|
Log-Analyse und Auswertung: Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.07.2016, 16:08 | #1 |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Hallo liebe Community! Zuerst ein möglichst kurzer Abriss, warum ich überhaupt Maßnahmen ergriffen habe...danach findet ihr Infos (inkl. Logs) was ich gemacht habe. 1. Was bisher geschah: Ich habe Kaspersky Internet Security installiert und bin eigentlich immer ganz gut damit gefahren; meide eigentlich dubiose Seiten...aber im Mai habe ich idiotischerweise eine Daten-Recovery-Software via Chip.de runtergeladen und installiert...und damit dann noch 5 andere Programme und vermutlich auch Adware. Die Programme habe ich sofort wieder deinstalliert, nach und nach machten sich aber dubiose Probleme bemerkbar; Kaspersky-Scans fanden nichts. Ende Juni fand er dann zum ersten Mal etwas und gestern wieder. Dazwischen motzte er dauernd auf ganz normalen Seiten herum, dass mit den Zertifikaten etwas nicht in Ordnung sei, sodass ich diese Verbdingungen immer blockte. Die Webseiten ließen sich ohne Probleme trotzdem aufrufen, weshalb ich den Verdacht habe, dass mir irgendwer Fake-Verbindungen im Hintergrund unterjubeln wollte....(?). Wie dem auch sei, gestern nach dem Removal von "Adposhel" durch Kaspersky kam es dann auch zu sehr dubiosen Effekten beim Surfen: Mein Adblocker lief richtig heiß weil auf Google (?!!) Plötzlich 20 Popups aufeinmal aufgehen wollten und als ich nach "adposhel removal" googelte kamen entweder gar keine Ergebnisse oder ich konnte sie nicht aufrufen wegen Adblocking-Wahnsinn. Ich beschloss also meinen PC herunterzufahren und auf meinem Zweitrechner zu recherchieren, wie ich dem Problem entgegnen könnte. So kam ich unter anderem in dieses Forum. 2. Wie es heute weiterging: Zuerst bin ich vorgegangen wie in diesem Thread beschrieben: http://www.trojaner-board.de/178528-...entfernen.html D.h.: 1. Firefox und Ordner manuell auf dubiose AddonsFiles gecheckt, nichts gefunden. 2. Die Programme die hier verlinkt waren von Filepony auf einen fabriksneuen USB-Stick geladen; alles über meinen Ausweich-Rechner, der ja wohl hoffentlich sauber ist (Linux; außerdem benutze ich ihn wirklich kaum). 3. Erstmal gescannt mit MBAM, einiges gefunden und im Quarantäne-Ordner belassen. 4. AdwCleaner drüberlaufen lassen - hat wieder was gefunden, das ich entfernt habe. 5. Junkware removal tool angewendet - dafür habe ich Kaspersky "ausgeschaltet"; konnte wieder was entdecken, was ich entfernt habe. Danach habe ich Kaspersky wieder angedreht. 6. Weil ich neugierig war habe ich den Kaspersky TDSSKiller drüberlaufen lassen - der hat auch 2 Sachen gefunden, von denen ich allerdings glaube, dass sie nicht bösartig sind...? Mehr dazu dann bei den Logfiles. Ich habe jedenfalls "skip" gewählt. 7. Anschließend habe ich den ESET Online Scanner drüber laufen lassen, in der Hoffnung, dass alles ok ist. Der hat aber auch wieder was gefunden, was mir fishy vorkam. 8. µtorrent deinstalliert, habe das seit Jahren nimmer benutzt und wusste gar nicht, dass es drauf ist o_O; Sowas brauche ich jedenfalls nicht. 9. Ich bin nicht sicher, ob ich jetzt clean bin...mein Bauchgefühl sagt mir: nein. Deshalb dachte ich, ich hole mir Hilfe und habe deshalb als letzten Schritt noch einen FRST Scan gemacht; weil ihr da ja immer in die Log-Files reinschaut. Eigentlich bin ich ein sehr vorsichtiger User, hatte über 10 Jahre noch nie was...aber naja, selbst schuld; das wird mir eine Lehre sein! Jedenfalls bin ich für jede Hilfe dankbar (bin dann doch kein Profi...uff) und hoffe, dass ich mir neu aufsetzen ersparen kann. 3. Die Logs Das hat mein Kaspersky entdeckt - weiß nicht, ob euch das hilft; ist leider kein gscheiter Log: Code:
ATTFilter 13.07.2016 11.40.53 Gefundenes Objekt (Datei) wurde gelöscht. C:\ProgramData\9243bc73\87bf282e.dll Datei: C:\ProgramData\9243bc73\87bf282e.dll Objektname: not-a-virus:AdWare.Win32.Adposhel.a Objekttyp: Adware Zeitpunkt: 13.07.2016 11:40 25.06.2016 09.50.32 Gefundenes Objekt (Datei) wurde gelöscht. C:\Users\v\AppData\Local\Temp\7953982.t.exe//data0001 Datei: C:\Users\v\AppData\Local\Temp\7953982.t.exe//data0001 Objektname: not-a-virus:AdWare.MSIL.DNSUnlocker.asq Objekttyp: Adware Zeitpunkt: 25.06.2016 09:50 25.06.2016 09.50.32 Gefundenes Objekt (Datei) wurde gelöscht. C:\Users\v\AppData\Local\Temp\7953982.t.exe Datei: C:\Users\v\AppData\Local\Temp\7953982.t.exe Objektname: Objekttyp: Unbekannte Bedrohung Zeitpunkt: 25.06.2016 09:50 25.06.2016 09.50.32 Gefundenes Objekt (Datei) wurde gelöscht. C:\Users\v\AppData\Local\Temp\95460614.t.exe Datei: C:\Users\v\AppData\Local\Temp\95460614.t.exe Objektname: Objekttyp: Unbekannte