ID: 9163607E)
Partition 1: (Active) - (Size=9.4 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
16.05.2016, 14:04
| #4 |
| | Win ME - AV-Programm meldet Trojaner auf externer FP FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016 durchgeführt von *** (Administrator) auf HP (16-05-2016 14:21:52) Gestartet von C:\Users\***\Desktop Geladene Profile: *** (Verfügbare Profile: ***) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated) HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2009-10-13] (Realtek Semiconductor Corp.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation) HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-07] (Easybits) HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [225280 2011-07-18] (MyHeritage) HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.) HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [RfxSrvTray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company) HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [1und1Agent] => C:\Program Files (x86)\Internetradio Player\ps_agent.exe [98304 2009-05-13] (phonostar) HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [] => [X] HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia) HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {8935c541-cfda-11e1-9719-c80aa95dbcad} - G:\AutoRun.exe HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {8935c55c-cfda-11e1-9719-c80aa95dbcad} - G:\AutoRun.exe HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {948e3ef8-ca84-11e2-bb00-c80aa95dbcad} - G:\AutoRun.exe HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\...\MountPoints2: {b56bd0c6-d25f-11e2-8ae8-c80aa95dbcad} - G:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-12-01] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe () Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Easy2Sync für Outlook.lnk [2015-05-20] ShortcutTarget: Easy2Sync für Outlook.lnk -> C:\Program Files (x86)\Easy2Sync für Outlook\E2S4Outlook64Bit.exe (Keine Datei) Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-07-09] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{01E50E22-2BA6-4EDE-877A-50F5A334DF24}: [DhcpNameServer] 198.18.0.1 198.18.0.2 Tcpip\..\Interfaces\{7F95DCEE-D149-42A9-9E13-FC7C90DD770C}: [NameServer] 139.7.30.125 139.7.30.126 Tcpip\..\Interfaces\{A4F53183-18BE-4CA2-A21B-D115A4CB03C9}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{CC0C0B6F-555E-4180-B3DB-4811229516B5}: [NameServer] 139.7.30.125 139.7.30.126 Tcpip\..\Interfaces\{F07BB68B-F2F0-4C35-929E-CD2F9183D997}: [NameServer] 139.7.30.125 139.7.30.126 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3147491749-1704817828-3195401907-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= URLSearchHook: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 - (Kein Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - Keine Datei SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3147491749-1704817828-3195401907-1000 -> {9D2F0A99-70A6-40C0-9427-7257B33A6943} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-05] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-05] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-05] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-14] (RealPlayer) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-05] (Microsoft Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-05] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-05] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM-x32 - Perfect PDF 5 - {9DE41FB9-ACA7-4847-982B-D984042588FC} - C:\Program Files (x86)\soft Xpansion\Perfect PDF 5\PDF4ie.dll [2009-10-16] (soft Xpansion) DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-02] (Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\6xjs6gaw.default-1463129004491 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-06-02] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-12-14] (Citrix Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-06-02] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-05] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-02] (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-05-14] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-04] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-05-14] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-05-14] (RealPlayer) FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-01-29] [ist nicht signiert] FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-01-29] [ist nicht signiert] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-29] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-07-13] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 FF Extension: Kein Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-04-24] [ist nicht signiert] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - Chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation) R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [224256 2011-02-04] () [Datei ist nicht signiert] R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert] R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Datei ist nicht signiert] R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [Datei ist nicht signiert] R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe [160768 2009-07-13] (soft Xpansion) [Datei ist nicht signiert] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [58952 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert] R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-03-16] () [Datei ist nicht signiert] R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert] R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2013-03-16] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert] S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2012-07-17] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-16] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-05-16] (Sony Ericsson Mobile Communications) S3 CpqDfw; system32\drivers\CpqDfw.sys [X] U3 DfSdkS; kein ImagePath U4 eabfiltr; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-16 14:21 - 2016-05-16 14:22 - 00027665 _____ C:\Users\***\Desktop\FRST.txt 2016-05-16 14:21 - 2016-05-16 14:21 - 00000000 ____D C:\FRST 2016-05-16 14:20 - 2016-05-16 14:20 - 02382336 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe 2016-05-16 13:09 - 2016-05-16 13:12 - 00000554 _____ C:\Users\***\Desktop\JRT.txt 2016-05-16 13:05 - 2016-05-16 13:05 - 01610816 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe 2016-05-16 11:01 - 2016-05-16 11:01 - 00000022 _____ C:\Windows\S.dirmngr 2016-05-16 10:42 - 2016-05-16 13:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-16 10:42 - 2016-05-16 10:42 - 00001066 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-16 10:42 - 2016-05-16 10:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-16 10:42 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-16 10:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-16 10:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-05-16 10:40 - 2016-05-16 10:40 - 22851472 _____ (Malwarebytes ) C:\Users\***\Downloads\mbam-setup-2.2.1.1043.exe 2016-05-16 08:19 - 2016-05-16 11:01 - 00003194 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3147491749-1704817828-3195401907-1000 2016-05-16 08:18 - 2016-05-16 11:01 - 00003328 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3147491749-1704817828-3195401907-1000 2016-05-16 00:01 - 2016-05-16 00:01 - 03651136 _____ C:\Users\***\Downloads\adwcleaner_5.117.exe 2016-05-15 16:37 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-15 16:37 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-15 16:37 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-15 16:37 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-05-15 16:37 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-05-15 16:37 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-05-15 16:37 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-15 16:37 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-15 16:37 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-05-15 16:37 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-05-15 16:37 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-05-15 16:37 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-05-15 16:37 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-05-15 16:37 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-05-15 16:37 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-15 16:37 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-05-15 16:37 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-05-15 16:37 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-05-15 16:37 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-15 16:37 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-05-15 16:37 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-05-15 16:37 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-05-15 16:37 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-05-15 16:37 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-05-15 16:37 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-05-15 16:37 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-05-15 16:37 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-05-15 16:37 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-05-15 16:37 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-15 16:37 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-15 16:37 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-15 16:37 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-05-15 16:37 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-05-15 16:37 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-15 16:37 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-05-15 16:37 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-05-15 16:37 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-05-15 16:37 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-15 16:37 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-15 16:37 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-15 16:37 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-05-15 16:37 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-05-15 16:37 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-15 16:37 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-05-15 16:37 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-15 16:37 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-05-15 16:37 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-05-15 16:37 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-15 16:37 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-05-15 16:37 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-05-15 