|
Log-Analyse und Auswertung: Viren,Trojaner,Würmer,Track cookies und Komische Programe.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.05.2016, 17:13 | #1 |
| Viren,Trojaner,Würmer,Track cookies und Komische Programe. Hallo,es ist einfach das bei meinen PC Windows 10 64Bit das Internet ein bischen verlangsamt,natürlich weiß ich sofort das da ein Virus hintersteckt.Ich benutze Norton und Spybot die dauernt komische Programe finden.Wenn ich es Google zbw: Buzzdock.B,Application Tracking Cookies,HeurEngine.ZerodayThreat,VBS Runauton,Backdoor.Rustock.A,Infostealer.dll und so weiter.Es hängt dann auch bischen auf und egal wie viel ich Virenscanner downloade keiner löscht sie.Und ich will nicht Beobachtet werden was ich mache Bitte um Hilfe Logfile von Norton: Statistiken zu überprüfen: ** Ab Prüfung: *** Lokale Zeit: 2016.05.29 18.00 *** UTC-Zeit: 29/05/2016 16.00 Uhr ** Zeitprüfung: 437 Sekunden ** Ziele Screening: Normalerweise wird die infizierte Gebiet ** Zahlen: Gesamtzahl der getesteten Produkte: 8742 - Dateien und Ordner: 5375 - Registry-Einträge: 720 - Prozesse und Systemstartelemente : 2001 - Gegenstände Netzwerk und Browser: 638 - Andere: 5 - Trusted Dateien: 797 - Gelöschte Dateien: 107 Die Gesamtzahl der ermittelten Sicherheitsrisiken: 0 Gesamtzahl der bearbeiteten Items: 0 Gesamtzahl der Artikel die Aufmerksamkeit erfordern: 0 Gelöst Bedrohungen: Kein Risiko wurde nicht aufgelöst Ungelöste Bedrohungen: Keine ungelösten Risiken |
29.05.2016, 19:20 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe.Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
30.05.2016, 13:34 | #3 |
| Danke das du mir hilfts Jürgen. Leider hab ich nicht strg Dafür Fn,Ctrl und Alt also poste ich es so hoffe es passt
__________________FRST.txt FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02 Ran by xxxxxxx (administrator) on MICHAEL (30-05-2016 14:22:35) Running from C:\Users\xxxxxxx\Desktop\Viren-Programme Loaded Profiles: Michael Wiesnet & (Available Profiles: Michael Wiesnet) Platform: Windows 10 Home Version 1511 (X64) Language: Tschechisch (Tschechische Republik) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe () C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1db.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE (PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe (PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe (Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Dell Inc.) C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google) C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\SwReporter\6.48.6\software_reporter_tool.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\conathst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe\HxTsr.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-06] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] () HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.) HKLM-x32\...\Run: [LauncherC1765nf] => C:\Program Files (x86)\Dell Printers\Printer SSW\Launcher\dlm1launcher.exe [2471928 2013-08-13] (Dell Inc.) HKLM-x32\...\Run: [StatusAutoRunC1765nf] => C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe [3850216 2013-02-06] (Dell Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.) HKLM-x32\...\Run: [ISTray] => C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2717816 2012-11-01] (PC Tools) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [953880 2016-04-08] (BlueStack Systems, Inc.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\Run: [GameJoltClient] => C:\Users\Michael Wiesnet\AppData\Local\GameJoltClient\GameJoltClient.exe [46705152 2016-02-22] () HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\MountPoints2: {a0314def-6136-11e3-be65-806e6f6e6963} - "D:\autorun.exe" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [953880 2016-04-08] (BlueStack Systems, Inc.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GameJoltClient] => C:\Users\Michael Wiesnet\AppData\Local\GameJoltClient\GameJoltClient.exe [46705152 2016-02-22] () HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a0314def-6136-11e3-be65-806e6f6e6963} - "D:\autorun.exe" ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX64.dll No File ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX64.dll No File ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX64.dll No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX32.dll No File ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX32.dll No File ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Michael Wiesnet\AppData\Local\MEGAsync\ShellExtX32.dll No File Startup: C:\Users\Michael Wiesnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Produktregistrierung.lnk [2016-05-28] ShortcutTarget: Dell Produktregistrierung.lnk -> C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{900fffa3-8b91-40fa-a43a-5d7c903b4252}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-266935871-3126198160-1505501671-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP URLSearchHook: HKU\S-1-5-21-266935871-3126198160-1505501671-1001 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) URLSearchHook: HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) SearchScopes: HKU\S-1-5-21-266935871-3126198160-1505501671-1001 -> {0B136FBB-5DDF-466E-A259-3FB5D1074B73} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0B136FBB-5DDF-466E-A259-3FB5D1074B73} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2013-07-03] (Qualcomm®Atheros®) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23] (Threat Expert Ltd.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-26] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-26] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23] (Threat Expert Ltd.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-26] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon [2016-04-03] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox [2016-05-29] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.youtube.com/watch?v=Rvmaba3cfUA" CHR Profile: C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-05-29] CHR Extension: (YouTube) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Norton Security Toolbar) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-05-10] CHR Extension: (Dazzletini) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjppnednjmnfnomdlgimeeogplamlnn [2016-02-15] CHR Extension: (Google-Suche) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Yahoo Web) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-01-10] CHR Extension: (Google Docs Offline) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (AdBlock) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-29] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (ScriptSafe) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2016-05-29] CHR Extension: (Google Mail) - C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06] CHR Profile: C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Profile: C:\Users\Michael Wiesnet\AppData\Local\Google\Chrome\User Data\Profile 3 CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22] CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-08] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-08] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-08] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-08] (BlueStack Systems, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 DLNBDB; C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1db.exe [244712 2013-02-06] () R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe [289080 2016-02-26] (Symantec Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-06] (Realtek Semiconductor) R2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools) R2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1162360 2012-11-01] (PC Tools) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-21] (Atheros) [File not signed] S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-12-06] (Qualcomm Atheros Communications, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-08] (BlueStack Systems) R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. ) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation) R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation) R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [57344 2015-10-30] (Microsoft Corp.) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation) R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation) R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\IPSDefs\20160527.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.) R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160528.001\ENG64.SYS [138456 2016-05-17] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160528.001\EX64.SYS [2148056 2016-05-17] (Symantec Corporation) R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools) R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools) R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools) R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools) R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools) R3 pctplsm; C:\Windows\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools) R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896744 2015-12-06] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated) R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1606000.08E\SymELAM.sys [24192 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-27] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-29 18:09 - 2016-05-29 18:09 - 00001324 _____ C:\Users\Michael Wiesnet\Downloads\Wsss.txt 2016-05-29 18:08 - 2016-05-29 18:08 - 00001324 _____ C:\Users\Michael Wiesnet\Downloads\Ja da.txt 2016-05-29 16:44 - 2016-05-29 16:44 - 00001722 _____ C:\Users\Michael Wiesnet\Desktop\Tracking Cookies Removal Tool.lnk 2016-05-29 16:44 - 2016-05-29 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracking Cookies Removal Tool 2016-05-29 16:44 - 2016-05-29 16:44 - 00000000 ____D C:\Program Files (x86)\Security Stronghold 2016-05-29 16:43 - 2016-05-29 16:43 - 01586248 _____ (Security Stronghold ) C:\Users\Michael Wiesnet\Downloads\TrackingCookiesRemovalTool.exe 2016-05-29 16:05 - 2012-10-23 17:40 - 02280568 _____ (Threat Expert Ltd.) C:\WINDOWS\PCTBDCore.dll 2016-05-29 16:05 - 2012-10-23 17:40 - 01690744 _____ (Threat Expert Ltd.) C:\WINDOWS\PCTBDRes.dll 2016-05-29 16:05 - 2012-10-23 17:40 - 00769144 _____ C:\WINDOWS\BDTSupport.dll 2016-05-29 16:05 - 2012-10-23 17:40 - 00150648 _____ (PC Tools) C:\WINDOWS\SGDetectionTool.dll 2016-05-29 16:05 - 2012-10-23 17:40 - 00077144 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTBD64.sys 2016-05-29 16:05 - 2012-10-23 16:30 - 00003488 _____ C:\WINDOWS\UDB.zip 2016-05-29 16:05 - 2012-10-23 16:30 - 00000882 _____ C:\WINDOWS\RegSDImport.xml 2016-05-29 16:05 - 2012-10-23 16:30 - 00000879 _____ C:\WINDOWS\RegISSImport.xml 2016-05-29 16:05 - 2012-10-23 16:30 - 00000131 _____ C:\WINDOWS\IDB.zip 2016-05-29 16:04 - 2016-05-29 16:04 - 00002316 _____ C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk 2016-05-29 16:04 - 2016-05-29 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security 2016-05-29 16:04 - 2016-05-29 16:04 - 00000000 ____D C:\Program Files (x86)\PC Tools 2016-05-29 16:04 - 2012-11-01 15:35 - 00093600 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctplsg64.sys 2016-05-29 16:04 - 2012-11-01 15:35 - 00087968 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctplsm64.sys 2016-05-29 16:04 - 2012-11-01 15:35 - 00016392 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctBTFix64.sys 2016-05-29 16:04 - 2012-10-31 14:21 - 00347016 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctgntdi64.sys 2016-05-29 16:04 - 2012-10-31 14:21 - 00258424 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctwfpfilter64.sys 2016-05-29 16:02 - 2016-05-29 16:07 - 04578200 _____ C:\WINDOWS\system32\Drivers\Cat.DB 2016-05-29 16:02 - 2016-05-29 16:04 - 00000000 ____D C:\ProgramData\PC Tools 2016-05-29 16:02 - 2016-05-29 16:02 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Roaming\TestApp 2016-05-29 16:02 - 2012-11-01 15:35 - 00253256 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTSD64.sys 2016-05-29 16:02 - 2012-10-22 16:38 - 00413448 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTCore64.sys 2016-05-29 16:02 - 2012-02-28 11:43 - 01096176 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctEFA64.sys 2016-05-29 16:02 - 2012-02-28 11:43 - 00453896 _____ (PC Tools) C:\WINDOWS\system32\Drivers\pctDS64.sys 2016-05-29 16:00 - 2016-05-29 16:01 - 04122616 _____ (PC Tools) C:\Users\Michael Wiesnet\Downloads\sdsetup.exe 2016-05-28 15:40 - 2016-05-28 15:40 - 25171987 _____ C:\Users\Michael Wiesnet\Downloads\com.mojang.minecraftpe_573d888925f5f.apk 2016-05-26 11:32 - 2016-05-30 14:22 - 00000000 ____D C:\Users\Michael Wiesnet\Desktop\Viren-Programme 2016-05-25 16:01 - 2016-05-25 16:02 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Zppppppppppppppp 2016-05-24 22:13 - 2016-05-25 16:17 - 258840376 _____ C:\Users\Michael Wiesnet\Downloads\camtasiade (1).exe 2016-05-23 19:17 - 2016-05-25 15:52 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Zoo 2016-05-23 18:13 - 2016-05-21 17:43 - 38547463 ____N C:\Users\Michael Wiesnet\Desktop\20160521_174328.mp4 2016-05-23 18:09 - 2016-05-23 18:11 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-05-22 19:14 - 2016-05-22 19:14 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-22 19:12 - 2016-05-22 19:13 - 00987728 _____ (Google Inc.) C:\Users\Michael Wiesnet\Downloads\ChromeSetup.exe 2016-05-18 16:45 - 2016-05-18 16:45 - 00000000 ____D C:\Program Files (x86)\ESET 2016-05-18 16:21 - 2016-05-30 14:22 - 00000000 ____D C:\FRST 2016-05-17 20:49 - 2016-05-28 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-17 20:49 - 2016-05-28 15:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-17 20:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-05-17 20:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-05-17 20:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-05-17 20:45 - 2016-05-17 20:45 - 22851472 _____ (Malwarebytes ) C:\Users\Michael Wiesnet\Downloads\mbam-setup-2.2.1.1043.exe 2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Virus Entfernung 2016-05-17 19:40 - 2016-05-17 19:40 - 00002024 _____ C:\Users\Michael Wiesnet\Desktop\Norton AntiVirus.lnk 2016-05-17 18:38 - 2016-05-17 18:38 - 00117060 _____ C:\Users\Michael Wiesnet\Downloads\MicrosoftEasyFix20179.mini.diagcab 2016-05-16 20:07 - 2016-05-25 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-05-16 20:07 - 2016-05-17 20:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-16 20:06 - 2016-05-30 14:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-16 20:01 - 2016-05-16 20:04 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Michael Wiesnet\Downloads\mbar-1.09.3.1001.exe 2016-05-16 18:50 - 2016-05-16 18:51 - 07039396 _____ C:\Users\Michael Wiesnet\Downloads\Template n°2.blend 2016-05-16 18:04 - 2016-05-16 18:16 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Roaming\WhatsApp 2016-05-16 18:04 - 2016-05-16 18:04 - 00002098 _____ C:\Users\Michael Wiesnet\Desktop\WhatsApp.lnk 2016-05-16 18:04 - 2016-05-16 18:04 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-05-16 18:03 - 2016-05-16 18:04 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\WhatsApp 2016-05-16 18:03 - 2016-05-16 18:03 - 00000000 ____D C:\ProgramData\Michael Wiesnet 2016-05-16 17:56 - 2016-05-16 17:57 - 64478992 _____ (WhatsApp) C:\Users\Michael Wiesnet\Downloads\WhatsAppSetup.exe 2016-05-15 15:03 - 2016-05-15 15:03 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-05-14 15:16 - 2016-05-14 15:16 - 09782622 _____ C:\Users\Michael Wiesnet\Downloads\BlockLauncher Pro_1.12.7.apk 2016-05-13 23:28 - 2016-05-13 23:29 - 82060559 _____ C:\Users\Michael Wiesnet\Downloads\Victorious Cast - All I Want Is Everything ft. Victoria Justice.mp4 2016-05-13 23:27 - 2016-05-13 23:30 - 74928602 _____ C:\Users\Michael Wiesnet\Downloads\Victorious Cast - You're The Reason (Acoustic Version) ft. Victoria Justice.mp4 2016-05-13 23:26 - 2016-05-13 23:29 - 60599218 _____ C:\Users\Michael Wiesnet\Downloads\Victoria Justice - Gold.mp4 2016-05-13 23:24 - 2016-05-13 23:24 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Gema gesperrt 2016-05-13 22:42 - 2016-05-13 22:42 - 00031992 _____ C:\Users\Michael Wiesnet\Desktop\Unbenannt.mp4 2016-05-13 12:53 - 2016-05-13 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-05-13 12:53 - 2016-05-13 12:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-05-11 16:48 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-05-11 16:48 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-05-11 16:48 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-05-11 16:48 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-05-11 16:48 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-05-11 16:48 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-05-11 16:48 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-05-11 16:48 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-05-11 16:48 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-05-11 16:48 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-05-11 16:48 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-05-11 16:48 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-05-11 16:48 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-05-11 16:48 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-05-11 16:48 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-05-11 16:48 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-05-11 16:48 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-05-11 16:48 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-05-11 16:48 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-05-11 16:48 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-05-11 16:48 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-05-11 16:47 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys 2016-05-11 16:47 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-05-11 16:47 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-05-11 16:47 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-05-11 16:47 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2016-05-11 16:47 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-05-11 16:47 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2016-05-11 16:47 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-05-11 16:47 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-05-11 16:47 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-05-11 