Bedrohung Zeitpunkt: 25.06.2016 09:50 25.06.2016 09.50.32 Gefundenes Objekt (Datei) wurde gelöscht. C:\Users\v\AppData\Local\Temp\95460614.t.exe//data0001 Datei: C:\Users\v\AppData\Local\Temp\95460614.t.exe//data0001 Objektname: not-a-virus:AdWare.MSIL.DNSUnlocker.asq Objekttyp: Adware Zeitpunkt: 25.06.2016 09:50 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 14.07.2016 Suchlaufzeit: 09:45 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.07.14.03 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: v Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 389297 Abgelaufene Zeit: 22 Min., 58 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 2 PUP.Optional.ASK, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, 2128, Löschen bei Neustart, [a744c162445679bda4181fc74eb315eb] PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, 2140, Löschen bei Neustart, [816afa299dfd39fd5e5632a7758d20e0] Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 17 PUP.Optional.CloudScout, HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b, In Quarantäne, [569536ed831770c69d7b2d954db6b749], PUP.Optional.CloudScout, HKLM\SOFTWARE\WOW6432NODE\5da059a482fd494db3f252126fbc3d5b, In Quarantäne, [9d4e8e95d9c1e353d5435d65b053de22], PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, In Quarantäne, [29c2b86be3b77eb89c164a8f956d18e8], PUP.Optional.OneSystemCare, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\OneSystemCare_RASAPI32, In Quarantäne, [8a61cb58dbbf999d1c4fa43be91a59a7], PUP.Optional.OneSystemCare, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\OneSystemCare_RASMANCS, In Quarantäne, [6487a2814852de58313af7e89b68fb05], PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5637-006A-76A7-A758B70C1002}, In Quarantäne, [32b948dbe5b592a411ae5c62c63de31d], PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9243BC73}, In Quarantäne, [20cb9d86dfbb2a0c76c039bf8e7531cf], PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, In Quarantäne, [816afa299dfd39fd5e5632a7758d20e0], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [8f5cbe651a80f145d3de1ebb56ac31cf], PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1000\SOFTWARE\ONE SYSTEM CARE, In Quarantäne, [47a438eb950588ae1e709b134bb8669a], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3938329548-1295178815-1076779813-1004\SOFTWARE\AskPartnerNetwork, In Quarantäne, [c823869d0793f73f951cb6239c66cc34], PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1004\SOFTWARE\ONE SYSTEM CARE, In Quarantäne, [6b80af7488124ee8741ac3eb92718b75], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\AskPartnerNetwork, In Quarantäne, [9457041f97033006ad04815829d96d93], PUP.Optional.Spigot, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0B652906-74ED-45B5-BBF9-6B94306ED415}, In Quarantäne, [62891013efab0a2c97f6e4d250b3738d], PUP.Optional.Spigot, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8AC95B6E-C2F7-40AB-8186-BD03D8918D99}, In Quarantäne, [b83383a02773f1452a63bff7f50ead53], PUP.Optional.YahooVNM, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, In Quarantäne, [fbf050d3ddbdf93da6987845bf445ca4], PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\ONE SYSTEM CARE, In Quarantäne, [b536f42f1288e056513d644a9073a25e], Registrierungswerte: 20 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ApnTBMon, "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe", In Quarantäne, [a744c162445679bda4181fc74eb315eb] PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5637-006A-76A7-A758B70C1002}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-V7\, In Quarantäne, [32b948dbe5b592a411ae5c62c63de31d] PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9243bc73}|1, 1466840404, In Quarantäne, [20cb9d86dfbb2a0c76c039bf8e7531cf] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{40B32359-D767-4819-98E0-C9F8F709F9A8}|NameServer, 82.163.142.7 95.211.158.134, In Quarantäne, [d3187ca7d1c9be7823ffa850847fa858] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{6A81530F-81EF-4F6A-94BE-F525B7C55696}|NameServer, 82.163.142.7 95.211.158.134, In Quarantäne, [519a0e15e1b991a529f9946421e2639d] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{89468BDB-AE20-4C41-8032-24913B189BF0}|NameServer, 82.163.142.7 95.211.158.134, In Quarantäne, [cd1ee3408e0c211553cff9ff0cf713ed] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{B4376F6B-E024-4399-B7BC-61DE49971E7B}|NameServer, 82.163.142.7 95.211.158.134, In Quarantäne, [cb202cf7801a64d2d44e6d8bf90a0af6] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1000\SOFTWARE\ONE SYSTEM CARE|OSID, 6.1, In