16:37 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-05-15 16:37 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-05-15 16:37 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-05-15 16:37 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-05-15 16:37 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-15 16:37 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-05-15 16:37 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-15 16:37 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-15 16:37 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-15 16:37 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-15 16:37 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-05-15 16:37 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-15 16:37 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-15 16:37 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-15 16:37 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-15 16:37 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-15 16:37 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-15 16:37 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-15 16:37 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-15 16:37 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-05-15 16:37 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-05-15 16:37 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-15 16:37 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-05-15 16:37 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-15 16:37 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-05-15 16:37 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-15 16:37 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-05-15 16:37 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-05-15 16:36 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-05-15 16:36 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-15 16:36 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-05-15 16:36 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-05-15 16:36 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-05-15 16:36 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-05-15 16:36 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-05-15 16:36 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-05-15 16:36 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-05-15 16:36 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-05-15 16:36 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-05-15 16:36 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-05-15 16:36 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-05-15 16:36 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-05-15 16:36 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-15 16:36 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-15 16:36 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-15 16:36 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-05-15 16:36 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-05-15 16:36 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-05-15 16:36 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-05-15 16:36 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-05-15 16:36 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-05-15 16:36 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-05-15 16:36 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-05-15 16:36 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-05-15 16:36 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-05-15 16:35 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-15 16:35 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-15 16:17 - 2016-05-15 16:17 - 19942080 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2016-05-15 15:03 - 2016-05-16 12:38 - 00000000 ____D C:\AdwCleaner 2016-05-15 14:40 - 2016-05-15 14:40 - 02870984 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe 2016-05-13 13:07 - 2016-05-13 13:07 - 09794170 _____ C:\Users\***\Downloads\word_password_recovery_trial.exe 2016-05-13 12:47 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-05-13 12:47 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-05-13 12:47 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-05-13 12:47 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-05-13 12:47 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-05-13 12:47 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-05-13 12:47 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-05-13 12:47 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-05-13 12:47 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2016-05-13 12:47 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-05-13 12:45 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-05-13 12:45 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-05-13 12:45 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-05-13 12:45 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-05-13 12:45 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-05-13 12:45 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-05-13 12:45 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-05-13 12:45 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-05-13 12:45 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-05-13 12:45 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-05-13 12:45 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-05-13 12:45 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll 2016-05-13 12:45 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2016-05-13 12:45 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll 2016-05-13 12:45 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-05-13 12:45 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-05-13 10:43 - 2016-05-13 10:43 - 00000000 ____D C:\Users\***\Desktop\Alte Firefox-Daten 2016-05-05 19:18 - 2016-05-05 19:18 - 00000000 ___HT C:\Windows\wusa.lock 2016-05-05 19:18 - 2016-05-05 19:18 - 00000000 ____D C:\cb99f3c23440f7dbdcea1c9b ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-16 14:17 - 2012-05-19 10:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-16 13:39 - 2012-01-30 20:18 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-16 13:21 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-16 13:21 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-16 12:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-05-16 11:39 - 2015-09-19 12:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-16 11:35 - 2010-01-24 00:31 - 00519626 _____ C:\Windows\system32\perfh007.dat 2016-05-16 11:35 - 2010-01-24 00:31 - 00153336 _____ C:\Windows\system32\perfc007.dat 2016-05-16 11:35 - 2009-07-14 07:13 - 01453264 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-16 11:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-05-16 11:02 - 2010-05-15 20:31 - 00000183 _____ C:\ProgramData\HPWALog.txt 2016-05-16 11:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-16 10:37 - 2014-12-06 19:17 - 00000000 ____D C:\ProgramData\Avira 2016-05-16 10:37 - 2014-03-14 18:40 - 00000000 ____D C:\ProgramData\Package Cache 2016-05-16 10:32 - 2014-12-06 19:18 - 00000000 ____D C:\Users\***\AppData\Roaming\Avira 2016-05-16 10:31 - 2012-01-31 14:30 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-16 10:31 - 2010-01-23 17:16 - 00000000 ____D C:\ProgramData\Adobe 2016-05-16 08:15 - 2013-11-18 07:48 - 00502048 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-16 08:13 - 2015-04-18 17:55 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-05-16 08:13 - 2015-04-18 17:55 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-16 08:13 - 2014-12-21 14:32 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-16 00:22 - 2013-08-15 20:09 - 00000000 ____D C:\Windows\system32\MRT 2016-05-16 00:06 - 2010-05-16 10:00 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-15 16:17 - 2012-05-19 10:39 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-15 16:17 - 2012-05-19 10:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-05-15 16:17 - 2012-01-31 14:37 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-13 13:20 - 2010-05-17 18:36 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2016-05-13 12:17 - 2014-12-25 18:35 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieBrowserModeList 2016-05-13 12:17 - 2014-07-10 11:37 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieUserList 2016-05-13 12:17 - 2014-05-08 17:25 - 00000000 __SHD C:\Users\***\AppData\LocalLow\EmieSiteList 2016-05-13 11:34 - 2015-09-19 12:17 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-13 11:34 - 2012-01-30 20:18 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-05 19:18 - 2013-12-27 18:23 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-05-05 19:12 - 2010-01-23 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-05-05 18:59 - 2015-09-26 13:37 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-21 15:05 - 2010-05-15 20:51 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-09-02 11:44 - 2011-05-03 10:18 - 0003709 _____ () C:\Program Files (x86)\001MarkSchl.ini 2011-09-02 11:44 - 2011-07-08 15:41 - 4234064 _____ () C:\Program Files (x86)\BKRKstPlan.exe 2011-09-02 11:43 - 2008-04-07 13:59 - 0727552 _____ (EC Software) C:\Program Files (x86)\HHReg.exe 2011-09-02 11:44 - 2011-09-02 11:44 - 0014587 _____ () C:\Program Files (x86)\InstClient.LOG 2011-09-02 11:43 - 2010-09-09 17:26 - 0021504 _____ () C:\Program Files (x86)\rbDADE.deu 2011-09-02 11:43 - 2010-09-09 17:26 - 0048128 _____ () C:\Program Files (x86)\rbIDE.deu 2011-09-02 11:43 - 2010-09-09 17:26 - 0024064 _____ () C:\Program Files (x86)\rbPrint.deu 2011-09-02 11:43 - 2010-09-09 17:26 - 0017920 _____ () C:\Program Files (x86)\rbRAP.deu 2011-09-02 11:42 - 2011-08-26 10:15 - 0000007 _____ () C:\Program Files (x86)\Release.txt 2011-09-02 11:43 - 2010-05-18 12:57 - 0200704 _____ (DATEV eG Nürnberg) C:\Program Files (x86)\Self32.dll 2011-09-02 11:43 - 2010-05-18 12:57 - 0013778 _____ () C:\Program Files (x86)\Self32.ini 2011-09-02 11:44 - 2010-05-18 12:57 - 0020864 _____ () C:\Program Files (x86)\Self32.tlb 2011-09-02 11:44 - 2010-12-09 18:49 - 3625824 _____ () C:\Program Files (x86)\TeamViewerQS_de.exe 2012-05-03 20:19 - 2012-05-04 08:21 - 0000084 _____ () C:\Users\***\AppData\Roaming\DAXACHRT.INI 2014-05-03 20:26 - 2014-05-03 20:26 - 0000000 _____ () C:\Users\***\AppData\Roaming\gdfw.log 2014-05-03 20:26 - 2014-05-03 20:26 - 0000779 _____ () C:\Users\***\AppData\Roaming\gdscan.log 2011-01-09 10:53 - 2011-06-07 19:57 - 0001854 _____ () C:\Users\***\AppData\Roaming\GhostObjGAFix.xml 2002-07-01 16:13 - 2002-07-01 16:13 - 0000228 ___SH () C:\Users\***\AppData\Roaming\hjuytr.dat 