16:47 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-05-11 16:47 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-05-11 16:47 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-05-11 16:47 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-05-11 16:47 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-05-11 16:47 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-05-11 16:47 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-05-11 16:47 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-05-11 16:47 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-05-11 16:47 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-05-11 16:47 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2016-05-11 16:47 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-05-11 16:47 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-05-11 16:47 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-05-11 16:47 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-05-11 16:47 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-05-11 16:47 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-05-11 16:47 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-05-11 16:47 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-05-11 16:47 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-05-11 16:47 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2016-05-11 16:47 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-05-11 16:47 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-05-11 16:47 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-05-11 16:47 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-05-11 16:47 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys 2016-05-11 16:47 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-05-11 16:47 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-05-11 16:47 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-05-11 16:47 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-05-11 16:47 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-05-11 16:47 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-05-11 16:47 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-05-11 16:47 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-05-11 16:47 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2016-05-11 16:47 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-05-11 16:47 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-05-11 16:47 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-05-11 16:47 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-05-11 16:47 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-05-11 16:47 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-05-11 16:47 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2016-05-11 16:47 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2016-05-11 16:47 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2016-05-11 16:47 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2016-05-11 16:47 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2016-05-11 16:47 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2016-05-11 16:47 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-05-11 16:47 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-05-11 16:47 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-05-11 16:47 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2016-05-11 16:47 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-05-11 16:47 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-05-11 16:47 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2016-05-11 16:47 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-05-11 16:47 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2016-05-11 16:47 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll 2016-05-11 16:47 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-05-11 16:47 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-05-11 16:47 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-05-11 16:47 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-05-11 16:47 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2016-05-11 16:47 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-05-11 16:47 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2016-05-11 16:47 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-05-11 16:47 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-05-11 16:47 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-05-11 16:47 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-05-11 16:47 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-05-11 16:47 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-05-11 16:47 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys 2016-05-11 16:47 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-05-11 16:47 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-05-11 16:47 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2016-05-11 16:47 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2016-05-11 16:47 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-05-11 16:47 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-05-11 16:47 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-05-11 16:47 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-05-11 16:47 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2016-05-11 16:47 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-05-11 16:47 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-05-11 16:47 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2016-05-11 16:47 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-05-11 16:47 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-05-11 16:47 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2016-05-11 16:47 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll 2016-05-11 16:47 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-05-11 16:47 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-05-11 16:47 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-05-11 16:47 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-05-11 16:47 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2016-05-11 16:47 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-05-11 16:47 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-05-11 16:47 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-05-11 16:47 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-05-11 16:47 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-05-11 16:47 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-05-11 16:47 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-05-11 16:47 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-05-11 16:47 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-05-11 16:47 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-05-11 16:47 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-05-11 16:47 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-05-11 16:47 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-05-11 16:47 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-05-11 16:47 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-05-11 16:47 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-05-11 16:47 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-05-11 16:47 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-05-11 16:47 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-05-11 16:47 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-05-11 16:47 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-05-11 16:47 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-05-11 16:47 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-05-11 16:47 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-05-11 16:47 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-05-11 16:47 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-05-11 16:47 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-05-11 16:47 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-05-11 16:47 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-05-11 16:47 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-05-11 16:47 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-05-11 16:47 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-05-11 16:47 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-05-11 16:47 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-05-11 16:47 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-05-11 16:47 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-05-11 16:47 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-05-11 16:47 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-05-11 16:47 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-05-11 16:47 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-05-11 16:46 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-05-11 16:46 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-05-11 16:46 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe 2016-05-11 16:46 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2016-05-11 16:46 - 2016-04-23 06:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-05-11 16:46 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-05-11 16:46 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe 2016-05-11 16:46 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2016-05-11 16:46 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-05-11 16:46 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-05-11 16:46 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-05-11 16:46 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-05-11 16:46 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-05-11 16:46 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-05-11 16:46 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-05-11 16:46 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll 2016-05-11 16:46 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll 2016-05-11 16:46 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-05-11 16:46 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-05-11 16:46 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-05-11 16:46 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2016-05-11 16:46 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-05-11 16:46 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-05-11 16:46 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml 2016-05-11 16:46 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml 2016-05-06 15:24 - 2016-05-06 15:24 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk 2016-05-06 15:24 - 2016-05-06 15:24 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 2016-05-06 15:12 - 2016-05-06 15:18 - 164803434 _____ C:\Users\Michael Wiesnet\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de (2).exe 2016-05-02 13:58 - 2016-05-02 13:58 - 00001450 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-30 14:22 - 2015-01-25 17:01 - 00004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F0C37E4-0503-4836-865E-7861069FF48C} 2016-05-30 14:20 - 2015-01-15 17:43 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Roaming\Skype 2016-05-30 14:19 - 2013-12-10 03:40 - 00000000 ____D C:\ProgramData\Temp 2016-05-30 14:18 - 2015-12-28 17:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-05-30 14:18 - 2015-08-29 21:13 - 00000000 __SHD C:\Users\Michael Wiesnet\IntelGraphicsProfiles 2016-05-30 14:18 - 2015-01-20 18:10 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-30 14:18 - 2015-01-15 18:15 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-29 19:04 - 2015-01-20 18:10 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-29 18:00 - 2013-12-10 03:38 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery 2016-05-29 15:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-29 15:31 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-28 17:13 - 2016-04-03 19:15 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus 2016-05-28 17:10 - 2013-12-10 03:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Dell 2016-05-28 17:09 - 2015-01-20 18:12 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\LogMeIn Hamachi 2016-05-28 17:09 - 2015-01-15 17:43 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-05-28 17:07 - 2015-12-28 18:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-28 17:06 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2016-05-28 16:47 - 2014-12-08 20:31 - 00000000 ____D C:\ProgramData\ScanSoft 2016-05-28 16:45 - 2014-10-23 14:39 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\CrashDumps 2016-05-28 16:43 - 2014-12-08 20:29 - 00000000 ____D C:\ProgramData\Nuance 2016-05-25 19:04 - 2016-02-15 22:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-05-25 16:19 - 2015-12-28 17:42 - 00000000 ____D C:\Users\Michael Wiesnet 2016-05-25 14:32 - 2015-07-29 19:05 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Wii games 2016-05-24 21:39 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-05-23 18:07 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-05-22 19:17 - 2016-03-08 18:12 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2016-05-22 19:14 - 2015-01-20 18:12 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-18 16:31 - 2015-01-26 15:45 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\LocalLow\Temp 2016-05-17 20:37 - 2015-06-10 19:13 - 00000000 ____D C:\AdwCleaner 2016-05-17 20:27 - 2016-01-09 20:29 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-05-17 18:39 - 2015-06-21 21:08 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\ElevatedDiagnostics 2016-05-17 16:51 - 2016-04-07 14:41 - 00000000 ____D C:\tmp 2016-05-16 21:29 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2016-05-16 20:29 - 2015-12-06 21:19 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Youtube Vidios 2016-05-16 18:04 - 2016-04-03 15:52 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\SquirrelTemp 2016-05-15 20:22 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-14 22:54 - 2016-04-08 23:41 - 00000000 ____D C:\Users\Michael Wiesnet\Documents\Youtube Songs 2016-05-14 18:27 - 2016-03-10 19:08 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\game-jolt-client 2016-05-14 18:27 - 2016-03-10 19:08 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\GameJoltClient 2016-05-14 18:27 - 2015-01-26 15:55 - 00000000 __RDO C:\Users\Michael Wiesnet\OneDrive 2016-05-13 13:08 - 2014-10-08 15:11 - 00000000 ____D C:\Users\Michael Wiesnet\AppData\Local\Packages 2016-05-13 12:55 - 2014-10-08 14:57 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-05-12 20:33 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-12 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-05-12 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-12 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning 2016-05-12 20:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-05-12 20:32 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-11 21:07 - 2015-01-19 21:05 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-05-11 20:48 - 2015-01-19 21:05 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-05-11 16:59 - 2015-01-20 18:10 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 16:59 - 2015-01-20 18:10 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-10 21:46 - 2016-04-25 20:24 - 00000022 _____ C:\Users\Michael Wiesnet\Downloads\JigSawDecrypter.zip 2016-05-06 15:27 - 2015-12-28 17:32 - 00228920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-05-06 15:24 - 2014-11-16 18:53 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-05-05 17:30 - 2016-03-08 18:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-05-05 15:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-05-02 13:58 - 2016-02-15 22:02 - 00001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-05-02 13:58 - 2016-02-15 22:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-05-02 13:58 - 2016-02-15 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 ==================== Files in the root of some directories ======= 2015-12-28 17:38 - 2015-12-28 17:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-12-10 03:44 - 2013-12-10 03:44 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2013-12-10 03:41 - 2013-12-10 03:42 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2013-12-10 03:42 - 2013-12-10 03:43 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2013-12-10 03:40 - 2013-12-10 03:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2013-12-10 03:43 - 2013-12-10 03:44 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log Some files in TEMP: ==================== C:\Users\Michael Wiesnet\AppData\Local\Temp\GC_PCTOOLS.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-05-28 16:09 ==================== End of FRST.txt ============================ --- --- --- --- --- --- Geändert von M-K-D-B (01.07.2017 um 10:15 Uhr) |
30.05.2016, 13:38 | #4 |