Quarantäne, [47a438eb950588ae1e709b134bb8669a] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1000\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, hxxp://dl.softservers.net/121002434/DriverPro.exe, In Quarantäne, [7c6f93900d8d84b2deafae00946fee12] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1000\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, hxxp://od.onesaveservers.net/291002434/OneSaveSetup.exe, In Quarantäne, [37b4091a1585f83e8508cfdf28dbd12f] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1004\SOFTWARE\ONE SYSTEM CARE|OSID, 6.1, In Quarantäne, [6b80af7488124ee8741ac3eb92718b75] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1004\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, hxxp://dl.softservers.net/121002434/DriverPro.exe, In Quarantäne, [fbf0e53e7c1e2412b5d81a9410f3629e] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1004\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, hxxp://od.onesaveservers.net/291002434/OneSaveSetup.exe, In Quarantäne, [33b8a67dfc9e7db95c31634b8d768779] PUP.Optional.Spigot, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0B652906-74ED-45B5-BBF9-6B94306ED415}|URL, https://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}, In Quarantäne, [62891013efab0a2c97f6e4d250b3738d] PUP.Optional.Spigot, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8AC95B6E-C2F7-40AB-8186-BD03D8918D99}|URL, hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}, In Quarantäne, [b83383a02773f1452a63bff7f50ead53] PUP.Optional.YahooVNM, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10049__160503__yaie&p={searchTerms}, In Quarantäne, [fbf050d3ddbdf93da6987845bf445ca4] PUP.Optional.YahooVNM, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|TopResultURL, https://at.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10049__160503__yaie&p={searchTerms}, In Quarantäne, [33b82af9e3b71a1cd866d6e7fd063cc4] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\ONE SYSTEM CARE|OSID, 6.1, In Quarantäne, [b536f42f1288e056513d644a9073a25e] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, hxxp://dl.softservers.net/121002434/DriverPro.exe, In Quarantäne, [925968bbf5a52c0a7e0f505e52b1e51b] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, hxxp://od.onesaveservers.net/291002434/OneSaveSetup.exe, In Quarantäne, [38b3071cefabe94d1578189624dff20e] Registrierungsdaten: 1 Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Gut: (8.8.8.8), Schlecht: (82.163.142.7 95.211.158.134),Ersetzt,[85663fe4b2e80531c13b443516ee26da] Ordner: 49 PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla\Firefox, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla\Firefox\Profiles, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\ChromeUtils, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\Updater, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\Updater\Config, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\Updater\Response, In Quarantäne, [28c331f2bbdfa09656526b407f83f40c], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork, Löschen bei Neustart, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, Löschen bei Neustart, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, Löschen bei Neustart, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-V7, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.ASK.Gen, C:\Users\v\AppData\Local\Temp\APN-Stub, In Quarantäne, [b635b271801a38fe10ef2f9406fc22de], PUP.Optional.ASK.Gen, C:\Users\v\AppData\Local\Temp\APN-Stub\ORJ-V7, In Quarantäne, [b635b271801a38fe10ef2f9406fc22de], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\7c89fe5d-2451-0, In Quarantäne, [d71470b36e2c78be8f4f8c3b9d656f91], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\7c89fe5d-68d5-0, In Quarantäne, [8a61b370d3c7f640a33bcff820e2a759], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\e6840f99-2a57-0, In Quarantäne, [04e7ee35bae02610e5f9eed9837fd42c], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\e6840f99-3217-1, In Quarantäne, [e30855cedac0b086c41abe09a95925db], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{07398c51-412c-0}, In Quarantäne, [ffec0c177b1f1d19e6f95c6bc0428a76], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{165178dc-612c-1}, In Quarantäne, [f9f230f3ff9bca6c78677651eb1709f7], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{1ff0e95d-512c-1}, In Quarantäne, [faf1d84bf7a3a78fa23d1bacbd458c74], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{2c340fa4-412c-0}, In Quarantäne, [42a91a098416e4522bb41aad7d857e82], Dateien: 117 PUP.Optional.ASK, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Löschen bei Neustart, [a744c162445679bda4181fc74eb315eb], PUP.Optional.APNToolBar, C:\ProgramData\APN\APN-Stub\ORJ-V7\ApnSetup.exe, In