2010-06-02 12:50 - 2010-06-02 12:51 - 0024209 _____ () C:\Users\***\AppData\Roaming\UserTile.png 2011-11-02 20:19 - 2012-04-22 17:20 - 0000424 _____ () C:\Users\***\AppData\Roaming\wklnhst.dat 2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\AtStart.txt 2011-07-21 12:35 - 2011-12-04 13:12 - 0001188 _____ () C:\Users\***\AppData\Local\crc32list11.txt 2010-05-30 12:39 - 2012-01-24 14:08 - 0027136 _____ () C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\DSwitch.txt 2011-09-01 10:27 - 2011-09-01 10:27 - 0004096 ____H () C:\Users\***\AppData\Local\keyfile3.drm 2010-05-15 20:31 - 2010-05-15 20:31 - 0000000 _____ () C:\Users\***\AppData\Local\QSwitch.txt 2012-04-21 11:22 - 2012-04-21 11:22 - 0007605 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg 2012-05-08 11:44 - 2012-05-08 11:44 - 0017408 _____ () C:\Users\***\AppData\Local\WebpageIcons.db 2012-01-20 14:13 - 2012-01-20 14:13 - 0001188 _____ () C:\ProgramData\crc32list11.txt 2010-05-15 20:31 - 2016-05-16 11:02 - 0000183 _____ () C:\ProgramData\HPWALog.txt 2010-02-11 02:28 - 2010-02-11 02:28 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2010-01-23 17:41 - 2010-01-23 17:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-02-11 02:27 - 2010-02-11 02:27 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2010-01-23 17:38 - 2010-01-23 17:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-02-11 02:27 - 2010-02-11 02:27 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2010-02-11 02:28 - 2010-02-11 02:28 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2010-01-23 17:37 - 2010-01-23 17:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-01-23 17:38 - 2010-01-23 17:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2010-02-11 02:28 - 2010-02-11 02:28 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Einige Dateien in TEMP: ==================== C:\Users\***\AppData\Local\Temp\avgnt.exe C:\Users\***\AppData\Local\Temp\NOSEventMessages.dll Einige mit null Byte Größe Dateien/Ordner: ========================== C:\Windows\SysWOW64\OnLineIDCpl.dll C:\Windows\System32\BDSandBoxUISkin32.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-16 12:14 ==================== Ende von FRST.txt ============================ TDSS folgt. Geändert von ratte98 (16.05.2016 um 14:12 Uhr) |
|
16.05.2016, 14:15
| #5 |
| | Win ME - AV-Programm meldet Trojaner auf externer FP TDSS: Code:
ATTFilter 14:44:56.0298 0x0ff0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:45:03.0927 0x0ff0 ============================================================
14:45:03.0927 0x0ff0 Current date / time: 2016/05/16 14:45:03.0927
14:45:03.0927 0x0ff0 SystemInfo:
14:45:03.0927 0x0ff0
14:45:03.0927 0x0ff0 OS Version: 6.1.7601 ServicePack: 1.0
14:45:03.0927 0x0ff0 Product type: Workstation
14:45:03.0927 0x0ff0 ComputerName: HP
14:45:03.0927 0x0ff0 UserName: ***
14:45:03.0927 0x0ff0 Windows directory: C:\Windows
14:45:03.0927 0x0ff0 System windows directory: C:\Windows
14:45:03.0927 0x0ff0 Running under WOW64
14:45:03.0927 0x0ff0 Processor architecture: Intel x64
14:45:03.0927 0x0ff0 Number of processors: 4
14:45:03.0927 0x0ff0 Page size: 0x1000
14:45:03.0927 0x0ff0 Boot type: Normal boot
14:45:03.0942 0x0ff0 ============================================================
14:45:04.0332 0x0ff0 KLMD registered as C:\Windows\system32\drivers\92311409.sys
14:45:04.0722 0x0ff0 System UUID: {292BA9A1-77FC-8F6E-1D95-BD831EA83914}
14:45:05.0612 0x0ff0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:45:05.0627 0x0ff0 Drive \Device\Harddisk1\DR2 - Size: 0x257646000 ( 9.37 Gb ), SectorSize: 0x200, Cylinders: 0x4C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:45:06.0017 0x0ff0 ============================================================
14:45:06.0017 0x0ff0 \Device\Harddisk0\DR0:
14:45:06.0017 0x0ff0 MBR partitions:
14:45:06.0017 0x0ff0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:45:06.0017 0x0ff0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3891C800
14:45:06.0017 0x0ff0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38980800, BlocksNum 0x19D1800
14:45:06.0017 0x0ff0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
14:45:06.0017 0x0ff0 \Device\Harddisk1\DR2:
14:45:06.0017 0x0ff0 MBR partitions:
14:45:06.0017 0x0ff0 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x12B8D07
14:45:06.0017 0x0ff0 ============================================================
14:45:06.0048 0x0ff0 C: <-> \Device\Harddisk0\DR0\Partition2
14:45:06.0095 0x0ff0 D: <-> \Device\Harddisk0\DR0\Partition3
14:45:06.0095 0x0ff0 E: <-> \Device\Harddisk0\DR0\Partition4
14:45:06.0111 0x0ff0 G: <-> \Device\Harddisk1\DR2\Partition1
14:45:06.0111 0x0ff0 ============================================================
14:45:06.0111 0x0ff0 Initialize success
14:45:06.0111 0x0ff0 ============================================================
14:47:19.0382 0x10f8 ============================================================
14:47:19.0382 0x10f8 Scan started
14:47:19.0382 0x10f8 Mode: Manual; SigCheck; TDLFS;
14:47:19.0382 0x10f8 ============================================================
14:47:19.0382 0x10f8 KSN ping started
14:47:32.0923 0x10f8 KSN ping finished: true
14:47:33.0968 0x10f8 ================ Scan system memory ========================
14:47:33.0968 0x10f8 System memory - ok
14:47:33.0968 0x10f8 ================ Scan services =============================
14:47:34.0108 0x10f8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:47:34.0202 0x10f8 1394ohci - ok
14:47:34.0280 0x10f8 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:47:34.0327 0x10f8 ACDaemon - ok
14:47:34.0358 0x10f8 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:47:34.0389 0x10f8 acedrv11 - ok
14:47:34.0405 0x10f8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:47:34.0436 0x10f8 ACPI - ok
14:47:34.0452 0x10f8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:47:34.0483 0x10f8 AcpiPmi - ok
14:47:34.0654 0x10f8 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:47:34.0686 0x10f8 AdobeFlashPlayerUpdateSvc - ok
14:47:34.0717 0x10f8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:47:34.0748 0x10f8 adp94xx - ok
14:47:34.0795 0x10f8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:47:34.0810 0x10f8 adpahci - ok
14:47:34.0873 0x10f8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:47:34.0888 0x10f8 adpu320 - ok
14:47:34.0935 0x10f8 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:47:34.0951 0x10f8 AeLookupSvc - ok
14:47:34.0982 0x10f8 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:47:34.0998 0x10f8 AERTFilters - ok
14:47:35.0029 0x10f8 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
14:47:35.0044 0x10f8 Afc - ok
14:47:35.0076 0x10f8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:47:35.0122 0x10f8 AFD - ok
14:47:35.0169 0x10f8 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:47:35.0216 0x10f8 AgereSoftModem - ok
14:47:35.0232 0x10f8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:47:35.0247 0x10f8 agp440 - ok
14:47:35.0278 0x10f8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:47:35.0294 0x10f8 ALG - ok
14:47:35.0310 0x10f8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:47:35.0310 0x10f8 aliide - ok
14:47:35.0341 0x10f8 [ 1D317EA326423FF7630CF1DA3BD46A1C, 1C1D07927106F2D48820AD6E34F0A8137C12FF43C925F89320C3D82C9C786B21 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:47:35.0372 0x10f8 AMD External Events Utility - ok
14:47:35.0388 0x10f8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:47:35.0403 0x10f8 amdide - ok
14:47:35.0419 0x10f8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:47:35.0434 0x10f8 AmdK8 - ok
14:47:35.0450 0x10f8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:47:35.0466 0x10f8 AmdPPM - ok
14:47:35.0481 0x10f8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:47:35.0497 0x10f8 amdsata - ok
14:47:35.0512 0x10f8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:47:35.0528 0x10f8 amdsbs - ok
14:47:35.0528 0x10f8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:47:35.0544 0x10f8 amdxata - ok
14:47:35.0575 0x10f8 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
14:47:35.0575 0x10f8 AppID - ok
14:47:35.0637 0x10f8 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:47:35.0653 0x10f8 AppIDSvc - ok
14:47:35.0684 0x10f8 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
14:47:35.0700 0x10f8 Appinfo - ok
14:47:35.0715 0x10f8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:47:35.0715 0x10f8 arc - ok
14:47:35.0731 0x10f8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:47:35.0746 0x10f8 arcsas - ok
14:47:35.0824 0x10f8 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:47:35.0871 0x10f8 aspnet_state - ok
14:47:35.0887 0x10f8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:47:35.0934 0x10f8 AsyncMac - ok
14:47:35.0949 0x10f8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:47:35.0965 0x10f8 atapi - ok
14:47:36.0074 0x10f8 [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:47:36.0168 0x10f8 athr - ok
14:47:36.0199 0x10f8 [ D481083348138B4933ACFE95812DB71C, 62B8B1C844FCF6CF3FC8987A3B0963FEB1DFD28D9F977BDFD04DA7F358CBF0F6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:47:36.0214 0x10f8 AtiHdmiService - ok
14:47:36.0448 0x10f8 [ 19B5C61CB09BFF2BD69E063EE54B56C3, EDA5897A58115ACCBB880EBAE1034E45AA0F2038A98C21E3A3CF1662C360408B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:47:36.0651 0x10f8 atikmdag - ok
14:47:36.0729 0x10f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:47:36.0760 0x10f8 AudioEndpointBuilder - ok
14:47:36.0792 0x10f8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:47:36.0823 0x10f8 AudioSrv - ok
14:47:36.0854 0x10f8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:47:36.0885 0x10f8 AxInstSV - ok
14:47:36.0916 0x10f8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:47:36.0948 0x10f8 b06bdrv - ok
14:47:36.0979 0x10f8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:47:36.0994 0x10f8 b57nd60a - ok
14:47:37.0026 0x10f8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:47:37.0041 0x10f8 BDESVC - ok
14:47:37.0041 0x10f8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:47:37.0088 0x10f8 Beep - ok
14:47:37.0135 0x10f8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:47:37.0166 0x10f8 BFE - ok
14:47:37.0228 0x10f8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:47:37.0322 0x10f8 BITS - ok
14:47:37.0353 0x10f8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:47:37.0353 0x10f8 blbdrive - ok
14:47:37.0369 0x10f8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:47:37.0384 0x10f8 bowser - ok
14:47:37.0416 0x10f8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:47:37.0431 0x10f8 BrFiltLo - ok