| Hir die Addition datein. Und hir die 2.FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02 Ran by xxxxxxx (2016-05-30 14:24:41) Running from C:\Users\xxxxxxx\Desktop\Viren-Programme Windows 10 Home Version 1511 (X64) (2015-12-28 16:12:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-266935871-3126198160-1505501671-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-266935871-3126198160-1505501671-503 - Limited - Disabled) Guest (S-1-5-21-266935871-3126198160-1505501671-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-266935871-3126198160-1505501671-1006 - Limited - Enabled) xxxxxxx (S-1-5-21-266935871-3126198160-1505501671-1001 - Administrator - Enabled) => C:\Users\xxxxxxx ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton AntiVirus (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: PC Tools Spyware Doctor with AntiVirus (Disabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: PC Tools Spyware Doctor (Disabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F} AS: Norton AntiVirus (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{40497F68-4E40-7578-7288-E38074390E79}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games) Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation) Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation) BlueStacks App Player (HKLM-x32\...\{38E69C88-1B39-4A51-96D2-303337D9C210}) (Version: 2.2.18.6014 - BlueStack Systems, Inc.) Browser Guard 4.0 (HKLM-x32\...\Browser Defender_is1) (Version: 4.0.0.1884 - PC Tools) Camtasia Studio 8 (HKLM-x32\...\{F6EC4C4E-C87B-4F50-851B-1C86E0C94F00}) (Version: 8.6.0.2055 - TechSmith Corporation) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.) Dell C1765 Color MFP (HKLM-x32\...\InstallShield_{B03A2793-A8FF-4242-B23D-88D2D5FAE56A}) (Version: 1.039.0 - Dell Inc.) Dell C1765 Color MFP (x32 Version: 1.039.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{C87ADBDA-EF36-4A53-B05C-DBCD98D3A2CA}) (Version: 1.4.2000.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Game Jolt Client version 0.3.2 (HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\game-jolt-client_is1) (Version: 0.3.2 - Lucen Web Creative, LLC) Game Jolt Client version 0.3.2 (HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\game-jolt-client_is1) (Version: 0.3.2 - Lucen Web Creative, LLC) Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.6.0.142 - Symantec Corporation) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) PC Tools Spyware Doctor 9.1 (HKLM-x32\...\Spyware Doctor) (Version: 9.1 - PC Tools) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - ) PowerXpressHybrid (x32 Version: 1.00.0000 - Název společnosti:) Hidden Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.230 - Qualcomm Atheros Communications) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) School of Dragons: How to Train Your Dragon (HKLM-x32\...\Steam App 332070) (Version: - JumpStart Games, Inc.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Super Mario Bros. X (HKLM-x32\...\Super Mario Bros. X) (Version: - ) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) Tracking Cookies Removal Tool 1.0 (HKLM-x32\...\{D2A92E68-7CAD-4661-9C7A-D932FD5312E2}_is1) (Version: 1.0 - Security Stronghold) VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden WhatsApp (HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\WhatsApp) (Version: 0.2.684 - WhatsApp) WhatsApp (HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WhatsApp) (Version: 0.2.684 - WhatsApp) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-266935871-3126198160-1505501671-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08651BF4-8BF9-486A-B309-46F17CFD06B5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {11102060-36C6-42A3-BD05-BCF7781E60EF} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.) Task: {15C3BEE6-A015-411E-8935-A3FF3E88745F} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation) Task: {21C70C3E-E95F-4404-B449-8697A89A041C} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {24B1B11D-FBBE-486E-B146-D5E26306542D} - System32\Tasks\{5D1DC7FA-A8F5-4748-9231-9924672229A9} => pcalua.exe -a "C:\Program Files (x86)\Project64 1.6\Project64.exe" Task: {36F9CB80-D279-469F-A552-6B967BAAEB5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {3A219931-9D45-456D-A2C4-30C22A906337} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {4351CEC4-3F94-470D-9AD7-9858793EF162} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {4379D286-1638-4261-A647-F432AADA0516} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {4F038CA6-799D-4D1E-BE80-B37E15577AC1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {6F49855C-4E5C-4EE5-8229-AF7844980E43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.) Task: {753F2C83-F07F-4624-8933-63F61840690E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.) Task: {7644AB14-5BB7-4D29-ACA7-A2D7ED7BD3E9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation) Task: {84227DCE-D19C-4E7A-96E8-98D844F3490B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {89DF17D2-8CD2-4192-8F8F-DEE5FB826171} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {91A14CFF-61B7-42A1-B2E0-175BC2647ABF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.) Task: {9AA3EE36-5BC0-41C3-8A53-97764E092145} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {A2E35C76-45DE-4976-BF89-882178D70273} - System32\Tasks\Norton AntiVirus\Norton Autofix => C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation) Task: {AAA88D6F-13D4-4E5E-AC24-9B3953523513} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {AC102186-47E7-430A-A2EA-4700562C01F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {B32483CB-CC4C-4B5F-8A0A-B4794E258053} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {C0CCA9D7-3CB3-4B35-872D-DD32BECEF563} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.) Task: {C576E82F-1276-4212-BEA8-6A820FAA20CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink) Task: {D38DFF5A-3E93-48F0-A5FF-A624DFE82FFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {D4E47754-A5FF-41B7-A686-C0D800C01981} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E0DBF485-E128-480A-B2D8-11BDC078C245} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {EFA6FFC9-AFF6-49C8-B7A4-4D3F60EE923F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-02-26] (Symantec Corporation) Task: {EFE45C23-AA04-4AE7-A243-6A72D56B1DB8} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation) Task: {F15C129B-405F-4818-AA47-7F8CEACC7994} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-12-08 20:47 - 2012-06-20 16:15 - 00032768 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\dltfm1zPP.dll 2013-02-06 18:40 - 2013-02-06 18:40 - 00244712 _____ () C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1db.exe 2013-12-10 03:43 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-14 16:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-14 16:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-24 16:36 - 2016-04-24 16:36 - 00959176 _____ () C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2015-12-29 19:26 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 16:46 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-11 16:47 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-11 16:47 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-11 16:47 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-11 16:47 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-04-19 14:34 - 2016-04-19 14:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-30 14:19 - 2016-04-30 14:20 - 00051200 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2016-02-15 22:02 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-02-15 22:02 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-02-15 22:02 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-08-07 15:27 - 2013-08-07 15:27 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2016-05-29 16:04 - 2012-11-01 15:34 - 00092792 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\avengine\sdkBSCtrl.dll 2016-05-29 16:05 - 2012-10-23 17:40 - 00109688 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BSPatch.dll 2015-01-15 18:18 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-20 14:39 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-01-15 18:18 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-20 14:39 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-20 14:39 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-01-15 18:17 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-01-15 18:17 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-01-15 18:17 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-01-15 18:17 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-01-15 18:17 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-01-15 18:17 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-10 14:44 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-05-13 13:06 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll 2016-05-13 13:06 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll 2013-12-10 03:41 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-01-15 18:17 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-04-19 14:34 - 2016-04-19 14:34 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127] AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [145] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\Software\Classes\exefile: <===== ATTENTION HKU\S-1-5-21-266935871-3126198160-1505501671-1001\Software\Classes\.exe: exefile => <===== ATTENTION ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-06-21 21:21 - 00000860 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-266935871-3126198160-1505501671-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "PPort14reminder" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "IndexSearch" HKLM\...\StartupApproved\Run32: => "AgentMonitor" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-266935871-3126198160-1505501671-1001\...\StartupApproved\Run: => "GameJoltClient" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-266935871-3126198160-1505501671-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GameJoltClient" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{25574F7E-4E31-46A1-9F57-576DA5B78847}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [TCP Query User{1562DA3B-8ACA-487E-A55D-5B8360259C2D}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [UDP Query User{381DC674-D757-4133-B9F8-B8196FC73FDF}C:\users\michael wiesnet\desktop\sm3dl.exe] => (Allow) C:\users\michael wiesnet\desktop\sm3dl.exe FirewallRules: [TCP Query User{2F613E42-F54E-4750-93B2-279C991C300E}C:\users\michael wiesnet\desktop\sm3dl.exe] => (Allow) C:\users\michael wiesnet\desktop\sm3dl.exe FirewallRules: [{0378C77D-C2EC-457F-B552-2D5C755E91CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [{B2AFAD69-90CB-48EB-995C-C66D827BFBCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe FirewallRules: [UDP Query User{C82F9A00-2F66-4364-8347-DFAFDA807D22}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [TCP Query User{B6087627-CFE7-4326-8C63-7FDAED11C2AD}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{073D9291-CF4A-47B3-94D3-C271AC72B7F5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{843CC74E-3F2E-4844-8353-39FC6BABAD55}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{89F587E4-7C0A-46CE-A06D-56166E659559}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{638842EE-DA43-4237-8F68-82B01B52F0BE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [UDP Query User{63422869-4B6E-484F-BCF8-3DDC3B9F1AC1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A202A149-031A-4F34-B08E-DAA3209EE1FA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{5B3E902B-1366-4965-9247-31390C8F133E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{E7DA3767-5C7E-486A-AF05-61DA5B20C92F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{379D22CA-152B-4992-8EBE-EF5B162B6E9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\School of Dragons How to Train Your Dragon\DOMain.exe FirewallRules: [{7EAB564A-07F3-4AA8-A0D8-44AF15B83771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\School of Dragons How to Train Your Dragon\DOMain.exe FirewallRules: [{736933E9-4B36-4BF4-9E4B-AF0B35771614}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DA48500D-1E91-41E3-97F7-9DD334FBD9D5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4CC474AF-3D49-4212-A79E-BB470C9635E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A7294EC2-E598-46F4-ADD5-8B18FF81D3D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{11EBE977-2791-4CA1-9AAE-7F20533AC46B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{A162F914-7C6C-4548-9F89-D5877C6BD1E6}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{34D743AD-F559-4D1D-81C9-5D0A3B4FD235}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{184A334C-B4F7-45B0-A512-907903599D59}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{8D3CB4CC-80A4-4CA0-A867-31693DD99AD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{330E1748-5836-45E7-A7A8-75A5940B62B8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{234AF6D6-05A6-4303-A6F5-66E430AD3A6B}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{EE588A0E-051D-498F-A950-F0DC08100295}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{07A59683-F6A3-429B-8500-CBF700DE36C9}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{5B9338F5-B43E-4409-85FC-1DCC3059A69F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{839C3DD0-9102-4E90-AF3D-66377702A311}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [TCP Query User{FE996163-CC4D-46D2-A83E-4F73CADF051A}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{AC9A3695-41DF-480B-A1A2-2E1C010EE73A}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{084FCA51-A9C5-48B3-87E9-8F3319C7ABB1}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{CD4D4186-B5C1-4C23-8D76-7EA9E3DD8642}] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [TCP Query User{6A1589AC-58B2-4B17-9E80-8849E9AD25EA}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{7A8AD23F-B39F-4667-98E8-9BBB7FFF1FCC}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{B3F6481E-DE56-46D6-89B1-D8F1993CB2FB}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe FirewallRules: [{90293F4F-C32F-47C3-946A-151A0FF1EFC0}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe FirewallRules: [{A12BA987-9643-445A-9BE7-84F50B006E6D}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe FirewallRules: [{540403BA-F223-4033-AB0D-AA3F69649CD7}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe FirewallRules: [TCP Query User{80C1C8C8-A959-4EEC-B072-3736B9D77D21}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [UDP Query User{60F9431A-B28A-4FFA-8486-632BA0A31E7B}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [{5787BC77-904C-4BFC-9318-2F31AFA762B4}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{00C4AA9C-91D7-4E40-8D74-DD9368C39C0C}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [TCP Query User{40823F2A-3D74-47CA-9952-741F6172100A}C:\users\michael wiesnet\appdata\local\game-jolt-client\games\pokemon3d-10545\default-144069\pokemon3dserver.exe] => (Allow) C:\users\michael wiesnet\appdata\local\game-jolt-client\games\pokemon3d-10545\default-144069\pokemon3dserver.exe FirewallRules: [UDP Query User{618478EA-A982-4F10-A1E4-3995D618DAB0}C:\users\michael wiesnet\appdata\local\game-jolt-client\games\pokemon3d-10545\default-144069\pokemon3dserver.exe] => (Allow) C:\users\michael wiesnet\appdata\local\game-jolt-client\games\pokemon3d-10545\default-144069\pokemon3dserver.exe FirewallRules: [{17833294-AB00-4757-9FA7-F200E4B6693E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{3FB45C8B-10BF-4D75-9FF0-D15DDAC3F351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe FirewallRules: [{2BB3A331-2958-47E5-AB5D-A51DD8328002}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{CD5C8DF8-C7B0-4CA2-909A-9D27918BF125}] => (Allow) LPort=2869 FirewallRules: [{4441EF60-25D7-482A-8374-717AACAE883F}] => (Allow) LPort=1900 FirewallRules: [{335BC95D-CB8A-4421-9D87-1E92BC44D88A}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{14F831DA-8CEB-42DD-91B9-74AC18C15AC8}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{A5C3D09E-C0F4-42FE-AC79-C713A9591001}] => (Allow) LPort=8317 FirewallRules: [{6BC7AE73-CED2-49B6-8C28-727C7CC7EB20}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 24-04-2016 17:21:03 Installiert Magic-i Visual Effects 29-04-2016 17:25:12 Camtasia Studio 8 wird installiert 06-05-2016 15:20:29 OpenOffice 4.1.2 wird installiert 11-05-2016 20:42:34 Windows Update 15-05-2016 20:20:07 Windows Update 16-05-2016 21:14:07 Malwarebytes Anti-Rootkit Restore Point 18-05-2016 16:06:01 JRT Pre-Junkware Removal 28-05-2016 15:41:55 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/29/2016 07:21:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756 Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000067e3c ID des fehlerhaften Prozesses: 0x1eb4 Startzeit der fehlerhaften Anwendung: 0xdwm.exe0 Pfad der fehlerhaften Anwendung: dwm.exe1 Pfad des fehlerhaften Moduls: dwm.exe2 Berichtskennung: dwm.exe3 Vollständiger Name des fehlerhaften Pakets: dwm.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5 Error: (05/28/2016 05:08:28 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/28/2016 05:06:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686 Ausnahmecode: 0xc0000602 Fehleroffset: 0x000000000022885f ID des fehlerhaften Prozesses: 0xae4 Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0 Pfad der fehlerhaften Anwendung: svchost.exe1 Pfad des fehlerhaften Moduls: svchost.exe2 Berichtskennung: svchost.exe3 Vollständiger Name des fehlerhaften Pakets: svchost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5 Error: (05/28/2016 05:06:15 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (2788) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (05/28/2016 05:06:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAEL) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (05/28/2016 04:48:22 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: MICHAEL) Description: Die Anwendung oder der Dienst "PDFProFiltSrvPP" konnte nicht neu gestartet werden. Error: (05/28/2016 04:45:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.10586.0, Zeitstempel: 0x5632d75e Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a Ausnahmecode: 0xe06d7363 Fehleroffset: 0x000bdae8 ID des fehlerhaften Prozesses: 0x1dd8 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5 Error: (05/28/2016 03:42:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol). System Error: Přístup byl odepřen. . Error: (05/26/2016 11:33:44 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (05/26/2016 10:28:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Project64.exe, Version: 1.7.0.49, Zeitstempel: 0x46193957 Name des fehlerhaften Moduls: d3d8.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d6b6 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004d248 ID des fehlerhaften Prozesses: 0xcd4 Startzeit der fehlerhaften Anwendung: 0xProject64.exe0 Pfad der fehlerhaften Anwendung: Project64.exe1 Pfad des fehlerhaften Moduls: Project64.exe2 Berichtskennung: Project64.exe3 Vollständiger Name des fehlerhaften Pakets: Project64.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Project64.exe5 System errors: ============= Error: (05/30/2016 02:21:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (05/29/2016 07:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Přístup k uživatelským datům_d156d09" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restartovat službu. Error: (05/29/2016 07:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Úložiště uživatelských dat_d156d09" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restartovat službu. Error: (05/29/2016 07:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Data kontaktů_d156d09" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restartovat službu. Error: (05/29/2016 07:21:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Hostitel synchronizace_d156d09" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restartovat službu. Error: (05/29/2016 07:20:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k*dispoziciNení k*dispozici Error: (05/29/2016 07:09:31 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL) Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichaelMichael WiesnetS-1-5-21-266935871-3126198160-1505501671-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/29/2016 05:37:12 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL) Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichaelMichael WiesnetS-1-5-21-266935871-3126198160-1505501671-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/29/2016 05:37:12 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL) Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichaelMichael WiesnetS-1-5-21-266935871-3126198160-1505501671-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/29/2016 05:26:37 PM) (Source: DCOM) (EventID: 10016) (User: MICHAEL) Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MichaelMichael WiesnetS-1-5-21-266935871-3126198160-1505501671-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 CodeIntegrity: =================================== Date: 2016-05-16 17:56:27.394 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 12:53:46.693 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 14:38:38.545 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 14:06:58.630 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:05:09.186 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\usermgrcli.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:05:07.488 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:05:06.060 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\usermgrcli.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:04:54.971 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:04:54.515 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\usermgrcli.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-17 19:04:44.224 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\SysWOW64\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz Percentage of memory in use: 50% Total physical RAM: 8072.96 MB Available physical RAM: 4031.79 MB Total Virtual: 9352.96 MB Available Virtual: 5292.47 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.87 GB) (Free:552.26 GB) NTFS Drive d: (AOE3Y) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4032F9DB) Partition: GPT. ==================== End of Addition.txt ============================ Geändert von M-K-D-B (01.07.2017 um 10:16 Uhr) |