Quarantäne, [feeda77cbfdbf640be14d950ca378a76], PUP.Optional.ASK, C:\ProgramData\APN\APN-Stub\ORJ-V7\AskToolbar.7z, In Quarantäne, [cf1c988ba1f9bf77e0dc29bd7988d030], PUP.Optional.RelevantKnowledge, C:\Users\rk\AppData\Local\Temp\CSM1A5D.tmp, In Quarantäne, [7a7161c2abef4ee8d7ab106d53b19868], PUP.Optional.APNToolBar, C:\Users\v\AppData\Local\Temp\APNSetup.exe, In Quarantäne, [89621d068c0e290d577b9495aa57a35d], PUP.Optional.Spigot, C:\Users\v\AppData\Local\Temp\SearchProtectionSetup.exe, In Quarantäne, [6685f1327b1f89ad5967d7bf02023ac6], PUP.Optional.Amonetize.Gen, C:\ProgramData\7c89fe5d-2451-0\BITB422.tmp, In Quarantäne, [ba31ca5961393bfbd854f5fa55aef30d], PUP.Optional.Amonetize.Gen, C:\ProgramData\7c89fe5d-68d5-0\BIT48D4.tmp, In Quarantäne, [5c8fb073dac0b086e547a44b0102f40c], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Löschen bei Neustart, [816afa299dfd39fd5e5632a7758d20e0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1031.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1033.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1034.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1036.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1040.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1041.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1043.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1045.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\1049.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\2070.mst, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\AskToolbarInstaller-12.40.6_ORJ-V7.msi, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\Setup.ini, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_ORJ-V7@apn.ask.com.xpi, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_aaaajpkhjdkhhnkmgfjodbkfpbmibkkk.json, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\tbnhlpr.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\tbnhlpr_x64.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub\ORJ-V7\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, In Quarantäne, [dd0ebc677b1f270f9215f1ba03ff60a0], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Users\v\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, In Quarantäne, [d21956cdd3c789ad8326ceddd52da759], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-V7\config.xml, In Quarantäne, [d71473b099014ee8dbcfaefd8d756d93], PUP.Optional.ASK.Gen, C:\Users\v\AppData\Local\Temp\APN-Stub\ORJ-V7\Msi6c77f726-f335-42b9-9123-727742324776.log, In Quarantäne, [b635b271801a38fe10ef2f9406fc22de], PUP.Optional.ASK.Gen, C:\Users\v\AppData\Local\Temp\APN-Stub\ORJ-V7\Stb6c77f726-f335-42b9-9123-727742324776.log, In Quarantäne, [b635b271801a38fe10ef2f9406fc22de], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi039e0544-468d-4346-97a1-43a898094fc5.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi104fdf2d-5112-4be6-8be2-d126917e5e42.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi14ba4735-beb8-47fb-824d-a626818fa25e.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi15d878f6-c201-45fb-9b01-0afd087a6bda.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi18c0cfe6-75cb-4043-a8af-ffb717d0c688.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi38d29dce-2f46-4bd3-8e6f-555b91380e27.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi48020c24-d18e-40e9-a911-5049253a742f.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi4d74df84-6895-4478-937e-3505f98e637a.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi5257b804-4bf1-4773-a913-7a0e7df06016.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi55f25378-8d18-4307-9892-a5afe57d425e.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi585f4098-602a-4a39-9a62-39cf1c7d83d9.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb873b3fa2-3af5-4d4d-98b8-aaf110c00fda.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb898f7103-f808-468c-ae5f-de5991f1795f.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb8ec33e2d-9ca7-45e8-a23f-973bf6559029.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb8f0781a6-b378-41e3-b83e-47615cc4a474.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb9047b778-3614-4806-8c8e-680e607c2756.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb91a848de-071f-4fa8-8fa7-1933a6908ba1.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stba2003be5-6554-4586-b16f-4b0ae1d4d7a3.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbad54533a-15f6-4e8d-9d3e-e1f7fca6c3a1.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msid9f5936b-c086-4393-b338-0d685189f162.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msifb1f3b1e-6ebc-4c99-85f9-d3d011273f67.