14:47:37.0431 0x10f8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:47:37.0447 0x10f8 BrFiltUp - ok
14:47:37.0478 0x10f8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:47:37.0494 0x10f8 Browser - ok
14:47:37.0525 0x10f8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:47:37.0540 0x10f8 Brserid - ok
14:47:37.0572 0x10f8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:47:37.0587 0x10f8 BrSerWdm - ok
14:47:37.0603 0x10f8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:47:37.0618 0x10f8 BrUsbMdm - ok
14:47:37.0634 0x10f8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:47:37.0634 0x10f8 BrUsbSer - ok
14:47:37.0665 0x10f8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:47:37.0681 0x10f8 BTHMODEM - ok
14:47:37.0696 0x10f8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:47:37.0743 0x10f8 bthserv - ok
14:47:37.0774 0x10f8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:47:37.0821 0x10f8 cdfs - ok
14:47:37.0852 0x10f8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:47:37.0868 0x10f8 cdrom - ok
14:47:37.0884 0x10f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:47:37.0930 0x10f8 CertPropSvc - ok
14:47:37.0946 0x10f8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:47:37.0962 0x10f8 circlass - ok
14:47:37.0993 0x10f8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:47:38.0008 0x10f8 CLFS - ok
14:47:38.0289 0x10f8 [ A4797D56322F64F5A9823363A7644C4D, 673BD9E509B934BA22E056221A0D0E7CBBB5DCA4ECC6947BDD1E05EDA8B432EC ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
14:47:38.0383 0x10f8 ClickToRunSvc - ok
14:47:38.0445 0x10f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:47:38.0461 0x10f8 clr_optimization_v2.0.50727_32 - ok
14:47:38.0476 0x1438 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
14:47:38.0492 0x10f8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:47:38.0508 0x10f8 clr_optimization_v2.0.50727_64 - ok
14:47:38.0554 0x10f8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:47:38.0586 0x10f8 clr_optimization_v4.0.30319_32 - ok
14:47:38.0601 0x10f8 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:47:38.0617 0x10f8 clr_optimization_v4.0.30319_64 - ok
14:47:38.0648 0x10f8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:47:38.0648 0x10f8 CmBatt - ok
14:47:38.0679 0x10f8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:47:38.0679 0x10f8 cmdide - ok
14:47:38.0757 0x10f8 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
14:47:38.0804 0x10f8 CNG - ok
14:47:38.0898 0x10f8 [ C7A0E61D5714AC20DE52D4F66EC773B8, 53F0C91FD62E6787221EFB4BFDB087C2087CACD6B0C0605F58FC391F546EBA7A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:47:38.0913 0x10f8 Com4QLBEx - ok
14:47:38.0929 0x10f8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:47:38.0944 0x10f8 Compbatt - ok
14:47:38.0960 0x10f8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:47:38.0991 0x10f8 CompositeBus - ok
14:47:38.0991 0x10f8 COMSysApp - ok
14:47:39.0007 0x10f8 CpqDfw - ok
14:47:39.0022 0x10f8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:47:39.0038 0x10f8 crcdisk - ok
14:47:39.0085 0x10f8 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:47:39.0100 0x10f8 CryptSvc - ok
14:47:39.0147 0x10f8 [ C20E2A7A29F06A69C40E949255257B01, 309044604363E563A32086770AECCD99C6BF20925E4EB404604E88E5393F5F6B ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
14:47:39.0163 0x10f8 ctxusbm - ok
14:47:39.0241 0x10f8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
14:47:39.0272 0x10f8 DcomLaunch - ok
14:47:39.0303 0x10f8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:47:39.0366 0x10f8 defragsvc - ok
14:47:39.0397 0x10f8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:47:39.0444 0x10f8 DfsC - ok
14:47:39.0475 0x10f8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:47:39.0506 0x10f8 Dhcp - ok
14:47:39.0631 0x10f8 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:47:39.0709 0x10f8 DiagTrack - ok
14:47:39.0756 0x10f8 [ A329AD5743569ADE20B2AE419A86A3C2, AA7D50787506BAB486F94698311C852FD3B44B022A47E3A095570432533E87F4 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:47:39.0787 0x10f8 DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
14:47:41.0456 0x1438 Object send P2P result: true
14:47:42.0298 0x10f8 Detect skipped due to KSN trusted
14:47:42.0314 0x10f8 DirMngr - ok
14:47:42.0361 0x10f8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:47:42.0439 0x10f8 discache - ok
14:47:42.0454 0x10f8 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
14:47:42.0470 0x10f8 Disk - ok
14:47:42.0501 0x10f8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:47:42.0517 0x10f8 Dnscache - ok
14:47:42.0548 0x10f8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:47:42.0595 0x10f8 dot3svc - ok
14:47:42.0626 0x10f8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:47:42.0673 0x10f8 DPS - ok
14:47:42.0688 0x10f8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:47:42.0704 0x10f8 drmkaud - ok
14:47:42.0782 0x10f8 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:47:42.0860 0x10f8 DXGKrnl - ok
14:47:42.0891 0x10f8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:47:42.0938 0x10f8 EapHost - ok
14:47:43.0000 0x10f8 [ 5F697C5802709FF9A8CEA22D088E7806, 97809460FE6F6D7CEC3531227B78893D4F7076221A0262687FE460BF9F221F3F ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
14:47:43.0032 0x10f8 EaseUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:47:45.0528 0x10f8 Detect skipped due to KSN trusted
14:47:45.0528 0x10f8 EaseUS Agent - ok
14:47:45.0730 0x10f8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:47:45.0902 0x10f8 ebdrv - ok
14:47:45.0918 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\Windows\System32\lsass.exe
14:47:45.0949 0x10f8 EFS - ok
14:47:46.0027 0x10f8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:47:46.0089 0x10f8 ehRecvr - ok
14:47:46.0120 0x10f8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:47:46.0136 0x10f8 ehSched - ok
14:47:46.0198 0x10f8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:47:46.0230 0x10f8 elxstor - ok
14:47:46.0261 0x10f8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:47:46.0276 0x10f8 ErrDev - ok
14:47:46.0308 0x10f8 [ A0D10DF690BED80FA9726FBDA8FF4831, 37A7EDEBF2883D7E6D95DB41D81B751D929D015ABE4136107371FA50F0A5C05F ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
14:47:46.0308 0x10f8 EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
14:47:48.0804 0x10f8 Detect skipped due to KSN trusted
14:47:48.0804 0x10f8 EUBAKUP - ok
14:47:48.0835 0x10f8 [ BBEB9CF16B9FF7D7B4D31CCD922D8DB3, 7EF21E3A7123944B6B364098FA319262C0C550112C36FFD6A38D6ADACD032218 ] EUBKMON C:\Windows\system32\drivers\EUBKMON.sys
14:47:48.0850 0x10f8 EUBKMON - detected UnsignedFile.Multi.Generic ( 1 )
14:47:51.0346 0x10f8 Detect skipped due to KSN trusted
14:47:51.0346 0x10f8 EUBKMON - ok
14:47:51.0393 0x10f8 [ 9407CB35AB614D8FD06E965E012FE1D4, 93C2452B5F87A445E4C8EE47CBD072000798432DD108394D809169C9A67B87AE ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
14:47:51.0409 0x10f8 EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
14:47:53.0905 0x10f8 Detect skipped due to KSN trusted
14:47:53.0905 0x10f8 EUDSKACS - ok
14:47:53.0936 0x10f8 [ D6E1E51338F8C80AFF3B688AA1BBA879, F949433A959DFFFD942938EE9CAA97183752F9CFD5605097AF5FF00778EDBE4A ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
14:47:53.0952 0x10f8 EUFDDISK - detected UnsignedFile.Multi.Generic ( 1 )
14:47:56.0494 0x10f8 Detect skipped due to KSN trusted
14:47:56.0494 0x10f8 EUFDDISK - ok
14:47:56.0572 0x10f8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:47:56.0635 0x10f8 EventSystem - ok
14:47:56.0666 0x10f8 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:47:56.0697 0x10f8 ew_hwusbdev - ok
14:47:56.0713 0x10f8 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:47:56.0728 0x10f8 ew_usbenumfilter - ok
14:47:56.0760 0x10f8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:47:56.0822 0x10f8 exfat - ok
14:47:56.0822 0x10f8 ezSharedSvc - ok
14:47:56.0853 0x10f8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:47:56.0900 0x10f8 fastfat - ok
14:47:56.0947 0x10f8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:47:56.0994 0x10f8 Fax - ok
14:47:57.0009 0x10f8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:47:57.0025 0x10f8 fdc - ok
14:47:57.0040 0x10f8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:47:57.0072 0x10f8 fdPHost - ok
14:47:57.0087 0x10f8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:47:57.0134 0x10f8 FDResPub - ok
14:47:57.0134 0x10f8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:47:57.0150 0x10f8 FileInfo - ok
14:47:57.0165 0x10f8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:47:57.0196 0x10f8 Filetrace - ok
14:47:57.0228 0x10f8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:47:57.0243 0x10f8 flpydisk - ok
14:47:57.0259 0x10f8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:47:57.0274 0x10f8 FltMgr - ok
14:47:57.0337 0x10f8 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
14:47:57.0415 0x10f8 FontCache - ok
14:47:57.0462 0x10f8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:47:57.0477 0x10f8 FontCache3.0.0.0 - ok
14:47:57.0493 0x10f8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:47:57.0508 0x10f8 FsDepends - ok
14:47:57.0524 0x10f8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:47:57.0540 0x10f8 Fs_Rec - ok
14:47:57.0571 0x10f8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:47:57.0602 0x10f8 fvevol - ok
14:47:57.0618 0x10f8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:47:57.0633 0x10f8 gagp30kx - ok
14:47:57.0664 0x10f8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:47:57.0742 0x10f8 gpsvc - ok
14:47:57.0774 0x10f8 [ 3B56627C838CFB7314570A7FCBC83C04, 798A96665D71D99B8D1D8AF431016A4A205C0487CDD376B805C1DE8A1A160F0A ] Guard Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
14:47:57.0774 0x10f8 Guard Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:48:00.0332 0x10f8 Detect skipped due to KSN trusted
14:48:00.0332 0x10f8 Guard Agent - ok
14:48:00.0394 0x10f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:48:00.0426 0x10f8 gupdate - ok
14:48:00.0426 0x10f8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:48:00.0441 0x10f8 gupdatem - ok
14:48:00.0457 0x10f8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:48:00.0472 0x10f8 hcw85cir - ok
14:48:00.0504 0x10f8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:48:00.0550 0x10f8 HdAudAddService - ok
14:48:00.0566 0x10f8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:48:00.0597 0x10f8 HDAudBus - ok
14:48:00.0613 0x10f8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:48:00.0628 0x10f8 HECIx64 - ok
14:48:00.0644 0x10f8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:48:00.0660 0x10f8 HidBatt - ok