30.05.2016, 16:21 | #5 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Deine Auswahl an Sicherheitsprogrammen ist einerseits fragwürdig, in jedem Fall aber zuviel: Daher bitte PC Tools Spyware Doctor & Spybot - Search and Destroy deinstallieren. Anschließend: Schritt 1 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
30.05.2016, 17:39 | #6 |
| Viren,Trojaner,Würmer,Track cookies und Komische Programe. Hallo,deeprybka es hat nix gefunden und mein Norton scannt immer noch komische programme Ich habe es Deinstaliert den virenscanner aber TDSSKiller.exe hat auch nix gefunden :c |
30.05.2016, 18:02 | #7 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Bitte die Anweisungen befolgen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
30.05.2016, 18:09 | #8 |
| Viren,Trojaner,Würmer,Track cookies und Komische Programe. Ok ;D Diese Datei hat 98Kb 18:14:39.0241 0x0720 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 18:14:39.0241 0x0720 UEFI system 18:14:50.0968 0x0720 ============================================================ 18:14:50.0968 0x0720 Current date / time: 2016/05/30 18:14:50.0968 18:14:50.0968 0x0720 SystemInfo: 18:14:50.0969 0x0720 18:14:50.0969 0x0720 OS Version: 10.0.10586 ServicePack: 0.0 18:14:50.0969 0x0720 Product type: Workstation 18:14:50.0969 0x0720 ComputerName: MICHAEL 18:14:50.0969 0x0720 UserName: xxxxxxx 18:14:50.0969 0x0720 Windows directory: C:\WINDOWS 18:14:50.0969 0x0720 System windows directory: C:\WINDOWS 18:14:50.0969 0x0720 Running under WOW64 18:14:50.0969 0x0720 Processor architecture: Intel x64 18:14:50.0969 0x0720 Number of processors: 4 18:14:50.0969 0x0720 Page size: 0x1000 18:14:50.0969 0x0720 Boot type: Normal boot 18:14:50.0969 0x0720 ============================================================ 18:14:52.0950 0x0720 KLMD registered as C:\WINDOWS\system32\drivers\80868080.sys 18:14:57.0162 0x0720 System UUID: {33E572E2-680C-0351-10B0-AD8B8A3BD1D5} 18:15:05.0051 0x0720 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:15:05.0062 0x0720 ============================================================ 18:15:05.0062 0x0720 \Device\Harddisk0\DR0: 18:15:05.0063 0x0720 GPT partitions: 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0FBC97CE-ED13-4C9E-9836-61C5ADB112BF}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {0D14528F-B289-4E30-85E5-A0869C74C131}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CA820E09-00A6-4EEB-A824-DD672888AC0C}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {12FC2047-5921-4823-92A3-5CEEA51DB6F1}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A9D6DB15-8C98-4CCC-9096-587D22CD51E1}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0x72BBD000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BF4385EF-AD7F-4BC8-8A5F-DDFDFFDBE2D0}, Name: , StartLBA 0x72E00800, BlocksNum 0xE2000 18:15:05.0063 0x0720 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5C7ACB11-791F-402C-949E-5F2F072F0041}, Name: Microsoft recovery partition, StartLBA 0x72EE2800, BlocksNum 0x1823DB0 18:15:05.0063 0x0720 MBR partitions: 18:15:05.0063 0x0720 ============================================================ 18:15:05.0084 0x0720 C: <-> \Device\Harddisk0\DR0\Partition5 18:15:05.0085 0x0720 ============================================================ 18:15:05.0085 0x0720 Initialize success 18:15:05.0085 0x0720 ============================================================ 18:15:11.0763 0x1708 ============================================================ 18:15:11.0763 0x1708 Scan started 18:15:11.0763 0x1708 Mode: Manual; 18:15:11.0763 0x1708 ============================================================ 18:15:11.0763 0x1708 KSN ping started 18:15:14.0202 0x1708 KSN ping finished: true 18:15:17.0821 0x1708 ================ Scan system memory ======================== 18:15:17.0822 0x1708 System memory - ok 18:15:17.0823 0x1708 ================ Scan services ============================= 18:15:18.0051 0x1708 1394ohci - ok 18:15:18.0060 0x1708 3ware - ok 18:15:18.0108 0x1708 ACDaemon - ok 18:15:18.0122 0x1708 ACPI - ok 18:15:18.0130 0x1708 acpiex - ok 18:15:18.0139 0x1708 acpipagr - ok 18:15:18.0161 0x1708 AcpiPmi - ok 18:15:18.0173 0x1708 acpitime - ok 18:15:18.0184 0x1708 ADP80XX - ok 18:15:18.0203 0x1708 AFD - ok 18:15:18.0209 0x1708 agp440 - ok 18:15:18.0214 0x1708 ahcache - ok 18:15:18.0229 0x1708 AJRouter - ok 18:15:18.0242 0x1708 ALG - ok 18:15:18.0280 0x1708 [ 361AF7F2908DE1AD1EAC14C39AC8C55C, 573EBA181E5283DE7EC0197FFD0EC8696F7FA20395124716D3DEB9097AB1B9D2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 18:15:18.0290 0x1708 AMD External Events Utility - ok 18:15:18.0325 0x1708 AmdK8 - ok 18:15:18.0331 0x1708 amdkmdag - ok 18:15:18.0388 0x1708 [ 969C0A4A4923D5141F1A36A7CFE867C9, C3537822C746CBF2DC6BC3C28301942A8C227EAC6EEF7E58B975FF080243AF8B ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 18:15:18.0428 0x1708 amdkmdap - ok 18:15:18.0454 0x1708 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys 18:15:18.0458 0x1708 amdkmpfd - ok 18:15:18.0463 0x1708 AmdPPM - ok 18:15:18.0483 0x1708 amdsata - ok 18:15:18.0492 0x1708 amdsbs - ok 18:15:18.0501 0x1708 amdxata - ok 18:15:18.0520 0x1708 AppID - ok 18:15:18.0539 0x1708 AppIDSvc - ok 18:15:18.0547 0x1708 Appinfo - ok 18:15:18.0559 0x1708 AppReadiness - ok 18:15:18.0595 0x1708 AppXSvc - ok 18:15:18.0603 0x1708 arcsas - ok 18:15:18.0612 0x1708 AsyncMac - ok 18:15:18.0623 0x1708 atapi - ok 18:15:18.0805 0x1708 [ 35A831D8736ACC3D3BF38F5D4C4D03DF, 7A843A4D9E9DC5D7015BD4EDB41778BD0EAFA2A2A2BE135F080D26CB8C30FFF5 ] athr C:\WINDOWS\System32\drivers\athw10x.sys 18:15:18.0971 0x1708 athr - ok 18:15:18.0995 0x1708 AudioEndpointBuilder - ok 18:15:19.0011 0x1708 Audiosrv - ok 18:15:19.0027 0x1708 AxInstSV - ok 18:15:19.0035 0x1708 b06bdrv - ok 18:15:19.0047 0x1708 BasicDisplay - ok 18:15:19.0052 0x1708 BasicRender - ok 18:15:19.0090 0x1708 [ 47480F4260DAE9AA589BCAF924B3767A, 00C46D6714BE9B24682A953F0BC05004AEAC664073E0418DFF5CB9B738281993 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 18:15:19.0095 0x1708 BBSvc - ok 18:15:19.0123 0x1708 [ 6BF743CBF3BCD09DAB79245E60E1AE62, AF21BA914790B187ED32FB7A16586E371D803D167EFFC4949047FBAF74A782F3 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 18:15:19.0133 0x1708 BBUpdate - ok 18:15:19.0157 0x1708 bcmfn - ok 18:15:19.0164 0x1708 bcmfn2 - ok 18:15:19.0187 0x1708 BDESVC - ok 18:15:19.0202 0x1708 Beep - ok 18:15:19.0216 0x1708 BFE - ok 18:15:19.0396 0x1708 [ 4E8EF55692BDCB8BA97888877CD034AC, 050C73032D77D57E3B79D1BFB3F2D7F2E9CED1188F53576223FE10149D86AB6C ] BHDrvx64 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\BASHDefs\20160521.001\BHDrvx64.sys 18:15:19.0471 0x1708 BHDrvx64 - ok 18:15:19.0490 0x1708 BITS - ok 18:15:19.0493 0x1708 bowser - ok 18:15:19.0509 0x1708 BrokerInfrastructure - ok 18:15:19.0513 0x1708 Browser - ok 18:15:19.0554 0x1708 [ 57F267C0299427A6DC4C5533D1ED01DB, 6D005F994987D491E8E9FD2AEE5A3635CD2E521EDE2C28406E45556DD7A6DD42 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 18:15:19.0564 0x1708 BstHdAndroidSvc - ok 18:15:19.0589 0x1708 [ 521F0F928670824951610ABDB05531B5, F28120D3F99129666C7E9CE55943806BFE69415C36F564F5BFD95E61975018DB ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 18:15:19.0593 0x1708 BstHdDrv - ok 18:15:19.0627 0x1708 [ 7CECE5817BCD4764971B479650BA7DB9, 32C4B8F85787C14C5B176D593FF0EE52020FAA29DB7D7070D93DA7B254CDE783 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 18:15:19.0633 0x1708 BstHdLogRotatorSvc - ok 18:15:19.0653 0x1708 [ F837C220F45BC668AD1996FA6B223B3A, 6B15934C24FCBA762977FB914EB0C4D38B2E2B41EB9AB4B1563B1D2B56259563 ] BstHdPlusAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe 18:15:19.0662 0x1708 BstHdPlusAndroidSvc - ok 18:15:19.0712 0x1708 [ ADDAC56B39B81B84BC47C4DA0289BB57, 02EE703653F0A1375B4B0EC412988ECC5C141935B787F1992BAE7D4CBFACA517 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe 18:15:19.0767 0x1708 BstHdUpdaterSvc - ok 18:15:19.0794 0x1708 [ B6FC31F187DA42B7F3AB036030F82426, 0899A947589DD98B3169C54C3715E16731C2FF38CD159C55028C20741CB58E5E ] BstkDrv C:\Program Files (x86)\BlueStacks\BstkDrv.sys 18:15:19.0805 0x1708 BstkDrv - ok 18:15:19.0857 0x1708 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys 18:15:19.0892 0x1708 BtFilter - ok 18:15:19.0910 0x1708 BthA2DP - ok 18:15:19.0923 0x1708 BthAvrcpTg - ok 18:15:19.0947 0x1708 BthEnum - ok 18:15:19.0966 0x1708 BthHFAud - ok 18:15:19.0973 0x1708 BthHFEnum - ok 18:15:19.0980 0x1708 bthhfhid - ok 18:15:19.0991 0x1708 BthHFSrv - ok 18:15:20.0013 0x1708 BthLEEnum - ok 18:15:20.0020 0x1708 BTHMODEM - ok 18:15:20.0026 0x1708 BthPan - ok 18:15:20.0049 0x1708 BTHPORT - ok 18:15:20.0058 0x1708 bthserv - ok 18:15:20.0069 0x1708 BTHUSB - ok 18:15:20.0088 0x1708 buttonconverter - ok 18:15:20.0323 0x1708 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe 18:15:20.0348 0x1708 c2cautoupdatesvc - ok 18:15:20.0445 0x1708 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 18:15:20.0474 0x1708 c2cpnrsvc - ok 18:15:20.0484 0x1708 CapImg - ok 18:15:20.0530 0x1708 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NAV C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys 18:15:20.0535 0x1708 ccSet_NAV - ok 18:15:20.0552 0x1708 cdfs - ok 18:15:20.0567 0x1708 CDPSvc - ok 18:15:20.0571 0x1708 cdrom - ok 18:15:20.0575 0x1708 CertPropSvc - ok 18:15:20.0586 0x1708 circlass - ok 18:15:20.0591 0x1708 CLFS - ok 18:15:20.0600 0x1708 ClipSVC - ok 18:15:20.0636 0x1708 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 18:15:20.0639 0x1708 CLVirtualDrive - ok 18:15:20.0644 0x1708 CmBatt - ok 18:15:20.0661 0x1708 CNG - ok 18:15:20.0666 0x1708 cnghwassist - ok 18:15:20.0722 0x1708 CompositeBus - ok 18:15:20.0733 0x1708 COMSysApp - ok 18:15:20.0752 0x1708 condrv - ok 18:15:20.0774 0x1708 CoreMessagingRegistrar - ok 18:15:20.0889 0x1708 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 18:15:20.0936 0x1708 cphs - ok 18:15:20.0966 0x1708 CryptSvc - ok 18:15:20.0997 0x1708 dam - ok 18:15:21.0013 0x1708 dc1-controller - ok 18:15:21.0036 0x1708 DcomLaunch - ok 18:15:21.0060 0x1708 DcpSvc - ok 18:15:21.0077 0x1708 defragsvc - ok 18:15:21.0146 0x1708 [ 2E19CAEACBBCB68B2338D936D64EA012, 840BD87697D2A11A959E57F695E2E3546555E0C82E812BD30750E3F5BCE7A51F ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 18:15:21.0158 0x1708 DellDigitalDelivery - ok 18:15:21.0195 0x1708 [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn C:\WINDOWS\System32\drivers\DellRbtn.sys 18:15:21.0197 0x1708 DellRbtn - ok 18:15:21.0215 0x1708 DeviceAssociationService - ok 18:15:21.0229 0x1708 DeviceInstall - ok 18:15:21.0238 0x1708 DevQueryBroker - ok 18:15:21.0255 0x1708 Dfsc - ok 18:15:21.0292 0x1708 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 18:15:21.0319 0x1708 dg_ssudbus - ok 18:15:21.0342 0x1708 Dhcp - ok 18:15:21.0400 0x1708 diagnosticshub.standardcollector.service - ok 18:15:21.0426 0x1708 DiagTrack - ok 18:15:21.0449 0x1708 disk - ok 18:15:21.0520 0x1708 [ E2139058E226D4B7C028ED3D433BDD3E, CF00D0AD515F495573BFAE4E514CAC97FB4CB7977D6A8DD9EEEEDD00BC25AA43 ] DLNBDB C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1db.exe 18:15:21.0534 0x1708 DLNBDB - ok 18:15:21.0563 0x1708 DmEnrollmentSvc - ok 18:15:21.0594 0x1708 dmvsc - ok 18:15:21.0616 0x1708 dmwappushservice - ok 18:15:21.0642 0x1708 Dnscache - ok 18:15:21.0667 0x1708 dot3svc - ok 18:15:21.0681 0x1708 DPS - ok 18:15:21.0721 0x1708 drmkaud - ok 18:15:21.0747 0x1708 DsmSvc - ok 18:15:21.0772 0x1708 DsSvc - ok 18:15:21.0802 0x1708 DXGKrnl - ok 18:15:21.0830 0x1708 Eaphost - ok 18:15:21.0871 0x1708 ebdrv - ok 18:15:22.0026 0x1708 [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 18:15:22.0075 0x1708 eeCtrl - ok 18:15:22.0107 0x1708 EFS - ok 18:15:22.0125 0x1708 EhStorClass - ok 18:15:22.0143 0x1708 EhStorTcgDrv - ok 18:15:22.0171 0x1708 embeddedmode - ok 18:15:22.0187 0x1708 EntAppSvc - ok 18:15:22.0232 0x1708 [ CA4ADE6C3929B70317BFDDF9ABBFE0CE, 824F3D26FDFBA38A5191C78E68379D48C915FB6F82BD353A1D5416537F8A0A42 ] epp64 C:\WINDOWS\system32\DRIVERS\epp64.sys 18:15:22.0264 0x1708 epp64 - ok 18:15:22.0311 0x1708 [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:15:22.0323 0x1708 EraserUtilRebootDrv - ok 18:15:22.0339 0x1708 ErrDev - ok 18:15:22.0383 0x1708 EventSystem - ok 18:15:22.0413 0x1708 exfat - ok 18:15:22.0448 0x1708 fastfat - ok 18:15:22.0463 0x1708 Fax - ok 18:15:22.0473 0x1708 fdc - ok 18:15:22.0484 0x1708 fdPHost - ok 18:15:22.0493 0x1708 FDResPub - ok 18:15:22.0504 0x1708 fhsvc - ok 18:15:22.0521 0x1708 FileCrypt - ok 18:15:22.0532 0x1708 FileInfo - ok 18:15:22.0542 0x1708 Filetrace - ok 18:15:22.0553 0x1708 flpydisk - ok 18:15:22.0564 0x1708 FltMgr - ok 18:15:22.0574 0x1708 FontCache - ok 18:15:22.0670 0x1708 FontCache3.0.0.0 - ok 18:15:22.0685 0x1708 FsDepends - ok 18:15:22.0701 0x1708 Fs_Rec - ok 18:15:22.0726 0x1708 fvevol - ok 18:15:22.0743 0x1708 gagp30kx - ok 18:15:22.0781 0x1708 gencounter - ok 18:15:22.0813 0x1708 genericusbfn - ok 18:15:22.0832 0x1708 GPIOClx0101 - ok 18:15:22.0860 0x1708 gpsvc - ok 18:15:22.0890 0x1708 GpuEnergyDrv - ok 18:15:22.0965 0x1708 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:15:22.0974 0x1708 gupdate - ok 18:15:22.0999 0x1708 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:15:23.0008 0x1708 gupdatem - ok 18:15:23.0051 0x1708 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\System32\drivers\Hamdrv.sys 18:15:23.0056 0x1708 Hamachi - ok 18:15:23.0220 0x1708 [ C0702639ADE5C6D9CD27FD604146A6D4, C239F116C9BA7CA4891BDAA3DE808E1B7859B7B2FD8E642396DBB42A52AAD364 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 18:15:23.0258 0x1708 Hamachi2Svc - ok 18:15:23.0275 0x1708 HDAudBus - ok 18:15:23.0281 0x1708 HidBatt - ok 18:15:23.0287 0x1708 HidBth - ok 18:15:23.0292 0x1708 hidi2c - ok 18:15:23.0321 0x1708 hidinterrupt - ok 18:15:23.0332 0x1708 HidIr - ok 18:15:23.0347 0x1708 hidserv - ok 18:15:23.0397 0x1708 HidUsb - ok 18:15:23.0453 0x1708 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys 18:15:23.0478 0x1708 HipShieldK - ok 18:15:23.0512 0x1708 HomeGroupListener - ok 18:15:23.0541 0x1708 HomeGroupProvider - ok 18:15:23.0560 0x1708 HpSAMD - ok 18:15:23.0583 0x1708 HTTP - ok 18:15:23.0609 0x1708 hwpolicy - ok 18:15:23.0631 0x1708 hyperkbd - ok 18:15:23.0644 0x1708 i8042prt - ok 18:15:23.0654 0x1708 iai2c - ok 18:15:23.0675 0x1708 iaLPSS2i_I2C - ok 18:15:23.0686 0x1708 iaLPSSi_GPIO - ok 18:15:23.0698 0x1708 iaLPSSi_I2C - ok 18:15:23.0753 0x1708 [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 18:15:23.0776 0x1708 iaStorA - ok 18:15:23.0789 0x1708 iaStorAV - ok 18:15:23.0802 0x1708 iaStorV - ok 18:15:23.0813 0x1708 ibbus - ok 18:15:23.0834 0x1708 icssvc - ok 18:15:23.0992 0x1708 [ BD14C02A9F388CB29620FF68AB6979AD, 1610C888002E1118DFEF86E27462FDBB1F625BD298FC4FCD033FBC76D54EC35E ] IDSVia64 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\IPSDefs\20160527.001\IDSvia64.sys 18:15:24.0058 0x1708 IDSVia64 - ok 18:15:24.0070 0x1708 IEEtwCollectorService - ok 18:15:24.0316 0x1708 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 18:15:24.0554 0x1708 igfx - ok 18:15:24.0597 0x1708 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 18:15:24.0605 0x1708 igfxCUIService2.0.0.0 - ok 18:15:24.0620 0x1708 IKEEXT - ok 18:15:24.0646 0x1708 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 18:15:24.0649 0x1708 intaud_WaveExtensible - ok 18:15:24.0839 0x1708 [ 48AC5F706780BCC34811EA89A0727189, F76EC13A5A0FD24D9B63B7546FF749739022D1785357AD06E3FAA7F608E8C714 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 18:15:24.0947 0x1708 IntcAzAudAddService - ok 18:15:24.0998 0x1708 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 18:15:25.0019 0x1708 IntcDAud - ok 18:15:25.0029 0x1708 intelide - ok 18:15:25.0034 0x1708 intelpep - ok 18:15:25.0047 0x1708 intelppm - ok 18:15:25.0052 0x1708 IoQos - ok 18:15:25.0058 0x1708 IpFilterDriver - ok 18:15:25.0077 0x1708 iphlpsvc - ok 18:15:25.0083 0x1708 IPMIDRV - ok 18:15:25.0089 0x1708 IPNAT - ok 18:15:25.0103 0x1708 IRENUM - ok 18:15:25.0110 0x1708 isapnp - ok 18:15:25.0116 0x1708 iScsiPrt - ok 18:15:25.0140 0x1708 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 18:15:25.0143 0x1708 iwdbus - ok 