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msiff8c5b5f-5640-4741-8328-046c692ea149.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb039e0544-468d-4346-97a1-43a898094fc5.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb104fdf2d-5112-4be6-8be2-d126917e5e42.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb14ba4735-beb8-47fb-824d-a626818fa25e.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb15d878f6-c201-45fb-9b01-0afd087a6bda.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbaef12ff1-29c2-41a8-a482-6dc9df7e8c14.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbbc2e2e2d-6401-4bac-b61f-3f228992b75d.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbcd1d95f3-6279-4c3d-a606-fe59368a00b2.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbd9f5936b-c086-4393-b338-0d685189f162.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbf3a0a382-31f7-422c-a0e8-da1b43cd6721.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbfb1f3b1e-6ebc-4c99-85f9-d3d011273f67.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbff8c5b5f-5640-4741-8328-046c692ea149.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi898f7103-f808-468c-ae5f-de5991f1795f.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi8ec33e2d-9ca7-45e8-a23f-973bf6559029.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi8f0781a6-b378-41e3-b83e-47615cc4a474.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi91a848de-071f-4fa8-8fa7-1933a6908ba1.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msiad54533a-15f6-4e8d-9d3e-e1f7fca6c3a1.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msiaef12ff1-29c2-41a8-a482-6dc9df7e8c14.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msibc2e2e2d-6401-4bac-b61f-3f228992b75d.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msi873b3fa2-3af5-4d4d-98b8-aaf110c00fda.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Msicd1d95f3-6279-4c3d-a606-fe59368a00b2.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb18c0cfe6-75cb-4043-a8af-ffb717d0c688.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb585f4098-602a-4a39-9a62-39cf1c7d83d9.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stbae306080-0f37-4475-a384-dc57a41efe67.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb38d29dce-2f46-4bd3-8e6f-555b91380e27.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb46fb31ac-a965-4be9-94d8-815c1002ae4a.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb48020c24-d18e-40e9-a911-5049253a742f.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb4d74df84-6895-4478-937e-3505f98e637a.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb5257b804-4bf1-4773-a913-7a0e7df06016.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\ORJ-V7\Stb55f25378-8d18-4307-9892-a5afe57d425e.log, In Quarantäne, [618aaf7416842a0c30cfb40f8082f709], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{07398c51-412c-0}\BITFC5D.tmp, In Quarantäne, [ffec0c177b1f1d19e6f95c6bc0428a76], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{165178dc-612c-1}\BITFBEE.tmp, In Quarantäne, [f9f230f3ff9bca6c78677651eb1709f7], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{1ff0e95d-512c-1}\BITFB42.tmp, In Quarantäne, [faf1d84bf7a3a78fa23d1bacbd458c74], PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{2c340fa4-412c-0}\BITFC6D.tmp, In Quarantäne, [42a91a098416e4522bb41aad7d857e82], PUP.Optional.Spigot, C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "https://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p=");), Ersetzt,[b833859e247684b26d7a89100400c63a] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.201 - Bericht erstellt am 14/07/2016 um 10:33:30 # Aktualisiert am 30/06/2016 von ToolsLib # Datenbank : 2016-06-30.2 [Lokal] # Betriebssystem : Windows 7 Professional Service Pack 1 (X64) # Benutzername : v - MONOLITH # Gestartet von : E:\AdwCleaner\AdwCleaner_5.201.exe # Option : Löschen # Unterstützung : https://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner gelöscht : C:\ProgramData\apn [-] Ordner gelöscht : C:\ProgramData\9243bc73 [#] Ordner gelöscht : C:\ProgramData\Application Data\apn [#] Ordner gelöscht : C:\ProgramData\Application Data\9243bc73 [-] Ordner gelöscht : C:\Users\v\AppData\Local\Temp\apn [-] Ordner gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\OneClickInternet ***** [ Dateien ] ***** [-] Datei gelöscht : C:\Windows\SysWOW64\lavasofttcpservice.dll [-] Datei gelöscht : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini [-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpService64.dll [-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpServiceOff.ini ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} [-] Schlüssel gelöscht : HKLM\SOFTWARE\Lavasoft\Web Companion [-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4 [-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF ***** [ Internetbrowser ] ***** [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("browser.search.defaultengine", "Ask Search"); [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("browser.search.order.1", "Ask Search"); [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=512435"); [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("extensions.50327aa6cddb3.