14:48:00.0722 0x10f8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:48:00.0738 0x10f8 HidBth - ok
14:48:00.0753 0x10f8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:48:00.0784 0x10f8 HidIr - ok
14:48:00.0784 0x10f8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:48:00.0831 0x10f8 hidserv - ok
14:48:00.0862 0x10f8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:48:00.0894 0x10f8 HidUsb - ok
14:48:00.0909 0x10f8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:48:01.0003 0x10f8 hkmsvc - ok
14:48:01.0034 0x10f8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:48:01.0050 0x10f8 HomeGroupListener - ok
14:48:01.0081 0x10f8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:48:01.0096 0x10f8 HomeGroupProvider - ok
14:48:01.0143 0x10f8 [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:48:01.0159 0x10f8 HP Support Assistant Service - ok
14:48:01.0190 0x10f8 [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:48:01.0206 0x10f8 HpqKbFiltr - ok
14:48:01.0268 0x10f8 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:48:01.0315 0x10f8 hpqwmiex - ok
14:48:01.0346 0x10f8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:48:01.0362 0x10f8 HpSAMD - ok
14:48:01.0408 0x10f8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:48:01.0471 0x10f8 HTTP - ok
14:48:01.0502 0x10f8 [ 4DBBFCE863FE1B64C770EB53A3BA5860, DA77FB5D865779834CDCEE74200B9346FA3A4D0465F7A49C877ED6F786232CEF ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:48:01.0518 0x10f8 huawei_cdcacm - ok
14:48:01.0533 0x10f8 [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:48:01.0549 0x10f8 huawei_enumerator - ok
14:48:01.0564 0x10f8 [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:48:01.0596 0x10f8 huawei_ext_ctrl - ok
14:48:01.0611 0x10f8 [ 962032D69A8CA503F030F311CF4487B7, 1E4009A0CA6F73D02171D14FDCC875E5AD36C6CE50F1F1B1642741A0914703EB ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
14:48:01.0642 0x10f8 huawei_wwanecm - ok
14:48:01.0705 0x10f8 [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
14:48:01.0752 0x10f8 HWDeviceService64.exe - ok
14:48:01.0783 0x10f8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:48:01.0783 0x10f8 hwpolicy - ok
14:48:01.0830 0x10f8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:48:01.0845 0x10f8 i8042prt - ok
14:48:01.0876 0x10f8 [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:48:01.0908 0x10f8 iaStor - ok
14:48:01.0954 0x10f8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:48:01.0986 0x10f8 iaStorV - ok
14:48:02.0079 0x10f8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:48:02.0220 0x10f8 idsvc - ok
14:48:02.0235 0x10f8 IEEtwCollectorService - ok
14:48:02.0485 0x10f8 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:48:02.0781 0x10f8 igfx - ok
14:48:02.0797 0x10f8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:48:02.0812 0x10f8 iirsp - ok
14:48:02.0859 0x10f8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:48:02.0922 0x10f8 IKEEXT - ok
14:48:03.0000 0x10f8 [ 181E4FF75674A7105ECD0A02C35EF43A, 4316523F23C591B9314DC087256D44F96D2C3543D6F84F3D662C466D744FA86A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:48:03.0109 0x10f8 IntcAzAudAddService - ok
14:48:03.0124 0x10f8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:48:03.0140 0x10f8 intelide - ok
14:48:03.0156 0x10f8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:48:03.0171 0x10f8 intelppm - ok
14:48:03.0202 0x10f8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:48:03.0249 0x10f8 IPBusEnum - ok
14:48:03.0280 0x10f8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:48:03.0312 0x10f8 IpFilterDriver - ok
14:48:03.0358 0x10f8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:48:03.0405 0x10f8 iphlpsvc - ok
14:48:03.0436 0x10f8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:48:03.0452 0x10f8 IPMIDRV - ok
14:48:03.0483 0x10f8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:48:03.0530 0x10f8 IPNAT - ok
14:48:03.0546 0x10f8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:48:03.0561 0x10f8 IRENUM - ok
14:48:03.0577 0x10f8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:48:03.0577 0x10f8 isapnp - ok
14:48:03.0608 0x10f8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:48:03.0639 0x10f8 iScsiPrt - ok
14:48:03.0655 0x10f8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:48:03.0655 0x10f8 kbdclass - ok
14:48:03.0670 0x10f8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:48:03.0686 0x10f8 kbdhid - ok
14:48:03.0702 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\Windows\system32\lsass.exe
14:48:03.0717 0x10f8 KeyIso - ok
14:48:03.0733 0x10f8 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:48:03.0748 0x10f8 KSecDD - ok
14:48:03.0764 0x10f8 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:48:03.0780 0x10f8 KSecPkg - ok
14:48:03.0811 0x10f8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:48:03.0842 0x10f8 ksthunk - ok
14:48:03.0889 0x10f8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:48:03.0951 0x10f8 KtmRm - ok
14:48:03.0982 0x10f8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:48:04.0045 0x10f8 LanmanServer - ok
14:48:04.0060 0x10f8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:48:04.0107 0x10f8 LanmanWorkstation - ok
14:48:04.0170 0x10f8 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:48:04.0170 0x10f8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
14:48:06.0697 0x10f8 Detect skipped due to KSN trusted
14:48:06.0697 0x10f8 LightScribeService - ok
14:48:06.0759 0x10f8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:48:06.0822 0x10f8 lltdio - ok
14:48:06.0853 0x10f8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:48:06.0978 0x10f8 lltdsvc - ok
14:48:06.0993 0x10f8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:48:07.0040 0x10f8 lmhosts - ok
14:48:07.0102 0x10f8 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:48:07.0149 0x10f8 LMS - ok
14:48:07.0180 0x10f8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:48:07.0196 0x10f8 LSI_FC - ok
14:48:07.0212 0x10f8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:48:07.0227 0x10f8 LSI_SAS - ok
14:48:07.0227 0x10f8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:48:07.0243 0x10f8 LSI_SAS2 - ok
14:48:07.0258 0x10f8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:48:07.0274 0x10f8 LSI_SCSI - ok
14:48:07.0290 0x10f8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:48:07.0336 0x10f8 luafv - ok
14:48:07.0368 0x10f8 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:48:07.0368 0x10f8 MBAMProtector - ok
14:48:07.0492 0x10f8 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:48:07.0570 0x10f8 MBAMScheduler - ok
14:48:07.0633 0x10f8 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
14:48:07.0680 0x10f8 MBAMService - ok
14:48:07.0726 0x10f8 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:48:07.0742 0x10f8 MBAMSwissArmy - ok
14:48:07.0758 0x10f8 [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:48:07.0773 0x10f8 MBAMWebAccessControl - ok
14:48:07.0804 0x10f8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:48:07.0820 0x10f8 Mcx2Svc - ok
14:48:07.0820 0x10f8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:48:07.0836 0x10f8 megasas - ok
14:48:07.0867 0x10f8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:48:07.0882 0x10f8 MegaSR - ok
14:48:07.0914 0x10f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:48:07.0960 0x10f8 MMCSS - ok
14:48:07.0976 0x10f8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:48:08.0023 0x10f8 Modem - ok
14:48:08.0038 0x10f8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:48:08.0054 0x10f8 monitor - ok
14:48:08.0070 0x10f8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:48:08.0085 0x10f8 mouclass - ok
14:48:08.0101 0x10f8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:48:08.0101 0x10f8 mouhid - ok
14:48:08.0132 0x10f8 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:48:08.0148 0x10f8 mountmgr - ok
14:48:08.0194 0x10f8 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:48:08.0210 0x10f8 MozillaMaintenance - ok
14:48:08.0241 0x10f8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:48:08.0257 0x10f8 mpio - ok
14:48:08.0272 0x10f8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:48:08.0304 0x10f8 mpsdrv - ok
14:48:08.0366 0x10f8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:48:08.0444 0x10f8 MpsSvc - ok
14:48:08.0491 0x10f8 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:48:08.0538 0x10f8 MRxDAV - ok
14:48:08.0569 0x10f8 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:48:08.0600 0x10f8 mrxsmb - ok
14:48:08.0631 0x10f8 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:48:08.0678 0x10f8 mrxsmb10 - ok
14:48:08.0709 0x10f8 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:48:08.0725 0x10f8 mrxsmb20 - ok
14:48:08.0756 0x10f8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:48:08.0756 0x10f8 msahci - ok
14:48:08.0772 0x10f8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:48:08.0787 0x10f8 msdsm - ok
14:48:08.0803 0x10f8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:48:08.0834 0x10f8 MSDTC - ok
14:48:08.0850 0x10f8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:48:08.0896 0x10f8 Msfs - ok
14:48:08.0896 0x10f8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:48:08.0943 0x10f8 mshidkmdf - ok
14:48:08.0959 0x10f8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:48:08.0959 0x10f8 msisadrv - ok
14:48:08.0990 0x10f8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:48:09.0037 0x10f8 MSiSCSI - ok
14:48:09.0037 0x10f8 msiserver - ok
14:48:09.0052 0x10f8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:48:09.0099 0x10f8 MSKSSRV - ok
14:48:09.0115 0x10f8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:48:09.0146 0x10f8 MSPCLOCK - ok
14:48:09.0162 0x10f8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:48:09.0208 0x10f8 MSPQM - ok
14:48:09.0240 0x10f8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:48:09.0271 0x10f8 MsRPC - ok
14:48:09.0286 0x10f8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:48:09.0302 0x10f8 mssmbios - ok
14:48:09.0318 0x10f8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:48:09.0364 0x10f8 MSTEE - ok
14:48:09.0380 0x10f8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:48:09.0396 0x10f8 MTConfig - ok
14:48:09.0411 0x10f8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:48:09.0427 0x10f8 Mup - ok
14:48:09.0458 0x10f8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:48:09.0520 0x10f8 napagent - ok
14:48:09.0552 0x10f8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:48:09.0583 0x10f8 NativeWifiP - ok
14:48:09.0661 0x10f8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:48:09.0723 0x10f8 NDIS - ok