18:15:25.0148 0x1708 kbdclass - ok 18:15:25.0154 0x1708 kbdhid - ok 18:15:25.0161 0x1708 kdnic - ok 18:15:25.0167 0x1708 KeyIso - ok 18:15:25.0173 0x1708 KSecDD - ok 18:15:25.0190 0x1708 KSecPkg - ok 18:15:25.0197 0x1708 ksthunk - ok 18:15:25.0212 0x1708 KtmRm - ok 18:15:25.0245 0x1708 LanmanServer - ok 18:15:25.0252 0x1708 LanmanWorkstation - ok 18:15:25.0269 0x1708 lfsvc - ok 18:15:25.0283 0x1708 LicenseManager - ok 18:15:25.0291 0x1708 lltdio - ok 18:15:25.0297 0x1708 lltdsvc - ok 18:15:25.0320 0x1708 lmhosts - ok 18:15:25.0363 0x1708 [ 58FA4A9CC1F6406B6B9FA57415989123, 8DA00EA4EECC6FA9A35CBA36551D22BE1B36EE41BB000085D83ADF433781A09E ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 18:15:25.0379 0x1708 LMIGuardianSvc - ok 18:15:25.0401 0x1708 LSI_SAS - ok 18:15:25.0414 0x1708 LSI_SAS2i - ok 18:15:25.0420 0x1708 LSI_SAS3i - ok 18:15:25.0427 0x1708 LSI_SSS - ok 18:15:25.0433 0x1708 LSM - ok 18:15:25.0446 0x1708 luafv - ok 18:15:25.0466 0x1708 MapsBroker - ok 18:15:25.0534 0x1708 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 18:15:25.0543 0x1708 MBAMProtector - ok 18:15:25.0691 0x1708 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 18:15:25.0721 0x1708 MBAMScheduler - ok 18:15:25.0791 0x1708 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 18:15:25.0810 0x1708 MBAMService - ok 18:15:25.0834 0x1708 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 18:15:25.0838 0x1708 MBAMSwissArmy - ok 18:15:25.0875 0x1708 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys 18:15:25.0878 0x1708 MBAMWebAccessControl - ok 18:15:25.0900 0x1708 megasas - ok 18:15:25.0906 0x1708 megasr - ok 18:15:25.0930 0x1708 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 18:15:25.0933 0x1708 MEIx64 - ok 18:15:25.0956 0x1708 MessagingService - ok 18:15:26.0106 0x1708 [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys 18:15:26.0140 0x1708 mfencbdc - ok 18:15:26.0169 0x1708 [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys 18:15:26.0176 0x1708 mfencrk - ok 18:15:26.0186 0x1708 mlx4_bus - ok 18:15:26.0210 0x1708 MMCSS - ok 18:15:26.0221 0x1708 Modem - ok 18:15:26.0233 0x1708 monitor - ok 18:15:26.0254 0x1708 mouclass - ok 18:15:26.0267 0x1708 mouhid - ok 18:15:26.0279 0x1708 mountmgr - ok 18:15:26.0290 0x1708 mpsdrv - ok 18:15:26.0306 0x1708 MpsSvc - ok 18:15:26.0333 0x1708 MRxDAV - ok 18:15:26.0357 0x1708 mrxsmb - ok 18:15:26.0377 0x1708 mrxsmb10 - ok 18:15:26.0388 0x1708 mrxsmb20 - ok 18:15:26.0401 0x1708 MsBridge - ok 18:15:26.0427 0x1708 MSDTC - ok 18:15:26.0456 0x1708 Msfs - ok 18:15:26.0488 0x1708 msgpiowin32 - ok 18:15:26.0514 0x1708 mshidkmdf - ok 18:15:26.0554 0x1708 mshidumdf - ok 18:15:26.0582 0x1708 msisadrv - ok 18:15:26.0617 0x1708 MSiSCSI - ok 18:15:26.0640 0x1708 msiserver - ok 18:15:26.0680 0x1708 MSKSSRV - ok 18:15:26.0699 0x1708 MsLldp - ok 18:15:26.0713 0x1708 MSPCLOCK - ok 18:15:26.0728 0x1708 MSPQM - ok 18:15:26.0752 0x1708 MsRPC - ok 18:15:26.0792 0x1708 mssmbios - ok 18:15:26.0818 0x1708 MSTEE - ok 18:15:26.0844 0x1708 MTConfig - ok 18:15:26.0871 0x1708 Mup - ok 18:15:26.0897 0x1708 mvumis - ok 18:15:26.0933 0x1708 NativeWifiP - ok 18:15:27.0018 0x1708 [ 4BDA87D35257827AC6D7E7E83A7BBC0E, C03CE40EEEF08961EC99C38B22D00923A7C71BA06E17D0F2C065D5E1FC6F4B96 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe 18:15:27.0035 0x1708 NAV - ok 18:15:27.0114 0x1708 [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160529.019\ENG64.SYS 18:15:27.0123 0x1708 NAVENG - ok 18:15:27.0263 0x1708 [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160529.019\EX64.SYS 18:15:27.0295 0x1708 NAVEX15 - ok 18:15:27.0319 0x1708 NcaSvc - ok 18:15:27.0340 0x1708 NcbService - ok 18:15:27.0347 0x1708 NcdAutoSetup - ok 18:15:27.0361 0x1708 ndfltr - ok 18:15:27.0369 0x1708 NDIS - ok 18:15:27.0384 0x1708 NdisCap - ok 18:15:27.0400 0x1708 NdisImPlatform - ok 18:15:27.0417 0x1708 NdisTapi - ok 18:15:27.0435 0x1708 Ndisuio - ok 18:15:27.0448 0x1708 NdisVirtualBus - ok 18:15:27.0456 0x1708 NdisWan - ok 18:15:27.0464 0x1708 ndiswanlegacy - ok 18:15:27.0472 0x1708 ndproxy - ok 18:15:27.0481 0x1708 Ndu - ok 18:15:27.0488 0x1708 NetBIOS - ok 18:15:27.0501 0x1708 NetBT - ok 18:15:27.0511 0x1708 Netlogon - ok 18:15:27.0534 0x1708 Netman - ok 18:15:27.0551 0x1708 netprofm - ok 18:15:27.0591 0x1708 NetSetupSvc - ok 18:15:27.0636 0x1708 NetTcpPortSharing - ok 18:15:27.0682 0x1708 NgcCtnrSvc - ok 18:15:27.0701 0x1708 NgcSvc - ok 18:15:27.0723 0x1708 NlaSvc - ok 18:15:27.0749 0x1708 Npfs - ok 18:15:27.0784 0x1708 npsvctrig - ok 18:15:27.0802 0x1708 nsi - ok 18:15:27.0821 0x1708 nsiproxy - ok 18:15:27.0859 0x1708 NTFS - ok 18:15:27.0876 0x1708 Null - ok 18:15:27.0893 0x1708 nvraid - ok 18:15:27.0909 0x1708 nvstor - ok 18:15:27.0926 0x1708 nv_agp - ok 18:15:27.0948 0x1708 OneSyncSvc - ok 18:15:28.0055 0x1708 p2pimsvc - ok 18:15:28.0075 0x1708 p2psvc - ok 18:15:28.0135 0x1708 Parport - ok 18:15:28.0160 0x1708 partmgr - ok 18:15:28.0186 0x1708 PcaSvc - ok 18:15:28.0217 0x1708 pci - ok 18:15:28.0244 0x1708 pciide - ok 18:15:28.0271 0x1708 pcmcia - ok 18:15:28.0338 0x1708 [ 51019118F4715E6DA58B3372246C281A, 3270DD3EC24015DE32E4670A9F16D5E0B491F96C5968FDC293D9F1A6F226A5AE ] PCTBD C:\WINDOWS\system32\Drivers\PCTBD64.sys 18:15:28.0347 0x1708 PCTBD - ok 18:15:28.0387 0x1708 PCTCore - ok 18:15:28.0471 0x1708 [ BA1F42A42F405F62CEFF6B69A2797F7C, 76706AF1D2935DA89883B718E575A2E4AFBD9295E0EB366B14506A60D19D2993 ] pctDS C:\WINDOWS\system32\drivers\pctDS64.sys 18:15:28.0507 0x1708 pctDS - ok 18:15:28.0624 0x1708 [ 146CC91C93CED13E7FE40E8D8615BE39, 5088609B7218A4634855A7C9163C0F774B5D4A89E17462F671582C1814D5EBA3 ] pctEFA C:\WINDOWS\system32\drivers\pctEFA64.sys 18:15:28.0678 0x1708 pctEFA - ok 18:15:28.0715 0x1708 [ E5F6DA5B178028A750C5B8D7B09B3383, 35CE64D4BC4B69AB39883AE03D62E29E511A6432777FCCC093F581D91BFFA631 ] pctgntdi C:\Windows\System32\drivers\pctgntdi64.sys 18:15:28.0727 0x1708 pctgntdi - ok 18:15:28.0774 0x1708 [ DB2BA2D9585101947C5A60D785A63491, 45FFB0CC6C14CDA90B18E59A3BD51E969AD0927E958DFC46B1DA6D5BB45DB62B ] PCTSD C:\WINDOWS\system32\Drivers\PCTSD64.sys 18:15:28.0814 0x1708 PCTSD - ok 18:15:28.0840 0x1708 pcw - ok 18:15:28.0868 0x1708 pdc - ok 18:15:28.0889 0x1708 PEAUTH - ok 18:15:28.0923 0x1708 percsas2i - ok 18:15:28.0939 0x1708 percsas3i - ok 18:15:29.0041 0x1708 PerfHost - ok 18:15:29.0110 0x1708 PhoneSvc - ok 18:15:29.0129 0x1708 PimIndexMaintenanceSvc - ok 18:15:29.0194 0x1708 pla - ok 18:15:29.0210 0x1708 PlugPlay - ok 18:15:29.0222 0x1708 PNRPAutoReg - ok 18:15:29.0230 0x1708 PNRPsvc - ok 18:15:29.0247 0x1708 PolicyAgent - ok 18:15:29.0262 0x1708 Power - ok 18:15:29.0277 0x1708 PptpMiniport - ok 18:15:29.0490 0x1708 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 18:15:29.0615 0x1708 PrintNotify - ok 18:15:29.0641 0x1708 Processor - ok 18:15:29.0658 0x1708 ProfSvc - ok 18:15:29.0667 0x1708 Psched - ok 18:15:29.0685 0x1708 QWAVE - ok 18:15:29.0698 0x1708 QWAVEdrv - ok 18:15:29.0738 0x1708 RasAcd - ok 18:15:29.0774 0x1708 RasAgileVpn - ok 18:15:29.0803 0x1708 RasAuto - ok 18:15:29.0852 0x1708 Rasl2tp - ok 18:15:29.0893 0x1708 RasMan - ok 18:15:29.0924 0x1708 RasPppoe - ok 18:15:29.0946 0x1708 RasSstp - ok 18:15:29.0963 0x1708 rdbss - ok 18:15:29.0979 0x1708 rdpbus - ok 18:15:29.0996 0x1708 RDPDR - ok 18:15:30.0022 0x1708 RdpVideoMiniport - ok 18:15:30.0031 0x1708 rdyboost - ok 18:15:30.0040 0x1708 ReFSv1 - ok 18:15:30.0059 0x1708 RemoteAccess - ok 18:15:30.0073 0x1708 RemoteRegistry - ok 18:15:30.0102 0x1708 RetailDemo - ok 18:15:30.0141 0x1708 RFCOMM - ok 18:15:30.0279 0x1708 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 18:15:30.0293 0x1708 RichVideo - ok 18:15:30.0325 0x1708 RpcEptMapper - ok 18:15:30.0346 0x1708 RpcLocator - ok 18:15:30.0364 0x1708 RpcSs - ok 18:15:30.0384 0x1708 rspndr - ok 18:15:30.0474 0x1708 [ EFC1803A4EED1E15A698721D873931B9, 364CE1BBF5E375C341D03067DB3484C8E0652F8BE7C030867F8883F13910278A ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 18:15:30.0525 0x1708 rt640x64 - ok 18:15:30.0612 0x1708 [ DBE1ADA144291F8E0F29ECC40AE14562, D85E5F698EFC6B2374FB330BE4C6828AA3E1A87D3F08BB855A790A5113D5ED5B ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 18:15:30.0629 0x1708 RtkAudioService - ok 18:15:30.0686 0x1708 [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 18:15:30.0717 0x1708 RTSUER - ok 18:15:30.0750 0x1708 s3cap - ok 18:15:30.0774 0x1708 SamSs - ok 18:15:30.0805 0x1708 sbp2port - ok 18:15:30.0827 0x1708 SCardSvr - ok 18:15:30.0847 0x1708 ScDeviceEnum - ok 18:15:30.0871 0x1708 scfilter - ok 18:15:30.0914 0x1708 Schedule - ok 18:15:30.0940 0x1708 SCPolicySvc - ok 18:15:30.0963 0x1708 sdbus - ok 18:15:30.0983 0x1708 SDRSVC - ok 18:15:31.0130 0x1708 [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 18:15:31.0157 0x1708 SDScannerService - ok 18:15:31.0177 0x1708 sdstor - ok 18:15:31.0293 0x1708 [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 18:15:31.0321 0x1708 SDUpdateService - ok 18:15:31.0362 0x1708 [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 18:15:31.0366 0x1708 SDWSCService - ok 18:15:31.0391 0x1708 seclogon - ok 18:15:31.0403 0x1708 SENS - ok 18:15:31.0422 0x1708 SensorDataService - ok 18:15:31.0456 0x1708 SensorService - ok 18:15:31.0465 0x1708 SensrSvc - ok 18:15:31.0503 0x1708 SerCx - ok 18:15:31.0534 0x1708 SerCx2 - ok 18:15:31.0589 0x1708 Serenum - ok 18:15:31.0624 0x1708 Serial - ok 18:15:31.0654 0x1708 sermouse - ok 18:15:31.0722 0x1708 SessionEnv - ok 18:15:31.0731 0x1708 sfloppy - ok 18:15:31.0749 0x1708 SharedAccess - ok 18:15:31.0760 0x1708 ShellHWDetection - ok 18:15:31.0769 0x1708 SiSRaid2 - ok 18:15:31.0778 0x1708 SiSRaid4 - ok 18:15:31.0872 0x1708 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:15:31.0887 0x1708 SkypeUpdate - ok 18:15:31.0935 0x1708 [ A65BFE4307A81A8EEA1B8B4C93DF31EB, FF6A1C488157324952E4E6FD765AFDC2DE3301A0FF5C91741F75CA542008D694 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 18:15:31.0941 0x1708 SmbDrv - ok 18:15:31.0996 0x1708 [ 62816EB96E4B041EB6B69EE83D9E828F, BC2EE45969AF056FEE94D741D3843CBF12ED2921E36C5240B09F83A6EB343A74 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 18:15:32.0003 0x1708 SmbDrvI - ok 18:15:32.0042 0x1708 smphost - ok 18:15:32.0084 0x1708 SmsRouter - ok 18:15:32.0153 0x1708 SNMPTRAP - ok 18:15:32.0201 0x1708 spaceport - ok 18:15:32.0245 0x1708 SpbCx - ok 18:15:32.0291 0x1708 Spooler - ok 18:15:32.0310 0x1708 sppsvc - ok 18:15:32.0404 0x1708 [ D6786650A26543FFF83806057458B96E, 1002A5E6338255ACF9E7DD901378CB8BCE0FC6A7503C6D78EEBF8BAD619ECBC4 ] SRTSP C:\WINDOWS\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS 18:15:32.0449 0x1708 SRTSP - ok 18:15:32.0493 0x1708 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS 18:15:32.0498 0x1708 SRTSPX - ok 18:15:32.0529 0x1708 srv - ok 18:15:32.0561 0x1708 srv2 - ok 18:15:32.0610 0x1708 srvnet - ok 18:15:32.0647 0x1708 SSDPSRV - ok 18:15:32.0685 0x1708 SstpSvc - ok 18:15:32.0763 0x1708 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 18:15:32.0804 0x1708 ssudmdm - ok 18:15:32.0851 0x1708 StateRepository - ok 18:15:33.0002 0x1708 [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 18:15:33.0027 0x1708 Steam Client Service - ok 18:15:33.0036 0x1708 stexstor - ok 18:15:33.0069 0x1708 stisvc - ok 18:15:33.0079 0x1708 storahci - ok 18:15:33.0096 0x1708 storflt - ok 18:15:33.0107 0x1708 stornvme - ok 18:15:33.0116 0x1708 storqosflt - ok 18:15:33.0132 0x1708 StorSvc - ok 18:15:33.0142 0x1708 storufs - ok 18:15:33.0151 0x1708 storvsc - ok 18:15:33.0171 0x1708 svsvc - ok 18:15:33.0181 0x1708 swenum - ok 18:15:33.0192 0x1708 swprv - ok 18:15:33.0254 0x1708 [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS 18:15:33.0342 0x1708 SymEFASI - ok 18:15:33.0393 0x1708 [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SymELAM.sys 18:15:33.0409 0x1708 SymELAM - ok 18:15:33.0471 0x1708 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 18:15:33.0482 0x1708 SymEvent - ok 18:15:33.0544 0x1708 [ EC8538693C84E5B85014CB0F4174A8B7, 570D4193A5616A65962D086048D51C37BE166B77ED7293DF3E8871A502831261 ] SymIRON C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS 18:15:33.0557 0x1708 SymIRON - ok 18:15:33.0593 0x1708 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\WINDOWS\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS 18:15:33.0604 0x1708 SymNetS - ok 18:15:33.0651 0x1708 Synth3dVsc - ok 18:15:33.0718 0x1708 [ D4A7C0244550E478991A3C6F18596C9F, C2C991FEBA1526E409B60038F06B4D22E618278594528A1032B14401F835855F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 18:15:33.0754 0x1708 SynTP - ok 18:15:33.0810 0x1708 SysMain - ok 18:15:33.0852 0x1708 SystemEventsBroker - ok 18:15:33.0873 0x1708 TabletInputService - ok 18:15:33.0893 0x1708 TapiSrv - ok 18:15:33.0909 0x1708 Tcpip - ok 18:15:33.0921 0x1708 Tcpip6 - ok 18:15:33.0949 0x1708 tcpipreg - ok 18:15:33.0978 0x1708 tdx - ok 18:15:33.0989 0x1708 terminpt - ok 18:15:33.0999 0x1708 TermService - ok 18:15:34.0010 0x1708 Themes - ok 18:15:34.0024 0x1708 TieringEngineService - ok 18:15:34.0044 0x1708 tiledatamodelsvc - ok 18:15:34.0077 0x1708 TimeBroker - ok 18:15:34.0103 0x1708 TPM - ok 18:15:34.0117 0x1708 TrkWks - ok 18:15:34.0151 0x1708 TrustedInstaller - ok 18:15:34.0182 0x1708 tsusbflt - ok 18:15:34.0224 0x1708 TsUsbGD - ok 18:15:34.0245 0x1708 tunnel - ok 18:15:34.0295 0x1708 tzautoupdate - ok 18:15:34.0336 0x1708 uagp35 - ok 18:15:34.0369 0x1708 UASPStor - ok 18:15:34.0403 0x1708 UcmCx0101 - ok 18:15:34.0425 0x1708 UcmUcsi - ok 18:15:34.0442 0x1708 Ucx01000 - ok 18:15:34.0452 0x1708 UdeCx - ok 18:15:34.0462 0x1708 udfs - ok 18:15:34.0473 0x1708 UEFI - ok 18:15:34.0484 0x1708 Ufx01000 - ok 18:15:34.0494 0x1708 UfxChipidea - ok 18:15:34.0506 0x1708 ufxsynopsys - ok 18:15:34.0545 0x1708 UI0Detect - ok 18:15:34.0556 0x1708 uliagpkx - ok 18:15:34.0566 0x1708 umbus - ok 18:15:34.0577 0x1708 UmPass - ok 18:15:34.0593 0x1708 UmRdpService - ok 18:15:34.0616 0x1708 UnistoreSvc - ok 18:15:34.0705 0x1708 upnphost - ok 18:15:34.0736 0x1708 UrsChipidea - ok 18:15:34.0760 0x1708 UrsCx01000 - ok 18:15:34.0779 0x1708 UrsSynopsys - ok 18:15:34.0790 0x1708 usbccgp - ok 18:15:34.0800 0x1708 usbcir - ok 18:15:34.0823 0x1708 usbehci - ok 18:15:34.0839 0x1708 usbhub - ok 18:15:34.0851 0x1708 USBHUB3 - ok 18:15:34.0862 0x1708 usbohci - ok 18:15:34.0872 0x1708 usbprint - ok 18:15:34.0908 0x1708 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 18:15:34.0911 0x1708 usbscan - ok 18:15:34.0935 0x1708 usbser - ok 18:15:34.0956 0x1708 USBSTOR - ok 18:15:34.0967 0x1708 usbuhci - ok 18:15:34.0978 0x1708 usbvideo - ok 18:15:34.0993 0x1708 USBXHCI - ok 18:15:35.0019 0x1708 UserDataSvc - ok 18:15:35.0207 0x1708 UserManager - ok 18:15:35.0237 0x1708 UsoSvc - ok 18:15:35.0259 0x1708 VaultSvc - ok 18:15:35.0289 0x1708 vdrvroot - ok 18:15:35.0325 0x1708 vds - ok 18:15:35.0348 0x1708 VerifierExt - ok 18:15:35.0371 0x1708 vhdmp - ok 18:15:35.0393 0x1708 vhf - ok 18:15:35.0419 0x1708 vmbus - ok 18:15:35.0441 0x1708 VMBusHID - ok 18:15:35.0480 0x1708 vmicguestinterface - ok 18:15:35.0518 0x1708 vmicheartbeat - ok 18:15:35.0557 0x1708 vmickvpexchange - ok 18:15:35.0587 0x1708 vmicrdv - ok 18:15:35.0608 0x1708 vmicshutdown - ok 18:15:35.0620 0x1708 vmictimesync - ok 18:15:35.0632 0x1708 vmicvmsession - ok 18:15:35.0642 0x1708 vmicvss - ok 18:15:35.0653 0x1708 volmgr - ok 18:15:35.0666 0x1708 volmgrx - ok 18:15:35.0677 0x1708 volsnap - ok 18:15:35.0698 0x1708 vpci - ok 18:15:35.0710 0x1708 vsmraid - ok 18:15:35.0721 0x1708 VSS - ok 18:15:35.0733 0x1708 VSTXRAID - ok 18:15:35.0747 0x1708 vwifibus - ok 18:15:35.0758 0x1708 vwififlt - ok 18:15:35.0770 0x1708 vwifimp - ok 18:15:35.0798 0x1708 W32Time - ok 18:15:35.0808 0x1708 WacomPen - ok 18:15:35.0825 0x1708 WalletService - ok 18:15:35.0838 0x1708 wanarp - ok 18:15:35.0853 0x1708 wanarpv6 - ok 18:15:35.0865 0x1708 wbengine - ok 18:15:35.0880 0x1708 WbioSrvc - ok 18:15:35.0905 0x1708 Wcmsvc - ok 18:15:35.0917 0x1708 wcncsvc - ok 18:15:35.0928 0x1708 WcsPlugInService - ok 18:15:35.0939 0x1708 WdBoot - ok 18:15:35.0953 0x1708 Wdf01000 - ok 18:15:35.0975 0x1708 WdFilter - ok 18:15:35.0988 0x1708 WdiServiceHost - ok 18:15:35.0999 0x1708 WdiSystemHost - ok 18:15:36.0022 0x1708 wdiwifi - ok 18:15:36.0034 0x1708 WdNisDrv - ok 18:15:36.0059 0x1708 WdNisSvc - ok 18:15:36.0099 0x1708 WebClient - ok 18:15:36.0136 0x1708 Wecsvc - ok 18:15:36.0170 0x1708 WEPHOSTSVC - ok 18:15:36.0195 0x1708 wercplsupport - ok 18:15:36.0218 0x1708 WerSvc - ok 18:15:36.0254 0x1708 WFPLWFS - ok 18:15:36.0269 0x1708 WiaRpc - ok 18:15:36.0299 0x1708 WIMMount - ok 18:15:36.0309 0x1708 WinDefend - ok 18:15:36.0341 0x1708 WindowsTrustedRT - ok 18:15:36.0353 0x1708 WindowsTrustedRTProxy - ok 18:15:36.0369 0x1708 WinHttpAutoProxySvc - ok 18:15:36.0384 0x1708 WinMad - ok 18:15:36.0419 0x1708 Winmgmt - ok 18:15:36.0467 0x1708 WinRM - ok 18:15:36.0520 0x1708 WINUSB - ok 18:15:36.0531 0x1708 WinVerbs - ok 18:15:36.0564 0x1708 WlanSvc - ok 18:15:36.0601 0x1708 wlidsvc - ok 18:15:36.0625 0x1708 WmiAcpi - ok 18:15:36.0669 0x1708 wmiApSrv - ok 18:15:36.0713 0x1708 WMPNetworkSvc - ok 18:15:36.0777 0x1708 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 18:15:36.0791 0x1708 Wof - ok 18:15:36.0852 0x1708 workfolderssvc - ok 18:15:36.0894 0x1708 wpcfltr - ok 18:15:36.0953 0x1708 WPDBusEnum - ok 18:15:36.0989 0x1708 WpdUpFltr - ok 18:15:37.0012 0x1708 WpnService - ok 18:15:37.0025 0x1708 ws2ifsl - ok 18:15:37.0043 0x1708 wscsvc - ok 18:15:37.0057 0x1708 WSearch - ok 18:15:37.0083 0x1708 WSService - ok 18:15:37.0123 0x1708 wuauserv - ok 18:15:37.0137 0x1708 WudfPf - ok 18:15:37.0149 0x1708 WUDFRd - ok 18:15:37.0164 0x1708 wudfsvc - ok 18:15:37.0176 0x1708 WUDFWpdFs - ok 18:15:37.0190 0x1708 WUDFWpdMtp - ok 18:15:37.0209 0x1708 WwanSvc - ok 18:15:37.0239 0x1708 XblAuthManager - ok 18:15:37.0276 0x1708 XblGameSave - ok 18:15:37.0324 0x1708 xboxgip - ok 18:15:37.0394 0x1708 XboxNetApiSvc - ok 18:15:37.0439 0x1708 xinputhid - ok 18:15:37.0503 0x1708 xusb22 - ok 18:15:37.0578 0x1708 [ 7DD4F85CB997834E1ADC1238045AD905, 2FF42F7BEC21D361698FFC7921DC690C16DEEC2A357188DDE6ECADA9CFA0B780 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe 18:15:37.0584 0x1708 ZAtheros Wlan Agent - ok 18:15:37.0585 0x1708 ================ Scan global =============================== 18:15:37.0674 0x1708 [ Global ] - ok 18:15:37.0675 0x1708 ================ Scan MBR ================================== 18:15:37.0697 0x1708 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 18:15:37.0733 0x1708 \Device\Harddisk0\DR0 - ok 18:15:37.0734 0x1708 ================ Scan VBR ================================== 18:15:37.0738 0x1708 [ D335B8E433592989DFD81D9C32FA5B5B ] \Device\Harddisk0\DR0\Partition1 18:15:37.0794 0x1708 \Device\Harddisk0\DR0\Partition1 - ok 18:15:37.0804 0x1708 [ CB654AEFABB230D2D1D70C0107B5B0D6 ] \Device\Harddisk0\DR0\Partition2 18:15:37.0861 0x1708 \Device\Harddisk0\DR0\Partition2 - ok 18:15:37.0881 0x1708 [ 0D52EBCA2192D37E8762FC6A8E0C2F78 ] \Device\Harddisk0\DR0\Partition3 18:15:37.0882 0x1708 \Device\Harddisk0\DR0\Partition3 - ok 18:15:37.0904 0x1708 [ 34C6FFB3327E38D0317C0E2C6E2A54AF ] \Device\Harddisk0\DR0\Partition4 18:15:37.0977 0x1708 \Device\Harddisk0\DR0\Partition4 - ok 18:15:37.0994 0x1708 [ 08D41AA9162A28482EAAF33DD174FB24 ] \Device\Harddisk0\DR0\Partition5 18:15:38.0054 0x1708 \Device\Harddisk0\DR0\Partition5 - ok 18:15:38.0091 0x1708 [ 2E1F5FEED1CD842C53136677EA4A4BDD ] \Device\Harddisk0\DR0\Partition6 18:15:38.0094 0x1708 \Device\Harddisk0\DR0\Partition6 - ok 18:15:38.0107 0x1708 [ F7DCE0EF296A49CC92D40D16938D025A ] \Device\Harddisk0\DR0\Partition7 18:15:38.0110 0x1708 \Device\Harddisk0\DR0\Partition7 - ok 18:15:38.0111 0x1708 ================ Scan generic autorun ====================== 18:15:38.0426 0x1708 [ 641B19018CB32619ADBD0AED4964E1D9, 4F85CD33E69A1EE9C145407E2FE28C0D6EAE0782576D656E583052A69677A910 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 18:15:38.0539 0x1708 RTHDVCPL - ok 18:15:38.0587 0x1708 [ BC5A40AEAC1CF7708D07CBC2F577F90B, A70B2C08CE007532739C60B474289459225D0554C8C5DA113DC649955BDC9DF6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 18:15:38.0607 0x1708 RtHDVBg - ok 18:15:38.0639 0x1708 [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\Windows\system32\igfxtray.exe 18:15:38.0648 0x1708 IgfxTray - ok 18:15:38.0837 0x1708 [ E30987C26979B7D45DABAD46E512569F, 42EEBFE63BEF4D32B2804152F6261CB0B92768DD24E8D908ECB85CC846EF9BED ] c:\Program Files\Dell\QuickSet\QuickSet.exe 18:15:38.0913 0x1708 QuickSet - ok 18:15:38.0917 0x1708 SynTPEnh - ok 18:15:38.0986 0x1708 [ 139C3E683C64935D397A3A656D443E29, 56A914FC51ED13541987DBE2DE9ED28D9130DD3CF8DD90F9550A1D8818B24983 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 18:15:38.0991 0x1708 RemoteControl10 - ok 18:15:39.0125 0x1708 [ 7BCFEB37C3EC6A83E5C71DEA5418BA3D, 318C2BA9F110341A71D3D540490F452D370313B1644C6A6AEC8D56E251E02AD9 ] C:\Program Files (x86)\Dell Printers\Printer SSW\Launcher\dlm1launcher.exe 18:15:39.0159 0x1708 LauncherC1765nf - ok 18:15:39.0319 0x1708 [ D0F1DFC03507FD60FC8DFDCD862799AF, 842099BC6810637CA2B7B8A827A1014FC5FD4F319429E31907D8AC294243CA1C ] C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe 18:15:39.0370 0x1708 StatusAutoRunC1765nf - ok 18:15:39.0480 0x1708 [ 51B70CE8B46FB074154F2C144919E633, 498E5585814924778358A5D4BEA1936D2CB4D1A15FD900AE017C63D6F1A9F52B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 18:15:39.0501 0x1708 StartCCC - ok 18:15:39.0584 0x1708 [ 163E43BC69AE78F468024EC2133C94A8, 782C79FA3A841FDC4F549A212E07C3B8397E1FBEE44833C0662FC7E43EA24997 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 18:15:39.0623 0x1708 SunJavaUpdateSched - ok 18:15:39.0882 0x1708 [ 4864F4A62A735C673D27CCFBBB1C405A, 56FB81F39AF9B0CD07E11CB227B3CAFBE907DF44C7C61C6A8DB023294C255992 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 18:15:39.0963 0x1708 LogMeIn Hamachi Ui - ok 18:15:40.0029 0x1708 [ B0CCAD1705E463E212BE4A3A35338560, 849A4D23C4A2887AB5EBDB455532654437EE9A0A88484230148B1CF8689B6661 ] C:\WINDOWS\is-CANB9.exe 18:15:40.0069 0x1708 InnoSetupRegFile.0000000001 - ok 18:15:40.0143 0x1708 OneDriveSetup - ok 18:15:40.0148 0x1708 OneDriveSetup - ok 18:15:40.0174 0x1708 RGSC - ok 18:15:40.0332 0x1708 [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe 18:15:40.0375 0x1708 Steam - ok 18:15:40.0532 0x1708 [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\OneDrive.exe 18:15:40.0577 0x1708 OneDrive - ok 18:15:40.0636 0x1708 Skype - ok 18:15:40.0742 0x1708 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 18:15:40.0768 0x1708 SpybotPostWindows10UpgradeReInstall - ok 18:15:40.0841 0x1708 [ AB687F4196EA06635A11A996B630D984, 837880EE87A826295A9145C6CE77FC9894E9A5EC21182B50DFC2B42225461436 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe 18:15:40.0876 0x1708 BlueStacks Agent - ok 18:15:40.0909 0x1708 GameJoltClient - ok 18:15:41.0035 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok 18:15:41.0055 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1 - ok 18:15:41.0076 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 - ok 18:15:41.0101 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127 - ok 18:15:41.0122 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 - ok 18:15:41.0144 0x1708 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225 - ok 18:15:41.0146 0x1708 Waiting for KSN requests completion. In queue: 67 18:15:42.0146 0x1708 Waiting for KSN requests completion. In queue: 67 18:15:43.0148 0x1708 Waiting for KSN requests completion. In queue: 67 18:15:43.0693 0x2820 Object required for P2P: [ EC8538693C84E5B85014CB0F4174A8B7 ] SymIRON 18:15:44.0148 0x1708 Waiting for KSN requests completion. In queue: 21 18:15:45.0149 0x1708 Waiting for KSN requests completion. In queue: 21 18:15:46.0150 0x1708 Waiting for KSN requests completion. In queue: 21 18:15:46.0230 0x2820 Object send P2P result: true 18:15:46.0232 0x2820 Object required for P2P: [ 7BCFEB37C3EC6A83E5C71DEA5418BA3D ] C:\Program Files (x86)\Dell Printers\Printer SSW\Launcher\dlm1launcher.exe 18:15:47.0151 0x1708 Waiting for KSN requests completion. In queue: 10 18:15:48.0152 0x1708 Waiting for KSN requests completion. In queue: 10 18:15:48.0769 0x2820 Object send P2P result: true 18:15:48.0769 0x2820 Object required for P2P: [ D0F1DFC03507FD60FC8DFDCD862799AF ] C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe 18:15:49.0153 0x1708 Waiting for KSN requests completion. In queue: 9 18:15:50.0153 0x1708 Waiting for KSN requests completion. In queue: 9 18:15:51.0155 0x1708 Waiting for KSN requests completion. In queue: 9 18:15:51.0342 0x2820 Object send P2P result: true 18:15:51.0343 0x2820 Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe 18:15:52.0155 0x1708 Waiting for KSN requests completion. In queue: 4 18:15:53.0156 0x1708 Waiting for KSN requests completion. In queue: 4 18:15:53.0882 0x2820 Object send P2P result: true 18:15:54.0423 0x1708 AV detected via SS2: Norton AntiVirus, C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51000 ( enabled : updated ) 18:15:54.0424 0x1708 AV detected via SS2: PC Tools Spyware Doctor with AntiVirus, C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe ( ), 0x70000 ( disabled : updated ) 18:15:54.0450 0x1708 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated ) 18:15:54.0496 0x1708 Win FW state via NFP2: enabled ( trusted ) 18:15:56.0989 0x1708 ============================================================ 18:15:56.0989 0x1708 Scan finished 18:15:56.0990 0x1708 ============================================================ 18:15:57.0011 0x08d4 Detected object count: 0 18:15:57.0011 0x08d4 Actual detected object count: 0 18:16:13.0720 0x1a7c Deinitialize success Geändert von M-K-D-B (01.07.2017 um 10:14 Uhr) |
30.05.2016, 18:13 | #9 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Scan bitte mit den richtigen Einstellungen durchführen und Log posten.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
30.05.2016, 18:20 | #10 |
| Viren,Trojaner,Würmer,Track cookies und Komische Programe. Hallo das sollte das richtige sein. 19:14:14.0457 0x11e8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 19:14:14.0457 0x11e8 UEFI system 19:14:18.0857 0x11e8 ============================================================ 19:14:18.0857 0x11e8 Current date / time: 2016/05/30 19:14:18.0857 19:14:18.0857 0x11e8 SystemInfo: 19:14:18.0858 0x11e8 19:14:18.0858 0x11e8 OS Version: 10.0.10586 ServicePack: 0.0 19:14:18.0858 0x11e8 Product type: Workstation 19:14:18.0858 0x11e8 ComputerName: MICHAEL 19:14:18.0858 0x11e8 UserName: xxxxxxx 19:14:18.0858 0x11e8 Windows directory: C:\WINDOWS 19:14:18.0858 0x11e8 System windows directory: C:\WINDOWS 19:14:18.0859 0x11e8 Running under WOW64 19:14:18.0859 0x11e8 Processor architecture: Intel x64 19:14:18.0859 0x11e8 Number of processors: 4 19:14:18.0859 0x11e8 Page size: 0x1000 19:14:18.0859 0x11e8 Boot type: Normal boot 19:14:18.0859 0x11e8 ============================================================ 19:14:19.0731 0x11e8 KLMD registered as C:\WINDOWS\system32\drivers\45556445.sys 19:14:20.0253 0x11e8 System UUID: {33E572E2-680C-0351-10B0-AD8B8A3BD1D5} 19:14:21.0498 0x11e8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:14:21.0549 0x11e8 ============================================================ 19:14:21.0549 0x11e8 \Device\Harddisk0\DR0: 19:14:21.0550 0x11e8 GPT partitions: 19:14:21.0594 0x11e8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0FBC97CE-ED13-4C9E-9836-61C5ADB112BF}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000 19:14:21.0594 0x11e8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {0D14528F-B289-4E30-85E5-A0869C74C131}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000 19:14:21.0595 0x11e8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CA820E09-00A6-4EEB-A824-DD672888AC0C}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000 19:14:21.0595 0x11e8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {12FC2047-5921-4823-92A3-5CEEA51DB6F1}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xF5000 19:14:21.0595 0x11e8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A9D6DB15-8C98-4CCC-9096-587D22CD51E1}, Name: Basic data partition, StartLBA 0x243800, BlocksNum 0x72BBD000 19:14:21.0595 0x11e8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BF4385EF-AD7F-4BC8-8A5F-DDFDFFDBE2D0}, Name: , StartLBA 0x72E00800, BlocksNum 0xE2000 19:14:21.0595 0x11e8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5C7ACB11-791F-402C-949E-5F2F072F0041}, Name: Microsoft recovery partition, StartLBA 0x72EE2800, BlocksNum 0x1823DB0 19:14:21.0595 0x11e8 MBR partitions: 19:14:21.0595 0x11e8 ============================================================ 19:14:21.0678 0x11e8 C: <-> \Device\Harddisk0\DR0\Partition5 19:14:21.0678 0x11e8 ============================================================ 19:14:21.0679 0x11e8 Initialize success 19:14:21.0679 0x11e8 ============================================================ 19:15:03.0014 0x0cc4 ============================================================ 19:15:03.0014 0x0cc4 Scan started 19:15:03.0014 0x0cc4 Mode: Manual; SigCheck; TDLFS; 19:15:03.0014 0x0cc4 ============================================================ 19:15:03.0014 0x0cc4 KSN ping started 19:15:05.0391 0x0cc4 KSN ping finished: true 19:15:11.0090 0x0cc4 ================ Scan system memory ======================== 19:15:11.0090 0x0cc4 System memory - ok 19:15:11.0090 0x0cc4 ================ Scan services ============================= 19:15:12.0235 0x0cc4 1394ohci - ok 19:15:12.0246 0x0cc4 3ware - ok 19:15:12.0337 0x0cc4 ACDaemon - ok 19:15:12.0362 0x0cc4 ACPI - ok 19:15:12.0390 0x0cc4 acpiex - ok 19:15:12.0396 0x0cc4 acpipagr - ok 19:15:12.0434 0x0cc4 AcpiPmi - ok 19:15:12.0441 0x0cc4 acpitime - ok 19:15:12.0450 0x0cc4 ADP80XX - ok 19:15:12.0488 0x0cc4 AFD - ok 19:15:12.0510 0x0cc4 agp440 - ok 19:15:12.0519 0x0cc4 ahcache - ok 19:15:12.0546 0x0cc4 AJRouter - ok 19:15:12.0569 0x0cc4 ALG - ok 19:15:12.0646 0x0cc4 [ 361AF7F2908DE1AD1EAC14C39AC8C55C, 573EBA181E5283DE7EC0197FFD0EC8696F7FA20395124716D3DEB9097AB1B9D2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 19:15:12.0927 0x0cc4 AMD External Events Utility - ok 19:15:12.0942 0x0cc4 AmdK8 - ok 19:15:12.0953 0x0cc4 amdkmdag - ok 19:15:13.0053 0x0cc4 [ 969C0A4A4923D5141F1A36A7CFE867C9, C3537822C746CBF2DC6BC3C28301942A8C227EAC6EEF7E58B975FF080243AF8B ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 19:15:13.0098 0x0cc4 amdkmdap - ok 19:15:13.0136 0x0cc4 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys 19:15:13.0190 0x0cc4 amdkmpfd - ok 19:15:13.0194 0x0cc4 AmdPPM - ok 19:15:13.0208 0x0cc4 amdsata - ok 19:15:13.0212 0x0cc4 amdsbs - ok 19:15:13.0215 0x0cc4 amdxata - ok 19:15:13.0223 0x0cc4 AppID - ok 19:15:13.0254 0x0cc4 AppIDSvc - ok 19:15:13.0259 0x0cc4 Appinfo - ok 19:15:13.0267 0x0cc4 AppReadiness - ok 19:15:13.0320 0x0cc4 AppXSvc - ok 19:15:13.0324 0x0cc4 arcsas - ok 19:15:13.0341 0x0cc4 AsyncMac - ok 19:15:13.0345 0x0cc4 atapi - ok 19:15:13.0692 0x0cc4 [ 35A831D8736ACC3D3BF38F5D4C4D03DF, 7A843A4D9E9DC5D7015BD4EDB41778BD0EAFA2A2A2BE135F080D26CB8C30FFF5 ] athr C:\WINDOWS\System32\drivers\athw10x.sys 19:15:13.0935 0x0cc4 athr - ok 19:15:13.0976 0x0cc4 AudioEndpointBuilder - ok 19:15:14.0005 0x0cc4 Audiosrv - ok 19:15:14.0030 0x0cc4 AxInstSV - ok 19:15:14.0061 0x0cc4 b06bdrv - ok 19:15:14.0107 0x0cc4 BasicDisplay - ok 19:15:14.0127 0x0cc4 BasicRender - ok 19:15:14.0211 0x0cc4 [ 47480F4260DAE9AA589BCAF924B3767A, 00C46D6714BE9B24682A953F0BC05004AEAC664073E0418DFF5CB9B738281993 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe 19:15:14.0276 0x0cc4 BBSvc - ok 19:15:14.0328 0x0cc4 [ 6BF743CBF3BCD09DAB79245E60E1AE62, AF21BA914790B187ED32FB7A16586E371D803D167EFFC4949047FBAF74A782F3 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe 19:15:14.0367 0x0cc4 BBUpdate - ok 19:15:14.0381 0x0cc4 bcmfn - ok 19:15:14.0398 0x0cc4 bcmfn2 - ok 19:15:14.0411 0x0cc4 BDESVC - ok 19:15:14.0437 0x0cc4 Beep - ok 19:15:14.0462 0x0cc4 BFE - ok 19:15:14.0853 0x0cc4 [ 4E8EF55692BDCB8BA97888877CD034AC, 050C73032D77D57E3B79D1BFB3F2D7F2E9CED1188F53576223FE10149D86AB6C ] BHDrvx64 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\BASHDefs\20160521.001\BHDrvx64.sys 19:15:14.0937 0x0cc4 BHDrvx64 - ok 19:15:14.0947 0x0cc4 BITS - ok 19:15:14.0951 0x0cc4 bowser - ok 19:15:14.0967 0x0cc4 BrokerInfrastructure - ok 19:15:14.0982 0x0cc4 Browser - ok 19:15:15.0226 0x0cc4 [ 57F267C0299427A6DC4C5533D1ED01DB, 6D005F994987D491E8E9FD2AEE5A3635CD2E521EDE2C28406E45556DD7A6DD42 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 19:15:15.0273 0x0cc4 BstHdAndroidSvc - ok 19:15:15.0323 0x0cc4 [ 521F0F928670824951610ABDB05531B5, F28120D3F99129666C7E9CE55943806BFE69415C36F564F5BFD95E61975018DB ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 19:15:15.0397 0x0cc4 BstHdDrv - ok 19:15:15.0471 0x0cc4 [ 7CECE5817BCD4764971B479650BA7DB9, 32C4B8F85787C14C5B176D593FF0EE52020FAA29DB7D7070D93DA7B254CDE783 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 19:15:15.0518 0x0cc4 BstHdLogRotatorSvc - ok 19:15:15.0588 0x0cc4 [ F837C220F45BC668AD1996FA6B223B3A, 6B15934C24FCBA762977FB914EB0C4D38B2E2B41EB9AB4B1563B1D2B56259563 ] BstHdPlusAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe 19:15:15.0625 0x0cc4 BstHdPlusAndroidSvc - ok 19:15:15.0745 0x0cc4 [ ADDAC56B39B81B84BC47C4DA0289BB57, 02EE703653F0A1375B4B0EC412988ECC5C141935B787F1992BAE7D4CBFACA517 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe 19:15:15.0806 0x0cc4 BstHdUpdaterSvc - ok 19:15:15.0872 0x0cc4 [ B6FC31F187DA42B7F3AB036030F82426, 0899A947589DD98B3169C54C3715E16731C2FF38CD159C55028C20741CB58E5E ] BstkDrv C:\Program Files (x86)\BlueStacks\BstkDrv.sys 19:15:15.0925 0x0cc4 BstkDrv - ok 19:15:16.0026 0x0cc4 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys 19:15:16.0078 0x0cc4 BtFilter - ok 19:15:16.0098 0x0cc4 BthA2DP - ok 19:15:16.0110 0x0cc4 BthAvrcpTg - ok 19:15:16.0146 0x0cc4 BthEnum - ok 19:15:16.0156 0x0cc4 BthHFAud - ok 19:15:16.0176 0x0cc4 BthHFEnum - ok 19:15:16.0182 0x0cc4 bthhfhid - ok 19:15:16.0201 0x0cc4 BthHFSrv - ok 19:15:16.0234 0x0cc4 BthLEEnum - ok 19:15:16.0246 0x0cc4 BTHMODEM - ok 19:15:16.0261 0x0cc4 BthPan - ok 19:15:16.0325 0x0cc4 BTHPORT - ok 19:15:16.0339 0x0cc4 bthserv - ok 19:15:16.0401 0x0cc4 BTHUSB - ok 19:15:16.0432 0x0cc4 buttonconverter - ok 19:15:16.0703 0x0cc4 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe 19:15:16.0760 0x0cc4 c2cautoupdatesvc - ok 19:15:16.0999 0x0cc4 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 19:15:17.0081 0x0cc4 c2cpnrsvc - ok 19:15:17.0103 0x0cc4 CapImg - ok 19:15:17.0182 0x0cc4 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NAV C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys 19:15:17.0223 0x0cc4 ccSet_NAV - ok 19:15:17.0237 0x0cc4 cdfs - ok 19:15:17.0264 0x0cc4 CDPSvc - ok 19:15:17.0269 0x0cc4 cdrom - ok 19:15:17.0274 0x0cc4 CertPropSvc - ok 19:15:17.0305 0x0cc4 circlass - ok 19:15:17.0324 0x0cc4 CLFS - ok 19:15:17.0341 0x0cc4 ClipSVC - ok 19:15:17.0388 0x0cc4 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 19:15:17.0415 0x0cc4 CLVirtualDrive - ok 19:15:17.0420 0x0cc4 CmBatt - ok 19:15:17.0436 0x0cc4 CNG - ok 19:15:17.0441 0x0cc4 cnghwassist - ok 19:15:18.0041 0x0cc4 CompositeBus - ok 19:15:18.0049 0x0cc4 COMSysApp - ok 19:15:18.0069 0x0cc4 condrv - ok 19:15:18.0102 0x0cc4 CoreMessagingRegistrar - ok 19:15:18.0969 0x0cc4 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 19:15:19.0055 0x0cc4 cphs - ok 19:15:19.0079 0x0cc4 CryptSvc - ok 19:15:19.0099 0x0cc4 dam - ok 19:15:19.0116 0x0cc4 dc1-controller - ok 19:15:19.0139 0x0cc4 DcomLaunch - ok 19:15:19.0151 0x0cc4 DcpSvc - ok 19:15:19.0165 0x0cc4 defragsvc - ok 19:15:19.0330 0x0cc4 [ 2E19CAEACBBCB68B2338D936D64EA012, 840BD87697D2A11A959E57F695E2E3546555E0C82E812BD30750E3F5BCE7A51F ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe 19:15:19.0399 0x0cc4 DellDigitalDelivery - ok 19:15:19.0541 0x0cc4 [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn C:\WINDOWS\System32\drivers\DellRbtn.sys 19:15:19.0629 0x0cc4 DellRbtn - ok 19:15:19.0649 0x0cc4 DeviceAssociationService - ok 19:15:19.0675 0x0cc4 DeviceInstall - ok 19:15:19.0694 0x0cc4 DevQueryBroker - ok 19:15:19.0724 0x0cc4 Dfsc - ok 19:15:19.0771 0x0cc4 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 19:15:19.0804 0x0cc4 dg_ssudbus - ok 19:15:19.0832 0x0cc4 Dhcp - ok 19:15:19.0925 0x0cc4 diagnosticshub.standardcollector.service - ok 19:15:19.0993 0x0cc4 DiagTrack - ok 19:15:20.0028 0x0cc4 disk - ok 19:15:20.0102 0x0cc4 [ E2139058E226D4B7C028ED3D433BDD3E, CF00D0AD515F495573BFAE4E514CAC97FB4CB7977D6A8DD9EEEEDD00BC25AA43 ] DLNBDB C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1db.exe 19:15:20.0132 0x0cc4 DLNBDB - ok 19:15:20.0186 0x0cc4 DmEnrollmentSvc - ok 19:15:20.0216 0x0cc4 dmvsc - ok 19:15:20.0238 0x0cc4 dmwappushservice - ok 19:15:20.0254 0x0cc4 Dnscache - ok 19:15:20.0268 0x0cc4 dot3svc - ok 19:15:20.0275 0x0cc4 DPS - ok 19:15:20.0332 0x0cc4 drmkaud - ok 19:15:20.0348 0x0cc4 DsmSvc - ok 19:15:20.0372 0x0cc4 DsSvc - ok 19:15:20.0391 0x0cc4 DXGKrnl - ok 19:15:20.0408 0x0cc4 Eaphost - ok 19:15:20.0471 0x0cc4 ebdrv - ok 19:15:20.0606 0x0cc4 [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 19:15:20.0706 0x0cc4 eeCtrl - ok 19:15:20.0741 0x0cc4 EFS - ok 19:15:20.0782 0x0cc4 EhStorClass - ok 19:15:20.0827 0x0cc4 EhStorTcgDrv - ok 19:15:20.0871 0x0cc4 embeddedmode - ok 19:15:20.0889 0x0cc4 EntAppSvc - ok 19:15:20.0928 0x0cc4 [ CA4ADE6C3929B70317BFDDF9ABBFE0CE, 824F3D26FDFBA38A5191C78E68379D48C915FB6F82BD353A1D5416537F8A0A42 ] epp64 C:\WINDOWS\system32\DRIVERS\epp64.sys 19:15:20.0979 0x0cc4 epp64 - ok 19:15:21.0043 0x0cc4 [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 19:15:21.0085 0x0cc4 EraserUtilRebootDrv - ok 19:15:21.0093 0x0cc4 ErrDev - ok 19:15:21.0137 0x0cc4 EventSystem - ok 19:15:21.0157 0x0cc4 exfat - ok 19:15:21.0183 0x0cc4 fastfat - ok 19:15:21.0220 0x0cc4 Fax - ok 19:15:21.0238 0x0cc4 fdc - ok 19:15:21.0262 0x0cc4 fdPHost - ok 19:15:21.0279 0x0cc4 FDResPub - ok 19:15:21.0298 0x0cc4 fhsvc - ok 19:15:21.0349 0x0cc4 FileCrypt - ok 19:15:21.0368 0x0cc4 FileInfo - ok 19:15:21.0380 0x0cc4 Filetrace - ok 19:15:21.0390 0x0cc4 flpydisk - ok 19:15:21.0404 0x0cc4 FltMgr - ok 19:15:21.0426 0x0cc4 FontCache - ok 19:15:21.0558 0x0cc4 FontCache3.0.0.0 - ok 19:15:21.0589 0x0cc4 FsDepends - ok 19:15:21.0595 0x0cc4 Fs_Rec - ok 19:15:21.0613 0x0cc4 fvevol - ok 19:15:21.0627 0x0cc4 gagp30kx - ok 19:15:21.0670 0x0cc4 gencounter - ok 19:15:21.0700 0x0cc4 genericusbfn - ok 19:15:21.0718 0x0cc4 GPIOClx0101 - ok 19:15:21.0759 0x0cc4 gpsvc - ok 19:15:21.0789 0x0cc4 GpuEnergyDrv - ok 19:15:21.0886 0x0cc4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:15:21.0949 0x0cc4 gupdate - ok 19:15:21.0961 0x0cc4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:15:21.0987 0x0cc4 gupdatem - ok 19:15:22.0018 0x0cc4 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\System32\drivers\Hamdrv.sys 19:15:22.0050 0x0cc4 Hamachi - ok 19:15:22.0246 0x0cc4 [ C0702639ADE5C6D9CD27FD604146A6D4, C239F116C9BA7CA4891BDAA3DE808E1B7859B7B2FD8E642396DBB42A52AAD364 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 19:15:22.0356 0x0cc4 Hamachi2Svc - ok 19:15:22.0386 0x0cc4 HDAudBus - ok 19:15:22.0393 0x0cc4 HidBatt - ok 19:15:22.0398 0x0cc4 HidBth - ok 19:15:22.0412 0x0cc4 hidi2c - ok 19:15:22.0443 0x0cc4 hidinterrupt - ok 19:15:22.0454 0x0cc4 HidIr - ok 19:15:22.0479 0x0cc4 hidserv - ok 19:15:22.0507 0x0cc4 HidUsb - ok 19:15:22.0558 0x0cc4 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys 19:15:22.0595 0x0cc4 HipShieldK - ok 19:15:22.0610 0x0cc4 HomeGroupListener - ok 19:15:22.0629 0x0cc4 HomeGroupProvider - ok 19:15:22.0663 0x0cc4 HpSAMD - ok 19:15:22.0681 0x0cc4 HTTP - ok 19:15:22.0697 0x0cc4 hwpolicy - ok 19:15:22.0712 0x0cc4 hyperkbd - ok 19:15:22.0720 0x0cc4 i8042prt - ok 19:15:22.0733 0x0cc4 iai2c - ok 19:15:22.0763 0x0cc4 iaLPSS2i_I2C - ok 19:15:22.0780 0x0cc4 iaLPSSi_GPIO - ok 19:15:22.0787 0x0cc4 iaLPSSi_I2C - ok 19:15:22.0890 0x0cc4 [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 19:15:22.0928 0x0cc4 iaStorA - ok 19:15:22.0951 0x0cc4 iaStorAV - ok 19:15:22.0958 0x0cc4 iaStorV - ok 19:15:22.0966 0x0cc4 ibbus - ok 19:15:23.0000 0x0cc4 icssvc - ok 19:15:23.0345 0x0cc4 [ BD14C02A9F388CB29620FF68AB6979AD, 1610C888002E1118DFEF86E27462FDBB1F625BD298FC4FCD033FBC76D54EC35E ] IDSVia64 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\IPSDefs\20160527.001\IDSvia64.sys 19:15:23.0389 0x0cc4 IDSVia64 - ok 19:15:23.0396 0x0cc4 IEEtwCollectorService - ok 19:15:23.0990 0x0cc4 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 19:15:24.0309 0x0cc4 igfx - ok 19:15:24.0350 0x0cc4 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 19:15:24.0392 0x0cc4 igfxCUIService2.0.0.0 - ok 19:15:24.0416 0x0cc4 IKEEXT - ok 19:15:24.0465 0x0cc4 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 19:15:24.0494 0x0cc4 intaud_WaveExtensible - ok 19:15:24.0934 0x0cc4 [ 48AC5F706780BCC34811EA89A0727189, F76EC13A5A0FD24D9B63B7546FF749739022D1785357AD06E3FAA7F608E8C714 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 19:15:25.0123 0x0cc4 IntcAzAudAddService - ok 19:15:25.0217 0x0cc4 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 19:15:25.0262 0x0cc4 IntcDAud - ok 19:15:25.0273 0x0cc4 intelide - ok 19:15:25.0280 0x0cc4 intelpep - ok 19:15:25.0297 0x0cc4 intelppm - ok 19:15:25.0304 0x0cc4 IoQos - ok 19:15:25.0313 0x0cc4 IpFilterDriver - ok 19:15:25.0328 0x0cc4 iphlpsvc - ok 19:15:25.0335 0x0cc4 IPMIDRV - ok 19:15:25.0342 0x0cc4 IPNAT - ok 19:15:25.0387 0x0cc4 IRENUM - ok 19:15:25.0405 0x0cc4 isapnp - ok 19:15:25.0432 0x0cc4 iScsiPrt - ok 19:15:25.0468 0x0cc4 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 19:15:25.0494 0x0cc4 iwdbus - ok 19:15:25.0502 0x0cc4 kbdclass - ok 19:15:25.0509 0x0cc4 kbdhid - ok 19:15:25.0532 0x0cc4 kdnic - ok 19:15:25.0539 0x0cc4 KeyIso - ok 19:15:25.0546 0x0cc4 KSecDD - ok 19:15:25.0562 0x0cc4 KSecPkg - ok 19:15:25.0573 0x0cc4 ksthunk - ok 19:15:25.0596 0x0cc4 KtmRm - ok 19:15:25.0650 0x0cc4 LanmanServer - ok 19:15:25.0687 0x0cc4 LanmanWorkstation - ok 19:15:25.0718 0x0cc4 lfsvc - ok 19:15:25.0734 0x0cc4 LicenseManager - ok 19:15:25.0741 0x0cc4 lltdio - ok 19:15:25.0892 0x0cc4 lltdsvc - ok 19:15:25.0924 0x0cc4 lmhosts - ok 19:15:26.0019 0x0cc4 [ 58FA4A9CC1F6406B6B9FA57415989123, 8DA00EA4EECC6FA9A35CBA36551D22BE1B36EE41BB000085D83ADF433781A09E ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 19:15:26.0063 0x0cc4 LMIGuardianSvc - ok 19:15:26.0084 0x0cc4 LSI_SAS - ok 19:15:26.0140 0x0cc4 LSI_SAS2i - ok 19:15:26.0152 0x0cc4 LSI_SAS3i - ok 19:15:26.0159 0x0cc4 LSI_SSS - ok 19:15:26.0189 0x0cc4 LSM - ok 19:15:26.0217 0x0cc4 luafv - ok 19:15:26.0293 0x0cc4 MapsBroker - ok 19:15:26.0478 0x0cc4 [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 19:15:26.0530 0x0cc4 mbamchameleon - ok 19:15:26.0637 0x0cc4 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 19:15:26.0704 0x0cc4 MBAMProtector - ok 19:15:26.0942 0x0cc4 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 19:15:26.0994 0x0cc4 MBAMScheduler - ok 19:15:27.0129 0x0cc4 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 19:15:27.0185 0x0cc4 MBAMService - ok 19:15:27.0248 0x0cc4 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 19:15:27.0278 0x0cc4 MBAMSwissArmy - ok 19:15:27.0390 0x0cc4 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys 19:15:27.0439 0x0cc4 MBAMWebAccessControl - ok 19:15:27.0457 0x0cc4 megasas - ok 19:15:27.0473 0x0cc4 megasr - ok 19:15:27.0531 0x0cc4 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 19:15:27.0567 0x0cc4 MEIx64 - ok 19:15:27.0590 0x0cc4 MessagingService - ok 19:15:27.0776 0x0cc4 [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys 19:15:27.0809 0x0cc4 mfencbdc - ok 19:15:27.0847 0x0cc4 [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys 19:15:27.0874 0x0cc4 mfencrk - ok 19:15:27.0882 0x0cc4 mlx4_bus - ok 19:15:27.0910 0x0cc4 MMCSS - ok 19:15:27.0919 0x0cc4 Modem - ok 19:15:27.0926 0x0cc4 monitor - ok 19:15:27.0943 0x0cc4 mouclass - ok 19:15:27.0957 0x0cc4 mouhid - ok 19:15:27.0965 0x0cc4 mountmgr - ok 19:15:27.0973 0x0cc4 mpsdrv - ok 19:15:27.0985 0x0cc4 MpsSvc - ok 19:15:28.0001 0x0cc4 MRxDAV - ok 19:15:28.0025 0x0cc4 mrxsmb - ok 19:15:28.0043 0x0cc4 mrxsmb10 - ok 19:15:28.0077 0x0cc4 mrxsmb20 - ok 19:15:28.0104 0x0cc4 MsBridge - ok 19:15:28.0139 0x0cc4 MSDTC - ok 19:15:28.0174 0x0cc4 Msfs - ok 19:15:28.0211 0x0cc4 msgpiowin32 - ok 19:15:28.0219 0x0cc4 mshidkmdf - ok 19:15:28.0249 0x0cc4 mshidumdf - ok 19:15:28.0258 0x0cc4 msisadrv - ok 19:15:28.0284 0x0cc4 MSiSCSI - ok 19:15:28.0294 0x0cc4 msiserver - ok 19:15:28.0318 0x0cc4 MSKSSRV - ok 19:15:28.0325 0x0cc4 MsLldp - ok 19:15:28.0332 0x0cc4 MSPCLOCK - ok 19:15:28.0343 0x0cc4 MSPQM - ok 19:15:28.0365 0x0cc4 MsRPC - ok 19:15:28.0379 0x0cc4 mssmbios - ok 19:15:28.0388 0x0cc4 MSTEE - ok 19:15:28.0410 0x0cc4 MTConfig - ok 19:15:28.0420 0x0cc4 Mup - ok 19:15:28.0429 0x0cc4 mvumis - ok 19:15:28.0468 0x0cc4 NativeWifiP - ok 19:15:28.0695 0x0cc4 [ 4BDA87D35257827AC6D7E7E83A7BBC0E, C03CE40EEEF08961EC99C38B22D00923A7C71BA06E17D0F2C065D5E1FC6F4B96 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe 19:15:28.0737 0x0cc4 NAV - ok 19:15:28.0859 0x0cc4 [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160529.019\ENG64.SYS 19:15:28.0923 0x0cc4 NAVENG - ok 19:15:29.0162 0x0cc4 [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15 C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\VirusDefs\20160529.019\EX64.SYS 19:15:29.0270 0x0cc4 NAVEX15 - ok 19:15:29.0307 0x0cc4 NcaSvc - ok 19:15:29.0339 0x0cc4 NcbService - ok 19:15:29.0352 0x0cc4 NcdAutoSetup - ok 19:15:29.0382 0x0cc4 ndfltr - ok 19:15:29.0397 0x0cc4 NDIS - ok 19:15:29.0427 0x0cc4 NdisCap - ok 19:15:29.0438 0x0cc4 NdisImPlatform - ok 19:15:29.0445 0x0cc4 NdisTapi - ok 19:15:29.0456 0x0cc4 Ndisuio - ok 19:15:29.0465 0x0cc4 NdisVirtualBus - ok 19:15:29.0475 0x0cc4 NdisWan - ok 19:15:29.0483 0x0cc4 ndiswanlegacy - ok 19:15:29.0493 0x0cc4 ndproxy - ok 19:15:29.0502 0x0cc4 Ndu - ok 19:15:29.0521 0x0cc4 NetBIOS - ok 19:15:29.0537 0x0cc4 NetBT - ok 19:15:29.0545 0x0cc4 Netlogon - ok 19:15:29.0567 0x0cc4 Netman - ok 19:15:29.0606 0x0cc4 netprofm - ok 19:15:29.0655 0x0cc4 NetSetupSvc - ok 19:15:29.0747 0x0cc4 NetTcpPortSharing - ok 19:15:29.0814 0x0cc4 NgcCtnrSvc - ok 19:15:29.0831 0x0cc4 NgcSvc - ok 19:15:29.0855 0x0cc4 NlaSvc - ok 19:15:29.0882 0x0cc4 Npfs - ok 19:15:29.0961 0x0cc4 npsvctrig - ok 19:15:29.0982 0x0cc4 nsi - ok 19:15:29.0998 0x0cc4 nsiproxy - ok 19:15:30.0036 0x0cc4 NTFS - ok 19:15:30.0059 0x0cc4 Null - ok 19:15:30.0073 0x0cc4 nvraid - ok 19:15:30.0082 0x0cc4 nvstor - ok 19:15:30.0090 0x0cc4 nv_agp - ok 19:15:30.0125 0x0cc4 OneSyncSvc - ok 19:15:30.0242 0x0cc4 p2pimsvc - ok 19:15:30.0274 0x0cc4 p2psvc - ok 19:15:30.0378 0x0cc4 Parport - ok 19:15:30.0387 0x0cc4 partmgr - ok 19:15:30.0407 0x0cc4 PcaSvc - ok 19:15:30.0427 0x0cc4 pci - ok 19:15:30.0457 0x0cc4 pciide - ok 19:15:30.0466 0x0cc4 pcmcia - ok 19:15:30.0580 0x0cc4 [ 51019118F4715E6DA58B3372246C281A, 3270DD3EC24015DE32E4670A9F16D5E0B491F96C5968FDC293D9F1A6F226A5AE ] PCTBD C:\WINDOWS\system32\Drivers\PCTBD64.sys 19:15:30.0638 0x0cc4 PCTBD - ok 19:15:30.0661 0x0cc4 PCTCore - ok 19:15:30.0780 0x0cc4 [ BA1F42A42F405F62CEFF6B69A2797F7C, 76706AF1D2935DA89883B718E575A2E4AFBD9295E0EB366B14506A60D19D2993 ] pctDS C:\WINDOWS\system32\drivers\pctDS64.sys 19:15:30.0837 0x0cc4 pctDS - ok 19:15:31.0086 0x0cc4 [ 146CC91C93CED13E7FE40E8D8615BE39, 5088609B7218A4634855A7C9163C0F774B5D4A89E17462F671582C1814D5EBA3 ] pctEFA C:\WINDOWS\system32\drivers\pctEFA64.sys 19:15:31.0134 0x0cc4 pctEFA - ok 19:15:31.0207 0x0cc4 [ E5F6DA5B178028A750C5B8D7B09B3383, 35CE64D4BC4B69AB39883AE03D62E29E511A6432777FCCC093F581D91BFFA631 ] pctgntdi C:\Windows\System32\drivers\pctgntdi64.sys 19:15:31.0240 0x0cc4 pctgntdi - ok 19:15:31.0328 0x0cc4 [ DB2BA2D9585101947C5A60D785A63491, 45FFB0CC6C14CDA90B18E59A3BD51E969AD0927E958DFC46B1DA6D5BB45DB62B ] PCTSD C:\WINDOWS\system32\Drivers\PCTSD64.sys 19:15:31.0379 0x0cc4 PCTSD - ok 19:15:31.0387 0x0cc4 pcw - ok 19:15:31.0410 0x0cc4 pdc - ok 19:15:31.0442 0x0cc4 PEAUTH - ok 19:15:31.0487 0x0cc4 percsas2i - ok 19:15:31.0546 0x0cc4 percsas3i - ok 19:15:32.0434 0x0cc4 PerfHost - ok 19:15:32.0515 0x0cc4 PhoneSvc - ok 19:15:32.0568 0x0cc4 PimIndexMaintenanceSvc - ok 19:15:32.0644 0x0cc4 pla - ok 19:15:32.0693 0x0cc4 PlugPlay - ok 19:15:32.0708 0x0cc4 PNRPAutoReg - ok 19:15:32.0718 0x0cc4 PNRPsvc - ok 19:15:32.0741 0x0cc4 PolicyAgent - ok 19:15:32.0760 0x0cc4 Power - ok 19:15:32.0804 0x0cc4 PptpMiniport - ok 19:15:33.0232 0x0cc4 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 19:15:33.0530 0x0cc4 PrintNotify - ok 19:15:33.0556 0x0cc4 Processor - ok 19:15:33.0583 0x0cc4 ProfSvc - ok 19:15:33.0593 0x0cc4 Psched - ok 19:15:33.0611 0x0cc4 QWAVE - ok 19:15:33.0645 0x0cc4 QWAVEdrv - ok 19:15:33.0674 0x0cc4 RasAcd - ok 19:15:33.0710 0x0cc4 RasAgileVpn - ok 19:15:33.0739 0x0cc4 RasAuto - ok 19:15:33.0766 0x0cc4 Rasl2tp - ok 19:15:33.0808 0x0cc4 RasMan - ok 19:15:33.0818 0x0cc4 RasPppoe - ok 19:15:33.0836 0x0cc4 RasSstp - ok 19:15:33.0846 0x0cc4 rdbss - ok 19:15:33.0864 0x0cc4 rdpbus - ok 19:15:33.0900 0x0cc4 RDPDR - ok 19:15:33.0926 0x0cc4 RdpVideoMiniport - ok 19:15:33.0939 0x0cc4 rdyboost - ok 19:15:33.0949 0x0cc4 ReFSv1 - ok 19:15:33.0985 0x0cc4 RemoteAccess - ok 19:15:34.0021 0x0cc4 RemoteRegistry - ok 19:15:34.0050 0x0cc4 RetailDemo - ok 19:15:34.0088 0x0cc4 RFCOMM - ok 19:15:34.0270 0x0cc4 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 19:15:34.0314 0x0cc4 RichVideo - ok 19:15:34.0339 0x0cc4 RpcEptMapper - ok 19:15:34.0370 0x0cc4 RpcLocator - ok 19:15:34.0388 0x0cc4 RpcSs - ok 19:15:34.0432 0x0cc4 rspndr - ok 19:15:34.0497 0x0cc4 [ EFC1803A4EED1E15A698721D873931B9, 364CE1BBF5E375C341D03067DB3484C8E0652F8BE7C030867F8883F13910278A ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 19:15:34.0588 0x0cc4 rt640x64 - ok 19:15:34.0734 0x0cc4 [ DBE1ADA144291F8E0F29ECC40AE14562, D85E5F698EFC6B2374FB330BE4C6828AA3E1A87D3F08BB855A790A5113D5ED5B ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 19:15:34.0784 0x0cc4 RtkAudioService - ok 19:15:34.0899 0x0cc4 [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 19:15:34.0948 0x0cc4 RTSUER - ok 19:15:34.0974 0x0cc4 s3cap - ok 19:15:34.0998 0x0cc4 SamSs - ok 19:15:35.0018 0x0cc4 sbp2port - ok 19:15:35.0052 0x0cc4 SCardSvr - ok 19:15:35.0074 0x0cc4 ScDeviceEnum - ok 19:15:35.0096 0x0cc4 scfilter - ok 19:15:35.0127 0x0cc4 Schedule - ok 19:15:35.0153 0x0cc4 SCPolicySvc - ok 19:15:35.0176 0x0cc4 sdbus - ok 19:15:35.0188 0x0cc4 SDRSVC - ok 19:15:35.0418 0x0cc4 [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 19:15:35.0486 0x0cc4 SDScannerService - ok 19:15:35.0513 0x0cc4 sdstor - ok 19:15:35.0765 0x0cc4 [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 19:15:35.0874 0x0cc4 SDUpdateService - ok 19:15:35.0930 0x0cc4 [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 19:15:35.0961 0x0cc4 SDWSCService - ok 19:15:35.0981 0x0cc4 seclogon - ok 19:15:36.0004 0x0cc4 SENS - ok 19:15:36.0234 0x0cc4 SensorDataService - ok 19:15:36.0300 0x0cc4 SensorService - ok 19:15:36.0335 0x0cc4 SensrSvc - ok 19:15:36.0369 0x0cc4 SerCx - ok 19:15:36.0379 0x0cc4 SerCx2 - ok 19:15:36.0411 0x0cc4 Serenum - ok 19:15:36.0435 0x0cc4 Serial - ok 19:15:36.0452 0x0cc4 sermouse - ok 19:15:36.0514 0x0cc4 SessionEnv - ok 19:15:36.0526 0x0cc4 sfloppy - ok 19:15:36.0561 0x0cc4 SharedAccess - ok 19:15:36.0580 0x0cc4 ShellHWDetection - ok 19:15:36.0601 0x0cc4 SiSRaid2 - ok 19:15:36.0612 0x0cc4 SiSRaid4 - ok 19:15:36.0723 0x0cc4 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 19:15:36.0768 0x0cc4 SkypeUpdate - ok 19:15:36.0801 0x0cc4 [ A65BFE4307A81A8EEA1B8B4C93DF31EB, FF6A1C488157324952E4E6FD765AFDC2DE3301A0FF5C91741F75CA542008D694 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 19:15:36.0829 0x0cc4 SmbDrv - ok 19:15:36.0884 0x0cc4 [ 62816EB96E4B041EB6B69EE83D9E828F, BC2EE45969AF056FEE94D741D3843CBF12ED2921E36C5240B09F83A6EB343A74 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 19:15:36.0933 0x0cc4 SmbDrvI - ok 19:15:36.0952 0x0cc4 smphost - ok 19:15:37.0006 0x0cc4 [ F1EF22A6A458E04F7153C0595EAB7C7B, F6795AFEBB0079238C77B7C3517130C7F18BC784075735B28EEDA27A04DF41A4 ] SMR501 C:\WINDOWS\System32\drivers\SMR501.SYS 19:15:37.0032 0x0cc4 SMR501 - ok 19:15:37.0095 0x0cc4 SmsRouter - ok 19:15:37.0163 0x0cc4 SNMPTRAP - ok 19:15:37.0200 0x0cc4 spaceport - ok 19:15:37.0221 0x0cc4 SpbCx - ok 19:15:37.0246 0x0cc4 Spooler - ok 19:15:37.0257 0x0cc4 sppsvc - ok 19:15:37.0476 0x0cc4 [ D6786650A26543FFF83806057458B96E, 1002A5E6338255ACF9E7DD901378CB8BCE0FC6A7503C6D78EEBF8BAD619ECBC4 ] SRTSP C:\WINDOWS\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS 19:15:37.0539 0x0cc4 SRTSP - ok 19:15:37.0580 0x0cc4 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS 19:15:37.0605 0x0cc4 SRTSPX - ok 19:15:37.0616 0x0cc4 srv - ok 19:15:37.0628 0x0cc4 srv2 - ok 19:15:37.0664 0x0cc4 srvnet - ok 19:15:37.0701 0x0cc4 SSDPSRV - ok 19:15:37.0740 0x0cc4 SstpSvc - ok 19:15:37.0795 0x0cc4 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 19:15:37.0825 0x0cc4 ssudmdm - ok 19:15:37.0861 0x0cc4 StateRepository - ok 19:15:38.0052 0x0cc4 [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 19:15:38.0100 0x0cc4 Steam Client Service - ok 19:15:38.0111 0x0cc4 stexstor - ok 19:15:38.0157 0x0cc4 stisvc - ok 19:15:38.0167 0x0cc4 storahci - ok 19:15:38.0195 0x0cc4 storflt - ok 19:15:38.0206 0x0cc4 stornvme - ok 19:15:38.0250 0x0cc4 storqosflt - ok 19:15:38.0286 0x0cc4 StorSvc - ok 19:15:38.0297 0x0cc4 storufs - ok 19:15:38.0307 0x0cc4 storvsc - ok 19:15:38.0348 0x0cc4 svsvc - ok 19:15:38.0366 0x0cc4 swenum - ok 19:15:38.0380 0x0cc4 swprv - ok 19:15:38.0625 0x0cc4 [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS 19:15:38.0701 0x0cc4 SymEFASI - ok 19:15:38.0757 0x0cc4 [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\SymELAM.sys 19:15:38.0786 0x0cc4 SymELAM - ok 19:15:38.0856 0x0cc4 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 19:15:38.0901 0x0cc4 SymEvent - ok 19:15:39.0014 0x0cc4 [ EC8538693C84E5B85014CB0F4174A8B7, 570D4193A5616A65962D086048D51C37BE166B77ED7293DF3E8871A502831261 ] SymIRON C:\WINDOWS\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS 19:15:39.0057 0x0cc4 SymIRON - ok 19:15:39.0202 0x0cc4 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\WINDOWS\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS 19:15:39.0255 0x0cc4 SymNetS - ok 19:15:39.0315 0x0cc4 Synth3dVsc - ok 19:15:39.0441 0x0cc4 [ D4A7C0244550E478991A3C6F18596C9F, C2C991FEBA1526E409B60038F06B4D22E618278594528A1032B14401F835855F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 19:15:39.0481 0x0cc4 SynTP - ok 19:15:39.0528 0x0cc4 SysMain - ok 19:15:39.0570 0x0cc4 SystemEventsBroker - ok 19:15:39.0602 0x0cc4 TabletInputService - ok 19:15:39.0616 0x0cc4 TapiSrv - ok 19:15:39.0639 0x0cc4 Tcpip - ok 19:15:39.0650 0x0cc4 Tcpip6 - ok 19:15:39.0690 0x0cc4 tcpipreg - ok 19:15:39.0731 0x0cc4 tdx - ok 19:15:39.0742 0x0cc4 terminpt - ok 19:15:39.0769 0x0cc4 TermService - ok 19:15:39.0781 0x0cc4 Themes - ok 19:15:39.0809 0x0cc4 TieringEngineService - ok 19:15:39.0863 0x0cc4 tiledatamodelsvc - ok 19:15:39.0906 0x0cc4 TimeBroker - ok 19:15:39.0944 0x0cc4 TPM - ok 19:15:39.0968 0x0cc4 TrkWks - ok 19:15:40.0026 0x0cc4 TrustedInstaller - ok 19:15:40.0088 0x0cc4 tsusbflt - ok 19:15:40.0099 0x0cc4 TsUsbGD - ok 19:15:40.0110 0x0cc4 tunnel - ok 19:15:40.0169 0x0cc4 tzautoupdate - ok 19:15:40.0192 0x0cc4 uagp35 - ok 19:15:40.0232 0x0cc4 UASPStor - ok 19:15:40.0266 0x0cc4 UcmCx0101 - ok 19:15:40.0278 0x0cc4 UcmUcsi - ok 19:15:40.0289 0x0cc4 Ucx01000 - ok 19:15:40.0302 0x0cc4 UdeCx - ok 19:15:40.0324 0x0cc4 udfs - ok 19:15:40.0336 0x0cc4 UEFI - ok 19:15:40.0358 0x0cc4 Ufx01000 - ok 19:15:40.0388 0x0cc4 UfxChipidea - ok 19:15:40.0402 0x0cc4 ufxsynopsys - ok 19:15:40.0441 0x0cc4 UI0Detect - ok 19:15:40.0465 