14:48:09.0754 0x10f8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:48:09.0786 0x10f8 NdisCap - ok
14:48:09.0801 0x10f8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:48:09.0848 0x10f8 NdisTapi - ok
14:48:09.0864 0x10f8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:48:09.0910 0x10f8 Ndisuio - ok
14:48:09.0926 0x10f8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:48:09.0973 0x10f8 NdisWan - ok
14:48:10.0004 0x10f8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:48:10.0035 0x10f8 NDProxy - ok
14:48:10.0051 0x10f8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:48:10.0098 0x10f8 NetBIOS - ok
14:48:10.0113 0x10f8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:48:10.0176 0x10f8 NetBT - ok
14:48:10.0191 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\Windows\system32\lsass.exe
14:48:10.0191 0x10f8 Netlogon - ok
14:48:10.0238 0x10f8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:48:10.0300 0x10f8 Netman - ok
14:48:10.0378 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0410 0x10f8 NetMsmqActivator - ok
14:48:10.0441 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0456 0x10f8 NetPipeActivator - ok
14:48:10.0472 0x10f8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:48:10.0550 0x10f8 netprofm - ok
14:48:10.0550 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0566 0x10f8 NetTcpActivator - ok
14:48:10.0581 0x10f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:48:10.0597 0x10f8 NetTcpPortSharing - ok
14:48:10.0815 0x10f8 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:48:11.0112 0x10f8 netw5v64 - ok
14:48:11.0143 0x10f8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:48:11.0158 0x10f8 nfrd960 - ok
14:48:11.0190 0x10f8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:48:11.0221 0x10f8 NlaSvc - ok
14:48:11.0236 0x10f8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:48:11.0283 0x10f8 Npfs - ok
14:48:11.0299 0x10f8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:48:11.0330 0x10f8 nsi - ok
14:48:11.0346 0x10f8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:48:11.0392 0x10f8 nsiproxy - ok
14:48:11.0502 0x10f8 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:48:11.0595 0x10f8 Ntfs - ok
14:48:11.0611 0x10f8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:48:11.0658 0x10f8 Null - ok
14:48:11.0673 0x10f8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:48:11.0689 0x10f8 nvraid - ok
14:48:11.0704 0x10f8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:48:11.0720 0x10f8 nvstor - ok
14:48:11.0751 0x10f8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:48:11.0767 0x10f8 nv_agp - ok
14:48:11.0782 0x10f8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:48:11.0798 0x10f8 ohci1394 - ok
14:48:11.0892 0x10f8 [ E72509DD11B2B4B8F9D629378D37571B, B5A803DF8685D6BFAD6B8AB9CC9F50055B5C50C84373AE5663A88CBB06F803CA ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:48:11.0938 0x10f8 ose - detected UnsignedFile.Multi.Generic ( 1 )
14:48:14.0559 0x10f8 ose ( UnsignedFile.Multi.Generic ) - warning
14:48:14.0559 0x10f8 Force sending object to P2P due to detect: ose
14:48:17.0071 0x10f8 Object send P2P result: true
14:48:19.0801 0x10f8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:48:19.0957 0x10f8 osppsvc - ok
14:48:20.0004 0x10f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:48:20.0050 0x10f8 p2pimsvc - ok
14:48:20.0097 0x10f8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:48:20.0128 0x10f8 p2psvc - ok
14:48:20.0144 0x10f8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:48:20.0160 0x10f8 Parport - ok
14:48:20.0191 0x10f8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:48:20.0206 0x10f8 partmgr - ok
14:48:20.0238 0x10f8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:48:20.0253 0x10f8 PcaSvc - ok
14:48:20.0284 0x10f8 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:48:20.0300 0x10f8 pccsmcfd - ok
14:48:20.0316 0x10f8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:48:20.0347 0x10f8 pci - ok
14:48:20.0362 0x10f8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:48:20.0378 0x10f8 pciide - ok
14:48:20.0394 0x10f8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:48:20.0409 0x10f8 pcmcia - ok
14:48:20.0440 0x10f8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:48:20.0440 0x10f8 pcw - ok
14:48:20.0487 0x10f8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:48:20.0534 0x10f8 PEAUTH - ok
14:48:20.0612 0x10f8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:48:20.0643 0x10f8 PerfHost - ok
14:48:20.0721 0x10f8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:48:20.0830 0x10f8 pla - ok
14:48:20.0862 0x10f8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:48:20.0908 0x10f8 PlugPlay - ok
14:48:20.0971 0x10f8 [ AE6C778717DE2F6B0C0B5335036D3363, AFFD0806CE14663FAEB64E6C8AC7D43FBC7A3160236DF49C54356E518F94032F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:48:21.0002 0x10f8 PMBDeviceInfoProvider - ok
14:48:21.0033 0x10f8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:48:21.0049 0x10f8 PNRPAutoReg - ok
14:48:21.0080 0x10f8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:48:21.0096 0x10f8 PNRPsvc - ok
14:48:21.0127 0x10f8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:48:21.0189 0x10f8 PolicyAgent - ok
14:48:21.0220 0x10f8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:48:21.0267 0x10f8 Power - ok
14:48:21.0298 0x10f8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:48:21.0345 0x10f8 PptpMiniport - ok
14:48:21.0361 0x10f8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:48:21.0376 0x10f8 Processor - ok
14:48:21.0408 0x10f8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:48:21.0439 0x10f8 ProfSvc - ok
14:48:21.0454 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:48:21.0470 0x10f8 ProtectedStorage - ok
14:48:21.0486 0x10f8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:48:21.0532 0x10f8 Psched - ok
14:48:21.0626 0x10f8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:48:21.0704 0x10f8 ql2300 - ok
14:48:21.0704 0x10f8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:48:21.0735 0x10f8 ql40xx - ok
14:48:21.0766 0x10f8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:48:21.0798 0x10f8 QWAVE - ok
14:48:21.0813 0x10f8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:48:21.0829 0x10f8 QWAVEdrv - ok
14:48:22.0016 0x10f8 [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
14:48:22.0219 0x10f8 Radio.fx - ok
14:48:22.0250 0x10f8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:48:22.0281 0x10f8 RasAcd - ok
14:48:22.0312 0x10f8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:48:22.0359 0x10f8 RasAgileVpn - ok
14:48:22.0375 0x10f8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:48:22.0422 0x10f8 RasAuto - ok
14:48:22.0437 0x10f8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:48:22.0484 0x10f8 Rasl2tp - ok
14:48:22.0531 0x10f8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:48:22.0609 0x10f8 RasMan - ok
14:48:22.0624 0x10f8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:48:22.0656 0x10f8 RasPppoe - ok
14:48:22.0671 0x10f8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:48:22.0718 0x10f8 RasSstp - ok
14:48:22.0749 0x10f8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:48:22.0812 0x10f8 rdbss - ok
14:48:22.0843 0x10f8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:48:22.0858 0x10f8 rdpbus - ok
14:48:22.0874 0x10f8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:48:22.0905 0x10f8 RDPCDD - ok
14:48:22.0921 0x10f8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:48:22.0968 0x10f8 RDPENCDD - ok
14:48:22.0983 0x10f8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:48:23.0014 0x10f8 RDPREFMP - ok
14:48:23.0046 0x10f8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:48:23.0092 0x10f8 RDPWD - ok
14:48:23.0108 0x10f8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:48:23.0139 0x10f8 rdyboost - ok
14:48:23.0170 0x10f8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:48:23.0217 0x10f8 RemoteAccess - ok
14:48:23.0248 0x10f8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:48:23.0295 0x10f8 RemoteRegistry - ok
14:48:23.0311 0x10f8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:48:23.0358 0x10f8 RpcEptMapper - ok
14:48:23.0358 0x10f8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:48:23.0373 0x10f8 RpcLocator - ok
14:48:23.0436 0x10f8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
14:48:23.0451 0x10f8 RpcSs - ok
14:48:23.0482 0x10f8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:48:23.0529 0x10f8 rspndr - ok
14:48:23.0545 0x10f8 [ 483DF0B58CA532E5240E59DC41F30AA2, 3A5AC91E5B57B671072A40F38DA1F804ECDE30FB4D9042FB3FE7B7CA10C0D0BC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:48:23.0576 0x10f8 RSUSBSTOR - ok
14:48:23.0607 0x10f8 [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
14:48:23.0623 0x10f8 RTL2832UBDA - ok
14:48:23.0638 0x10f8 [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
14:48:23.0638 0x10f8 RTL2832UUSB - ok
14:48:23.0670 0x10f8 [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
14:48:23.0670 0x10f8 RTL2832U_IRHID - ok
14:48:23.0701 0x10f8 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:48:23.0732 0x10f8 RTL8167 - ok
14:48:23.0748 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\Windows\system32\lsass.exe
14:48:23.0763 0x10f8 SamSs - ok
14:48:23.0794 0x10f8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:48:23.0810 0x10f8 sbp2port - ok
14:48:23.0826 0x10f8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:48:23.0872 0x10f8 SCardSvr - ok
14:48:23.0904 0x10f8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:48:23.0935 0x10f8 scfilter - ok
14:48:24.0013 0x10f8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:48:24.0091 0x10f8 Schedule - ok
14:48:24.0122 0x10f8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:48:24.0169 0x10f8 SCPolicySvc - ok
14:48:24.0184 0x10f8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:48:24.0200 0x10f8 sdbus - ok
14:48:24.0231 0x10f8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:48:24.0247 0x10f8 SDRSVC - ok
14:48:24.0262 0x10f8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:48:24.0294 0x10f8 secdrv - ok
14:48:24.0325 0x10f8 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
14:48:24.0340 0x10f8 seclogon - ok
14:48:24.0356 0x10f8 [ EDE7A1D2715AAC2190D51DC07AFD44E3, 992EDC724AC30AAAA9164805F801A73483AC36E8D355CD523B69C4E544EB55CB ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
14:48:24.0387 0x10f8 seehcri - ok
14:48:24.0418 0x10f8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:48:24.0465 0x10f8 SENS - ok
14:48:24.0465 0x10f8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:48:24.0481 0x10f8 SensrSvc - ok
14:48:24.0512 0x10f8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:48:24.0512 0x10f8 Serenum - ok
14:48:24.0543 0x10f8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:48:24.0559 0x10f8 Serial - ok
14:48:24.0559 0x10f8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:48:24.0574 0x10f8 sermouse - ok
14:48:24.0668 0x10f8 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:48:24.0715 0x10f8 ServiceLayer - ok
14:48:24.0746 0x10f8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:48:24.0793 0x10f8 SessionEnv - ok
14:48:24.0808 0x10f8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:48:24.0824 0x10f8 sffdisk - ok
14:48:24.0824 0x10f8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:48:24.0840 0x10f8 sffp_mmc - ok
14:48:24.0855 0x10f8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:48:24.0871 0x10f8 sffp_sd - ok
14:48:24.0886 0x10f8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:48:24.0902 0x10f8 sfloppy - ok
14:48:24.0949 0x10f8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:48:25.0011 0x10f8 SharedAccess - ok
14:48:25.0042 0x10f8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:48:25.0120 0x10f8 ShellHWDetection - ok
14:48:25.0136 0x10f8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:48:25.0152 0x10f8 SiSRaid2 - ok
14:48:25.0167 0x10f8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:48:25.0183 0x10f8 SiSRaid4 - ok
14:48:25.0198 0x10f8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:48:25.0245 0x10f8 Smb - ok
14:48:25.0276 0x10f8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:48:25.0292 0x10f8 SNMPTRAP - ok
14:48:25.0308 0x10f8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:48:25.0323 0x10f8 spldr - ok
14:48:25.0354 0x10f8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:48:25.0401 0x10f8 Spooler - ok
14:48:25.0557 0x10f8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:48:25.0760 0x10f8 sppsvc - ok
14:48:25.0776 0x10f8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:48:25.0822 0x10f8 sppuinotify - ok
14:48:25.0854 0x10f8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:48:25.0900 0x10f8 srv - ok
14:48:25.0916 0x10f8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:48:25.0947 0x10f8 srv2 - ok
14:48:25.0978 0x10f8 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:48:26.0010 0x10f8 SrvHsfHDA - ok
14:48:26.0072 0x10f8 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:48:26.0150 0x10f8 SrvHsfV92 - ok
14:48:26.0197 0x10f8 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:48:26.0244 0x10f8 SrvHsfWinac - ok
14:48:26.0259 0x10f8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:48:26.0275 0x10f8 srvnet - ok
14:48:26.0290 0x10f8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:48:26.0337 0x10f8 SSDPSRV - ok
14:48:26.0368 0x10f8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:48:26.0415 0x10f8 SstpSvc - ok
14:48:26.0431 0x10f8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:48:26.0446 0x10f8 stexstor - ok
14:48:26.0462 0x10f8 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:48:26.0493 0x10f8 StillCam - ok
14:48:26.0540 0x10f8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:48:26.0587 0x10f8 stisvc - ok
14:48:26.0618 0x10f8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:48:26.0618 0x10f8 swenum - ok
14:48:26.0649 0x10f8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:48:26.0712 0x10f8 swprv - ok
14:48:26.0758 0x10f8 [ DAEC63566C399E59B91F8993A491D5DB, 4F2DE1F0558975F1F2E4280D879983206474C393DD599243AE261B78C63FA6A8 ] SXDS10 C:\Program Files (x86)\Common Files\soft Xpansion\SXDS10.exe
14:48:26.0790 0x10f8 SXDS10 - detected UnsignedFile.Multi.Generic ( 1 )
14:48:29.0286 0x10f8 Detect skipped due to KSN trusted
14:48:29.0286 0x10f8 SXDS10 - ok
14:48:29.0395 0x10f8 [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:48:29.0457 0x10f8 SynTP - ok
14:48:29.0582 0x10f8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:48:29.0676 0x10f8 SysMain - ok
14:48:29.0691 0x10f8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:48:29.0722 0x10f8 TabletInputService - ok
14:48:29.0769 0x10f8 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:48:29.0785 0x10f8 tap0901 - ok
14:48:29.0816 0x10f8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:48:29.0894 0x10f8 TapiSrv - ok
14:48:29.0910 0x10f8 [ 4430E9B4C60AAB672D16E801BAD0555E, 9D9208FD66CF23BE03484C3C335E927D6914A405FED6A8D5B2878BA4F59203DE ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
14:48:29.0925 0x10f8 tbhsd - ok
14:48:30.0034 0x10f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:48:30.0128 0x10f8 Tcpip - ok
14:48:30.0206 0x10f8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:48:30.0268 0x10f8 TCPIP6 - ok
14:48:30.0300 0x10f8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:48:30.0315 0x10f8 tcpipreg - ok
14:48:30.0346 0x10f8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:48:30.0378 0x10f8 TDPIPE - ok
14:48:30.0409 0x10f8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:48:30.0409 0x10f8 TDTCP - ok
14:48:30.0456 0x10f8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:48:30.0471 0x10f8 tdx - ok
14:48:30.0502 0x10f8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:48:30.0518 0x10f8 TermDD - ok
14:48:30.0565 0x10f8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:48:30.0612 0x10f8 TermService - ok
14:48:30.0643 0x10f8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:48:30.0674 0x10f8 Themes - ok
14:48:30.0690 0x10f8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:48:30.0736 0x10f8 THREADORDER - ok
14:48:30.0768 0x10f8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:48:30.0814 0x10f8 TrkWks - ok
14:48:30.0877 0x10f8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:48:30.0939 0x10f8 TrustedInstaller - ok
14:48:30.0955 0x10f8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:48:30.0970 0x10f8 tssecsrv - ok
14:48:31.0002 0x10f8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:48:31.0033 0x10f8 TsUsbFlt - ok
14:48:31.0048 0x10f8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:48:31.0095 0x10f8 tunnel - ok
14:48:31.0126 0x10f8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:48:31.0142 0x10f8 uagp35 - ok
14:48:31.0158 0x10f8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:48:31.0220 0x10f8 udfs - ok
14:48:31.0251 0x10f8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:48:31.0267 0x10f8 UI0Detect - ok
14:48:31.0298 0x10f8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:48:31.0314 0x10f8 uliagpkx - ok
14:48:31.0314 0x10f8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:48:31.0329 0x10f8 umbus - ok
14:48:31.0360 0x10f8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:48:31.0376 0x10f8 UmPass - ok
14:48:31.0516 0x10f8 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:48:31.0594 0x10f8 UNS - ok
14:48:31.0626 0x10f8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:48:31.0688 0x10f8 upnphost - ok
14:48:31.0719 0x10f8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:48:31.0735 0x10f8 usbccgp - ok
14:48:31.0782 0x10f8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:48:31.0813 0x10f8 usbcir - ok
14:48:31.0828 0x10f8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:48:31.0844 0x10f8 usbehci - ok
14:48:31.0860 0x10f8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:48:31.0891 0x10f8 usbhub - ok
14:48:31.0922 0x10f8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:48:31.0938 0x10f8 usbohci - ok
14:48:31.0953 0x10f8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:48:31.0969 0x10f8 usbprint - ok
14:48:32.0000 0x10f8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:48:32.0016 0x10f8 usbscan - ok
14:48:32.0031 0x10f8 [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\drivers\usbser.sys
14:48:32.0047 0x10f8 usbser - ok
14:48:32.0078 0x10f8 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:48:32.0094 0x10f8 USBSTOR - ok
14:48:32.0125 0x10f8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:48:32.0140 0x10f8 usbuhci - ok
14:48:32.0172 0x10f8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:48:32.0187 0x10f8 usbvideo - ok
14:48:32.0218 0x10f8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:48:32.0234 0x10f8 usb_rndisx - ok
14:48:32.0265 0x10f8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:48:32.0312 0x10f8 UxSms - ok
14:48:32.0328 0x10f8 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\Windows\system32\lsass.exe
14:48:32.0343 0x10f8 VaultSvc - ok
14:48:32.0359 0x10f8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:48:32.0359 0x10f8 vdrvroot - ok
14:48:32.0406 0x10f8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:48:32.0468 0x10f8 vds - ok
14:48:32.0484 0x10f8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:48:32.0499 0x10f8 vga - ok
14:48:32.0530 0x10f8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:48:32.0562 0x10f8 VgaSave - ok
14:48:32.0608 0x10f8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:48:32.0624 0x10f8 vhdmp - ok
14:48:32.0640 0x10f8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:48:32.0655 0x10f8 viaide - ok
14:48:32.0671 0x10f8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:48:32.0686 0x10f8 volmgr - ok
14:48:32.0718 0x10f8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:48:32.0764 0x10f8 volmgrx - ok
14:48:32.0796 0x10f8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:48:32.0827 0x10f8 volsnap - ok
14:48:32.0842 0x10f8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:48:32.0858 0x10f8 vsmraid - ok
14:48:32.0936 0x10f8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:48:33.0030 0x10f8 VSS - ok
14:48:33.0045 0x10f8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:48:33.0061 0x10f8 vwifibus - ok
14:48:33.0061 0x10f8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:48:33.0092 0x10f8 vwififlt - ok
14:48:33.0108 0x10f8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:48:33.0123 0x10f8 vwifimp - ok
14:48:33.0154 0x10f8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:48:33.0217 0x10f8 W32Time - ok
14:48:33.0248 0x10f8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:48:33.0248 0x10f8 WacomPen - ok
14:48:33.0279 0x10f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:48:33.0326 0x10f8 WANARP - ok
14:48:33.0326 0x10f8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:48:33.0373 0x10f8 Wanarpv6 - ok
14:48:33.0435 0x10f8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:48:33.0513 0x10f8 WatAdminSvc - ok
14:48:33.0576 0x10f8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:48:33.0654 0x10f8 wbengine - ok
14:48:33.0685 0x10f8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:48:33.0716 0x10f8 WbioSrvc - ok
14:48:33.0747 0x10f8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:48:33.0778 0x10f8 wcncsvc - ok
14:48:33.0794 0x10f8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:48:33.0810 0x10f8 WcsPlugInService - ok