0x0cc4 uliagpkx - ok 19:15:40.0478 0x0cc4 umbus - ok 19:15:40.0501 0x0cc4 UmPass - ok 19:15:40.0534 0x0cc4 UmRdpService - ok 19:15:40.0578 0x0cc4 UnistoreSvc - ok 19:15:40.0711 0x0cc4 upnphost - ok 19:15:40.0776 0x0cc4 UrsChipidea - ok 19:15:40.0787 0x0cc4 UrsCx01000 - ok 19:15:40.0804 0x0cc4 UrsSynopsys - ok 19:15:40.0816 0x0cc4 usbccgp - ok 19:15:40.0833 0x0cc4 usbcir - ok 19:15:40.0863 0x0cc4 usbehci - ok 19:15:40.0887 0x0cc4 usbhub - ok 19:15:40.0899 0x0cc4 USBHUB3 - ok 19:15:40.0913 0x0cc4 usbohci - ok 19:15:40.0926 0x0cc4 usbprint - ok 19:15:40.0980 0x0cc4 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 19:15:41.0016 0x0cc4 usbscan - ok 19:15:41.0041 0x0cc4 usbser - ok 19:15:41.0062 0x0cc4 USBSTOR - ok 19:15:41.0096 0x0cc4 usbuhci - ok 19:15:41.0129 0x0cc4 usbvideo - ok 19:15:41.0166 0x0cc4 USBXHCI - ok 19:15:41.0224 0x0cc4 UserDataSvc - ok 19:15:41.0467 0x0cc4 UserManager - ok 19:15:41.0498 0x0cc4 UsoSvc - ok 19:15:41.0511 0x0cc4 VaultSvc - ok 19:15:41.0528 0x0cc4 vdrvroot - ok 19:15:41.0564 0x0cc4 vds - ok 19:15:41.0587 0x0cc4 VerifierExt - ok 19:15:41.0599 0x0cc4 vhdmp - ok 19:15:41.0614 0x0cc4 vhf - ok 19:15:41.0627 0x0cc4 vmbus - ok 19:15:41.0639 0x0cc4 VMBusHID - ok 19:15:41.0674 0x0cc4 vmicguestinterface - ok 19:15:41.0688 0x0cc4 vmicheartbeat - ok 19:15:41.0702 0x0cc4 vmickvpexchange - ok 19:15:41.0714 0x0cc4 vmicrdv - ok 19:15:41.0727 0x0cc4 vmicshutdown - ok 19:15:41.0740 0x0cc4 vmictimesync - ok 19:15:41.0752 0x0cc4 vmicvmsession - ok 19:15:41.0765 0x0cc4 vmicvss - ok 19:15:41.0788 0x0cc4 volmgr - ok 19:15:41.0802 0x0cc4 volmgrx - ok 19:15:41.0814 0x0cc4 volsnap - ok 19:15:41.0838 0x0cc4 vpci - ok 19:15:41.0851 0x0cc4 vsmraid - ok 19:15:41.0885 0x0cc4 VSS - ok 19:15:41.0915 0x0cc4 VSTXRAID - ok 19:15:41.0940 0x0cc4 vwifibus - ok 19:15:41.0965 0x0cc4 vwififlt - ok 19:15:41.0977 0x0cc4 vwifimp - ok 19:15:42.0015 0x0cc4 W32Time - ok 19:15:42.0027 0x0cc4 WacomPen - ok 19:15:42.0064 0x0cc4 WalletService - ok 19:15:42.0079 0x0cc4 wanarp - ok 19:15:42.0092 0x0cc4 wanarpv6 - ok 19:15:42.0129 0x0cc4 wbengine - ok 19:15:42.0164 0x0cc4 WbioSrvc - ok 19:15:42.0199 0x0cc4 Wcmsvc - ok 19:15:42.0217 0x0cc4 wcncsvc - ok 19:15:42.0236 0x0cc4 WcsPlugInService - ok 19:15:42.0250 0x0cc4 WdBoot - ok 19:15:42.0280 0x0cc4 Wdf01000 - ok 19:15:42.0314 0x0cc4 WdFilter - ok 19:15:42.0335 0x0cc4 WdiServiceHost - ok 19:15:42.0347 0x0cc4 WdiSystemHost - ok 19:15:42.0371 0x0cc4 wdiwifi - ok 19:15:42.0384 0x0cc4 WdNisDrv - ok 19:15:42.0454 0x0cc4 WdNisSvc - ok 19:15:42.0496 0x0cc4 WebClient - ok 19:15:42.0516 0x0cc4 Wecsvc - ok 19:15:42.0529 0x0cc4 WEPHOSTSVC - ok 19:15:42.0543 0x0cc4 wercplsupport - ok 19:15:42.0557 0x0cc4 WerSvc - ok 19:15:42.0592 0x0cc4 WFPLWFS - ok 19:15:42.0641 0x0cc4 WiaRpc - ok 19:15:42.0683 0x0cc4 WIMMount - ok 19:15:42.0695 0x0cc4 WinDefend - ok 19:15:42.0729 0x0cc4 WindowsTrustedRT - ok 19:15:42.0779 0x0cc4 WindowsTrustedRTProxy - ok 19:15:42.0818 0x0cc4 WinHttpAutoProxySvc - ok 19:15:42.0845 0x0cc4 WinMad - ok 19:15:42.0991 0x0cc4 Winmgmt - ok 19:15:43.0049 0x0cc4 WinRM - ok 19:15:43.0111 0x0cc4 WINUSB - ok 19:15:43.0125 0x0cc4 WinVerbs - ok 19:15:43.0168 0x0cc4 WlanSvc - ok 19:15:43.0194 0x0cc4 wlidsvc - ok 19:15:43.0208 0x0cc4 WmiAcpi - ok 19:15:43.0248 0x0cc4 wmiApSrv - ok 19:15:43.0318 0x0cc4 WMPNetworkSvc - ok 19:15:43.0432 0x0cc4 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 19:15:43.0466 0x0cc4 Wof - ok 19:15:43.0513 0x0cc4 workfolderssvc - ok 19:15:43.0599 0x0cc4 wpcfltr - ok 19:15:43.0656 0x0cc4 WPDBusEnum - ok 19:15:43.0669 0x0cc4 WpdUpFltr - ok 19:15:43.0727 0x0cc4 WpnService - ok 19:15:43.0767 0x0cc4 ws2ifsl - ok 19:15:43.0803 0x0cc4 wscsvc - ok 19:15:43.0817 0x0cc4 WSearch - ok 19:15:43.0870 0x0cc4 WSService - ok 19:15:43.0927 0x0cc4 wuauserv - ok 19:15:43.0963 0x0cc4 WudfPf - ok 19:15:43.0977 0x0cc4 WUDFRd - ok 19:15:44.0001 0x0cc4 wudfsvc - ok 19:15:44.0016 0x0cc4 WUDFWpdFs - ok 19:15:44.0030 0x0cc4 WUDFWpdMtp - ok 19:15:44.0068 0x0cc4 WwanSvc - ok 19:15:44.0121 0x0cc4 XblAuthManager - ok 19:15:44.0156 0x0cc4 XblGameSave - ok 19:15:44.0239 0x0cc4 xboxgip - ok 19:15:44.0308 0x0cc4 XboxNetApiSvc - ok 19:15:44.0366 0x0cc4 xinputhid - ok 19:15:44.0440 0x0cc4 xusb22 - ok 19:15:44.0558 0x0cc4 [ 7DD4F85CB997834E1ADC1238045AD905, 2FF42F7BEC21D361698FFC7921DC690C16DEEC2A357188DDE6ECADA9CFA0B780 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe 19:15:44.0589 0x0cc4 ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 ) 19:15:46.0960 0x0cc4 Detect skipped due to KSN trusted 19:15:46.0960 0x0cc4 ZAtheros Wlan Agent - ok 19:15:46.0961 0x0cc4 ================ Scan global =============================== 19:15:47.0090 0x0cc4 [ Global ] - ok 19:15:47.0092 0x0cc4 ================ Scan MBR ================================== 19:15:47.0112 0x0cc4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 19:15:48.0390 0x0cc4 \Device\Harddisk0\DR0 - ok 19:15:48.0391 0x0cc4 ================ Scan VBR ================================== 19:15:48.0429 0x0cc4 [ D335B8E433592989DFD81D9C32FA5B5B ] \Device\Harddisk0\DR0\Partition1 19:15:48.0494 0x0cc4 \Device\Harddisk0\DR0\Partition1 - ok 19:15:48.0516 0x0cc4 [ CB654AEFABB230D2D1D70C0107B5B0D6 ] \Device\Harddisk0\DR0\Partition2 19:15:48.0606 0x0cc4 \Device\Harddisk0\DR0\Partition2 - ok 19:15:48.0626 0x0cc4 [ 0D52EBCA2192D37E8762FC6A8E0C2F78 ] \Device\Harddisk0\DR0\Partition3 19:15:48.0636 0x0cc4 \Device\Harddisk0\DR0\Partition3 - ok 19:15:48.0659 0x0cc4 [ 34C6FFB3327E38D0317C0E2C6E2A54AF ] \Device\Harddisk0\DR0\Partition4 19:15:48.0825 0x0cc4 \Device\Harddisk0\DR0\Partition4 - ok 19:15:48.0850 0x0cc4 [ 08D41AA9162A28482EAAF33DD174FB24 ] \Device\Harddisk0\DR0\Partition5 19:15:48.0932 0x0cc4 \Device\Harddisk0\DR0\Partition5 - ok 19:15:48.0968 0x0cc4 [ 2E1F5FEED1CD842C53136677EA4A4BDD ] \Device\Harddisk0\DR0\Partition6 19:15:49.0014 0x0cc4 \Device\Harddisk0\DR0\Partition6 - ok 19:15:49.0051 0x0cc4 [ F7DCE0EF296A49CC92D40D16938D025A ] \Device\Harddisk0\DR0\Partition7 19:15:49.0098 0x0cc4 \Device\Harddisk0\DR0\Partition7 - ok 19:15:49.0099 0x0cc4 ================ Scan generic autorun ====================== 19:15:49.0325 0x1048 Object required for P2P: [ EC8538693C84E5B85014CB0F4174A8B7 ] SymIRON 19:15:49.0875 0x0cc4 [ 641B19018CB32619ADBD0AED4964E1D9, 4F85CD33E69A1EE9C145407E2FE28C0D6EAE0782576D656E583052A69677A910 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 19:15:50.0173 0x0cc4 RTHDVCPL - ok 19:15:50.0342 0x0cc4 [ BC5A40AEAC1CF7708D07CBC2F577F90B, A70B2C08CE007532739C60B474289459225D0554C8C5DA113DC649955BDC9DF6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 19:15:50.0390 0x0cc4 RtHDVBg - ok 19:15:50.0455 0x0cc4 [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\Windows\system32\igfxtray.exe 19:15:50.0495 0x0cc4 IgfxTray - ok 19:15:50.0829 0x0cc4 [ E30987C26979B7D45DABAD46E512569F, 42EEBFE63BEF4D32B2804152F6261CB0B92768DD24E8D908ECB85CC846EF9BED ] c:\Program Files\Dell\QuickSet\QuickSet.exe 19:15:51.0055 0x0cc4 QuickSet - ok 19:15:51.0060 0x0cc4 SynTPEnh - ok 19:15:51.0160 0x0cc4 [ 139C3E683C64935D397A3A656D443E29, 56A914FC51ED13541987DBE2DE9ED28D9130DD3CF8DD90F9550A1D8818B24983 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 19:15:51.0200 0x0cc4 RemoteControl10 - ok 19:15:51.0473 0x0cc4 [ 7BCFEB37C3EC6A83E5C71DEA5418BA3D, 318C2BA9F110341A71D3D540490F452D370313B1644C6A6AEC8D56E251E02AD9 ] C:\Program Files (x86)\Dell Printers\Printer SSW\Launcher\dlm1launcher.exe 19:15:51.0570 0x0cc4 LauncherC1765nf - ok 19:15:51.0814 0x1048 Object send P2P result: true 19:15:51.0936 0x0cc4 [ D0F1DFC03507FD60FC8DFDCD862799AF, 842099BC6810637CA2B7B8A827A1014FC5FD4F319429E31907D8AC294243CA1C ] C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe 19:15:52.0102 0x0cc4 StatusAutoRunC1765nf - ok 19:15:52.0415 0x0cc4 [ 51B70CE8B46FB074154F2C144919E633, 498E5585814924778358A5D4BEA1936D2CB4D1A15FD900AE017C63D6F1A9F52B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 19:15:52.0454 0x0cc4 StartCCC - ok 19:15:52.0598 0x0cc4 [ 163E43BC69AE78F468024EC2133C94A8, 782C79FA3A841FDC4F549A212E07C3B8397E1FBEE44833C0662FC7E43EA24997 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 19:15:52.0644 0x0cc4 SunJavaUpdateSched - ok 19:15:53.0258 0x0cc4 [ 4864F4A62A735C673D27CCFBBB1C405A, 56FB81F39AF9B0CD07E11CB227B3CAFBE907DF44C7C61C6A8DB023294C255992 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 19:15:53.0469 0x0cc4 LogMeIn Hamachi Ui - ok 19:15:53.0620 0x0cc4 [ B0CCAD1705E463E212BE4A3A35338560, 849A4D23C4A2887AB5EBDB455532654437EE9A0A88484230148B1CF8689B6661 ] C:\WINDOWS\is-CANB9.exe 19:15:53.0690 0x0cc4 InnoSetupRegFile.0000000001 - ok 19:15:54.0242 0x0cc4 OneDriveSetup - ok 19:15:54.0244 0x0cc4 OneDriveSetup - ok 19:15:54.0272 0x0cc4 RGSC - ok 19:15:54.0600 0x0cc4 [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe 19:15:54.0701 0x0cc4 Steam - ok 19:15:54.0896 0x0cc4 [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\OneDrive.exe 19:15:54.0949 0x0cc4 OneDrive - ok 19:15:55.0045 0x0cc4 Skype - ok 19:15:55.0292 0x0cc4 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 19:15:55.0437 0x0cc4 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 ) 19:15:57.0814 0x0cc4 Detect skipped due to KSN trusted 19:15:57.0814 0x0cc4 SpybotPostWindows10UpgradeReInstall - ok 19:15:57.0993 0x0cc4 [ AB687F4196EA06635A11A996B630D984, 837880EE87A826295A9145C6CE77FC9894E9A5EC21182B50DFC2B42225461436 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe 19:15:58.0044 0x0cc4 BlueStacks Agent - ok 19:15:58.0118 0x0cc4 GameJoltClient - ok 19:15:58.0875 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok 19:15:58.0887 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1 - ok 19:15:58.0899 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64 - ok 19:15:58.0911 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127 - ok 19:15:58.0923 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64 - ok 19:15:58.0929 0x0cc4 Uninstall C:\Users\Michael Wiesnet\AppData\Local\Microsoft\OneDrive\17.3.6302.0225 - ok 19:15:58.0930 0x0cc4 Waiting for KSN requests completion. In queue: 14 19:15:59.0343 0x1a78 Object required for P2P: [ 7BCFEB37C3EC6A83E5C71DEA5418BA3D ] C:\Program Files (x86)\Dell Printers\Printer SSW\Launcher\dlm1launcher.exe 19:15:59.0930 0x0cc4 Waiting for KSN requests completion. In queue: 9 19:16:00.0931 0x0cc4 Waiting for KSN requests completion. In queue: 9 19:16:01.0831 0x1a78 Object send P2P result: true 19:16:01.0832 0x1a78 Object required for P2P: [ D0F1DFC03507FD60FC8DFDCD862799AF ] C:\Program Files (x86)\Dell Printers\Printer SSW\Status Monitor\dlm1pl.exe 19:16:01.0931 0x0cc4 Waiting for KSN requests completion. In queue: 7 19:16:02.0932 0x0cc4 Waiting for KSN requests completion. In queue: 7 19:16:03.0932 0x0cc4 Waiting for KSN requests completion. In queue: 7 19:16:04.0346 0x1a78 Object send P2P result: true 19:16:04.0347 0x1a78 Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe 19:16:04.0933 0x0cc4 Waiting for KSN requests completion. In queue: 2 19:16:05.0933 0x0cc4 Waiting for KSN requests completion. In queue: 2 19:16:06.0832 0x1a78 Object send P2P result: true 19:16:07.0179 0x0cc4 AV detected via SS2: Norton AntiVirus, C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51000 ( enabled : updated ) 19:16:07.0181 0x0cc4 AV detected via SS2: PC Tools Spyware Doctor with AntiVirus, C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe ( ), 0x70000 ( disabled : updated ) 19:16:07.0309 0x0cc4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated ) 19:16:07.0337 0x0cc4 Win FW state via NFP2: enabled ( trusted ) 19:16:09.0777 0x0cc4 ============================================================ 19:16:09.0777 0x0cc4 Scan finished 19:16:09.0777 0x0cc4 ============================================================ 19:16:09.0798 0x16e4 Detected object count: 0 19:16:09.0798 0x16e4 Actual detected object count: 0 Das hat er auch erstellt ;D Geändert von M-K-D-B (01.07.2017 um 10:14 Uhr) |
30.05.2016, 18:23 | #11 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Dann poste jetzt mal bitte ein Log oder einen Screenshot wo Norton da was findet. Dateiname, Pfad etc. Und frag mich bitte nicht wo Du das Norton-Log findest. Ich benutze sowas nicht...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
30.05.2016, 18:41 | #12 |
| Viren,Trojaner,Würmer,Track cookies und Komische Programe. Leider erstellt Norton keine Logfile sonder dies :c.. Informationen über Screening: **Version der Virendefinitionen: 2016.05.29.019 **Serielle Virendefinitionen-ID: 178122 Statistiken zu überprüfen: **Ab Prüfung: ***Ortszeit: 30/05/2016 19.26 ***UTC-Zeit: 30. Mai 2016 17.26 Uhr **Zeitprüfung: 550 Sekunden **Ziele Screening: Normalerweise wird die infizierte Gebiet **Zahlen: Gesamtzahl der getesteten Produkte: 8507 - Dateien und Ordner: 5280 - Registry-Einträge: 711 - Prozesse und Systemstartelemente: 1858 - Gegenstände Netzwerk und Browser: 650 - Andere: 5 - Trusted Dateien: 707 - Gelöscht: 53 Die Gesamtzahl der ermittelten Sicherheitsrisiken: 6 Gesamtzahl der gelöst Artikel: 6 Gesamtzahl der Artikel die Aufmerksamkeit erfordern: 0 Gelöst Bedrohungen: 6-Tracking. Mgr. Cookies *Typ: Abweichung *Risiko: Low-Pegel (Low-Level-Verstecken, Low Entfernung, Low Power, Low Privacy) *Kategorie: Trackingcookies *Status: Vollständig gelöst *----------- *6-Tracking. Mgr. Cookies Cookie: michael wiesnet@cdn.at.atwola.com/ - Entfernt Cookie: michael wiesnet@track.adform.net/ - Entfernt Cookie: michael wiesnet@at.atwola.com/ - Entfernt Cookie: michael wiesnet@adtech.de/ - Entfernt Cookie: michael wiesnet@advertising.com/ - Entfernt *- entfernt Ungelöste Bedrohungen: Keine ungelösten Risiken Screenschot geht an mein PC auch nicht mehr ... ;/ Und Norton bemerkt garnicht das Infostealer.B oder Buzzdock oder Andere Programme ein Virus ist :c |
30.05.2016, 18:42 | #13 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
31.05.2016, 17:28 | #14 |
| Noch mehr ist passiert :c. Hallo,es ist wieder mehr passiert ich habe auf meinen PC neuen Viren bekommen Trojaner.Agent es kommen immer meer :C Und ich gehe nur auf YouTube und bei Trojaner-Board.de also keine gefährlichen Seiten Und der Eset scant noch bald wenn es fertig ist schicke ich die Log.file. Bei meinen G-Mail hat sich ein gerät angemeldet 29Mai ein Apple Smartphone und ich benutze kein Apple und mein Paswort kann keiner hacken also beobachtet mich jemand :c Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=init # utc_time=2016-05-18 02:45:53 # local_time=2016-05-18 04:45:53 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT Update Init Update Download esets_scanner_update returned -1 esets_gle=37126 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download Update Init Update Download esets_scanner_update returned -1 esets_gle=41221 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download Update Finalize Updated modules version: 29513 Update Init Update Download esets_scanner_update returned -1 esets_gle=53251 Update Finalize Updated modules version: 29513 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=updated # utc_time=2016-05-18 06:04:20 # local_time=2016-05-18 08:04:20 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # engine=29513 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-05-18 08:39:01 # local_time=2016-05-18 10:39:01 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton AntiVirus' # compatibility_mode=3599 16777213 87 87 92542 226200526 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 12287667 22575221 0 0 # scanned=517369 # found=2 # cleaned=0 # scan_time=9280 sh=F3A463C5CEF05D3D1910F61B5597B9BA37E6BBEC ft=1 fh=84a4170d5c4f80e2 vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\2\Plugin.exe.vir" sh=3D96C7FA132C978DD1A862D66F3FDABC074143A3 ft=1 fh=53ed1b1ef2defedc vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\5bak\Plugin.exe.vir" # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=init # utc_time=2016-05-31 12:46:34 # local_time=2016-05-31 02:46:34 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 29647 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=updated # utc_time=2016-05-31 12:54:42 # local_time=2016-05-31 02:54:42 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=restart # utc_time=2016-05-31 01:25:32 # local_time=2016-05-31 03:25:32 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT # compatibility_mode_1='Norton AntiVirus' # compatibility_mode=3599 16777213 87 87 1189732 227297716 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 13384857 23672411 0 0 # scanned=55997 # found=2 # cleaned=0 # scan_time=1848 sh=F3A463C5CEF05D3D1910F61B5597B9BA37E6BBEC ft=1 fh=84a4170d5c4f80e2 vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\2\Plugin.exe.vir" sh=3D96C7FA132C978DD1A862D66F3FDABC074143A3 ft=1 fh=53ed1b1ef2defedc vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\5bak\Plugin.exe.vir" # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=init # utc_time=2016-05-31 01:35:55 # local_time=2016-05-31 03:35:55 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT Update Init Update Download esets_scanner_update returned -1 esets_gle=53251 Update Finalize Updated modules version: 29647 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # end=updated # utc_time=2016-05-31 01:36:42 # local_time=2016-05-31 03:36:42 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=87527d35b9568548aaa1b218b1054f4f # engine=29647 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-05-31 04:20:57 # local_time=2016-05-31 06:20:57 (+0100, Mitteleuropäische Sommerzeit ) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton AntiVirus' # compatibility_mode=3599 16777213 87 87 1200258 227308242 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 13395383 23682937 0 0 # scanned=518901 # found=2 # cleaned=0 # scan_time=9854 sh=F3A463C5CEF05D3D1910F61B5597B9BA37E6BBEC ft=1 fh=84a4170d5c4f80e2 vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\2\Plugin.exe.vir" sh=3D96C7FA132C978DD1A862D66F3FDABC074143A3 ft=1 fh=53ed1b1ef2defedc vn="Variante von Win32/BrowseFox.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\322cb724-1680-423d-8862-1b52ca5027ad\plugins\5bak\Plugin.exe.vir" |
31.05.2016, 18:11 | #15 |
/// TB-Ausbilder /// Anleitungs-Guru | Viren,Trojaner,Würmer,Track cookies und Komische Programe. Bitte mal frische FRST-Logs: Schritt 1 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
Themen zu Viren,Trojaner,Würmer,Track cookies und Komische Programe. |
browser, dateien, einfach, google, hängt, infizierte, infos, internet, löscht, netzwerk, norton, ordner, prozesse, scan, scanner, spybot, tracking, trojaner, vbs, viren, virenscanner, virus, windows, würmer, zahlen |