14:48:33.0825 0x10f8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:48:33.0841 0x10f8 Wd - ok
14:48:33.0888 0x10f8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:48:33.0934 0x10f8 Wdf01000 - ok
14:48:33.0966 0x10f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:48:33.0981 0x10f8 WdiServiceHost - ok
14:48:33.0997 0x10f8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:48:34.0012 0x10f8 WdiSystemHost - ok
14:48:34.0059 0x10f8 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:48:34.0106 0x10f8 WebClient - ok
14:48:34.0122 0x10f8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:48:34.0184 0x10f8 Wecsvc - ok
14:48:34.0200 0x10f8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:48:34.0246 0x10f8 wercplsupport - ok
14:48:34.0262 0x10f8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:48:34.0309 0x10f8 WerSvc - ok
14:48:34.0340 0x10f8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:48:34.0371 0x10f8 WfpLwf - ok
14:48:34.0387 0x10f8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:48:34.0402 0x10f8 WIMMount - ok
14:48:34.0418 0x10f8 WinDefend - ok
14:48:34.0434 0x10f8 WinHttpAutoProxySvc - ok
14:48:34.0496 0x10f8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:48:34.0543 0x10f8 Winmgmt - ok
14:48:34.0636 0x10f8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:48:34.0808 0x10f8 WinRM - ok
14:48:34.0855 0x10f8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
14:48:34.0902 0x10f8 WinUsb - ok
14:48:34.0933 0x10f8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:48:34.0995 0x10f8 Wlansvc - ok
14:48:35.0026 0x10f8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:48:35.0042 0x10f8 WmiAcpi - ok
14:48:35.0058 0x10f8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:48:35.0089 0x10f8 wmiApSrv - ok
14:48:35.0089 0x10f8 WMPNetworkSvc - ok
14:48:35.0120 0x10f8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:48:35.0136 0x10f8 WPCSvc - ok
14:48:35.0167 0x10f8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:48:35.0182 0x10f8 WPDBusEnum - ok
14:48:35.0198 0x10f8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:48:35.0245 0x10f8 ws2ifsl - ok
14:48:35.0276 0x10f8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:48:35.0292 0x10f8 wscsvc - ok
14:48:35.0323 0x10f8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:48:35.0338 0x10f8 WSDPrintDevice - ok
14:48:35.0338 0x10f8 WSearch - ok
14:48:35.0463 0x10f8 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
14:48:35.0572 0x10f8 wuauserv - ok
14:48:35.0588 0x10f8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:48:35.0619 0x10f8 WudfPf - ok
14:48:35.0650 0x10f8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:48:35.0682 0x10f8 WUDFRd - ok
14:48:35.0697 0x10f8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:48:35.0728 0x10f8 wudfsvc - ok
14:48:35.0760 0x10f8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:48:35.0791 0x10f8 WwanSvc - ok
14:48:35.0838 0x10f8 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:48:35.0869 0x10f8 yukonw7 - ok
14:48:35.0931 0x10f8 ================ Scan global ===============================
14:48:35.0978 0x10f8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:48:36.0025 0x10f8 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:48:36.0072 0x10f8 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
14:48:36.0118 0x10f8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:48:36.0165 0x10f8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:48:36.0181 0x10f8 [ Global ] - ok
14:48:36.0181 0x10f8 ================ Scan MBR ==================================
14:48:36.0196 0x10f8 [ F3762FDAE6B2B75AA424708C4FED6C35 ] \Device\Harddisk0\DR0
14:48:36.0633 0x10f8 \Device\Harddisk0\DR0 - ok
14:48:37.0023 0x10f8 [ 75D861A48D52D779EBF21D7E273F97F9 ] \Device\Harddisk1\DR2
14:48:37.0242 0x10f8 \Device\Harddisk1\DR2 - ok
14:48:37.0242 0x10f8 ================ Scan VBR ==================================
14:48:37.0257 0x10f8 [ 8B3A32359983AA58805F39BDB29ADE76 ] \Device\Harddisk0\DR0\Partition1
14:48:37.0257 0x10f8 \Device\Harddisk0\DR0\Partition1 - ok
14:48:37.0257 0x10f8 [ 3E67E22F4A223FD548ACCF2B4B7A7491 ] \Device\Harddisk0\DR0\Partition2
14:48:37.0257 0x10f8 \Device\Harddisk0\DR0\Partition2 - ok
14:48:37.0273 0x10f8 [ 338608BF66038F59D29D7749C20C8C88 ] \Device\Harddisk0\DR0\Partition3
14:48:37.0273 0x10f8 \Device\Harddisk0\DR0\Partition3 - ok
14:48:37.0288 0x10f8 [ 8DDA9ACA91E730198BAC845A2D5CD3D6 ] \Device\Harddisk0\DR0\Partition4
14:48:37.0288 0x10f8 \Device\Harddisk0\DR0\Partition4 - ok
14:48:37.0288 0x10f8 [ AF23DDFB415139E54B886C6981FE958D ] \Device\Harddisk1\DR2\Partition1
14:48:37.0288 0x10f8 \Device\Harddisk1\DR2\Partition1 - ok
14:48:37.0288 0x10f8 ================ Scan generic autorun ======================
14:48:37.0320 0x10f8 SynTPEnh - ok
14:48:37.0382 0x10f8 [ 0262F66606ECB969B4CAD491BD3F6F88, 0036D02639AF96015A3C33BF8BB622DB1E6FC2C5ED52D721D6EE0774C97FC14F ] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
14:48:37.0429 0x10f8 RtkOSD - detected UnsignedFile.Multi.Generic ( 1 )
14:48:47.0444 0x10f8 RtkOSD ( UnsignedFile.Multi.Generic ) - warning
14:48:51.0032 0x10f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:48:51.0126 0x10f8 Sidebar - ok
14:48:51.0141 0x10f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:48:51.0172 0x10f8 mctadmin - ok
14:48:51.0219 0x10f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:48:51.0266 0x10f8 Sidebar - ok
14:48:51.0282 0x10f8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:48:51.0297 0x10f8 mctadmin - ok
14:48:51.0406 0x10f8 [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
14:48:51.0500 0x10f8 RfxSrvTray - ok
14:48:51.0656 0x10f8 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
14:48:51.0781 0x10f8 LightScribe Control Panel - ok
14:48:51.0828 0x10f8 [ D81E34DB95C0A83859704FB5C0319EF4, DAD022965C56F82568D8ACDC57A4CD0CE5BE05694E85105BF5965166CCBF3BD6 ] C:\Program Files (x86)\Internetradio Player\ps_agent.exe
14:48:51.0828 0x10f8 1und1Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:48:54.0901 0x10f8 Detect skipped due to KSN trusted
14:48:54.0901 0x10f8 1und1Agent - ok
14:48:54.0901 0x10f8 Waiting for KSN requests completion. In queue: 6
14:48:55.0915 0x10f8 Waiting for KSN requests completion. In queue: 6
14:48:56.0929 0x10f8 Waiting for KSN requests completion. In queue: 6
14:48:57.0974 0x10f8 Win FW state via NFP2: enabled ( trusted )
14:49:00.0439 0x10f8 ============================================================
14:49:00.0439 0x10f8 Scan finished
14:49:00.0439 0x10f8 ============================================================
14:49:00.0439 0x17b0 Detected object count: 2
14:49:00.0439 0x17b0 Actual detected object count: 2
14:50:04.0165 0x17b0 ose ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:04.0165 0x17b0 ose ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:50:04.0165 0x17b0 RtkOSD ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:04.0165 0x17b0 RtkOSD ( UnsignedFile.Multi.Generic ) - User select action: Skip
VG, Andrea |
|
17.05.2016, 09:11
| #6 |
| /// TB-Ausbilder | Win ME - AV-Programm meldet Trojaner auf externer FP Servus, haben AdwCleaner und/oder MBAM etwas gefunden? Du könntest mit MBAM auch deine externe Festplatte überprüfen lassen, schon getan? |
|
17.05.2016, 20:17
| #7 |
| | Win ME - AV-Programm meldet Trojaner auf externer FP Moin, ja, aber nicht komplett. Den ersten Scann mit MBAM hatte ich am Sonntag nach ca. 2 Std abgebrochen, da ich davon ausging, dass dies nicht richtig sein kann - die alte FP hat schließlich nur 10 GB. Ich lasse die FP aber jetzt nochmals prüfen. Nach wieviel Stunden sollte / kann die Prüfung ggf. abgebrochen werden? |
|
17.05.2016, 20:41
| #8 |
| /// TB-Ausbilder | Win ME - AV-Programm meldet Trojaner auf externer FP Servus, ich würde MBAM schon komplett durchlaufen lassen, dazu ebenso ESET: ESET Online Scanner
|
|
20.05.2016, 23:04
| #9 |
| /// TB-Ausbilder | Win ME - AV-Programm meldet Trojaner auf externer FP Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
22.05.2016, 16:08
| #10 |
| | Win ME - AV-Programm meldet Trojaner auf externer FP Hallo Matthias, entschuldige bitte die späte Reaktion auf Deinen post. MBAM habe ich komplett durchlaufen lassen. Ergebnis negativ. (Allerdings hatte ich am 15.05. schon mal MBAM installiert und besagte Festplatte prüfen lassen. Dabei wurden - soweit ich mich erinnere - auch Dateien in Quarantäne verschoben und gelöscht. Allerdings hatte ich anschließend MBAM wieder deinstalliert, so dass ich diese Protokolldatei nicht mehr habe.) Aktuell - wie gesagt - ohne Fund: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 17.05.2016 Suchlaufzeit: 19:46 Protokolldatei: Protokoll AMWB vom 17.05.2016.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.05.17.05 Rootkit-Datenbank: v2016.05.06.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: *** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 162654 Abgelaufene Zeit: 1 Std., 56 Min., 1 Sek. Speicher: Deaktiviert Start: Deaktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# end=init
# utc_time=2016-05-21 02:00:23
# local_time=2016-05-21 04:00:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29545
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# end=updated
# utc_time=2016-05-21 02:03:46
# local_time=2016-05-21 04:03:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b7fd771316d27140883e4ccf48132867
# engine=29545
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-05-21 03:17:23
# local_time=2016-05-21 05:17:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 336495 215473693 0 0
# scanned=162655
# found=0
# cleaned=0
# scan_time=4416
Oder wie siehst Du das? VG, Andrea |
|
23.05.2016, 10:04
| #11 |
| /// TB-Ausbilder | Win ME - AV-Programm meldet Trojaner auf externer FP Servus, meiner Meinung nach hast du halt in deinem E-Mail Postfach von Outlook ein paar infizierte Anhänge. Durch das bloße Überspielen werden diese aber nicht gestartet. Ich würde meine Daten auf den neuen Rechner übertragen, aber zuvor alle E-Mails checken und unbekannte E-Mails bzw. E-Mail Anhänge löschen. Wenn keine infizierten E-Mail-Anhänge mehr in Outlook vorhanden sind, wird auch Bitdefender nicht mehr anschlagen. Das wars dann eigentlich auch schon.  |
|
26.05.2016, 21:21
| #12 |
| /// TB-Ausbilder | Win ME - AV-Programm meldet Trojaner auf externer FP Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Win ME - AV-Programm meldet Trojaner auf externer FP |
| anderen, anderes, anleitung, avira, befall, bitdefender, daten, defender, frage, geschlossen, installiert, kopieren, meldet, netzteil, nicht mehr, notebook, recht, recovery, scan, tool, trojaner, trotz, verfügbar, virenscan, win |
Linear-Darstellung