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...] [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("extensions.50eef1d558b2b.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...] [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p="); [-] [C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\prefs.js] gelöscht : user_pref("extensions.ORJ-V7.previous-keyword-url", "\"hxxp://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p=\""); ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [8538 Bytes] - [14/07/2016 10:33:30] C:\AdwCleaner\AdwCleaner[S1].txt - [8288 Bytes] - [14/07/2016 10:29:25] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8684 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.7 (07.03.2016) Operating System: Windows 7 Professional x64 Ran by v (Administrator) on 14.07.2016 at 10:40:39,09 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 16 Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U3UNJF9 (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FGHH2IT (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADD19P9N (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P5RJI1I6 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U3UNJF9 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3FGHH2IT (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ADD19P9N (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P5RJI1I6 (Temporary Internet Files Folder) Registry: 2 Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A3D4C3F-A06D-4EFD-90F9-421E3FD58E6D} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A3D4C3F-A06D-4EFD-90F9-421E3FD58E6D} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 14.07.2016 at 10:42:55,45 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ich bitte also um kurze Rückmeldung, damit ich den Rest posten kann (hoffentlich schaffe ich es heute noch, muss dann nämlich bald weg. Also nicht wundern, wenn es ein bisschen dauert). Vielen Dank schonmal im voraus...ich hoffe ich habe nicht noch mehr durcheinander gebracht als es eh schon war... |
15.07.2016, 10:38 | #2 |
/// TB-Ausbilder | Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Hallo starspawn
__________________Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8, Win10 User mit Rechtsklick "als Administrator starten". Dann poste mal die restlichen Logs. Vorher schonmal ein Lob, bisher klasse gemacht nach der Anleitung und die Logs auch aufgewahrt.
__________________ |
15.07.2016, 22:29 | #3 | |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Hallo Timo!
__________________Danke, dass du dich meiner Sache annimmst. Zitat:
Also, hier die Logs - Teil 2...allerdings muss ich den TDSSKiller log auf zwei posts aufteilen, der ist sonst einfach zu groß! Kaspersky TDSS Killer 1/2: Code:
ATTFilter 10:47:34.0182 0x1cc4 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 10:47:34.0182 0x1cc4 UEFI system 10:47:39.0330 0x1cc4 ============================================================ 10:47:39.0330 0x1cc4 Current date / time: 2016/07/14 10:47:39.0330 10:47:39.0330 0x1cc4 SystemInfo: 10:47:39.0330 0x1cc4 10:47:39.0330 0x1cc4 OS Version: 6.1.7601 ServicePack: 1.0 10:47:39.0330 0x1cc4 Product type: Workstation 10:47:39.0330 0x1cc4 ComputerName: MONOLITH 10:47:39.0330 0x1cc4 UserName: v 10:47:39.0330 0x1cc4 Windows directory: C:\Windows 10:47:39.0330 0x1cc4 System windows directory: C:\Windows 10:47:39.0330 0x1cc4 Running under WOW64 10:47:39.0330 0x1cc4 Processor architecture: Intel x64 10:47:39.0330 0x1cc4 Number of processors: 4 10:47:39.0330 0x1cc4 Page size: 0x1000 10:47:39.0330 0x1cc4 Boot type: Normal boot 10:47:39.0330 0x1cc4 ============================================================ 10:47:40.0282 0x1cc4 KLMD registered as C:\Windows\system32\drivers\99551737.sys 10:47:40.0843 0x1cc4 System UUID: {FD02B5D5-108D-A862-C40E-2A96F2855C72} 10:47:41.0358 0x1cc4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:47:41.0374 0x1cc4 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 10:47:41.0374 0x1cc4 ============================================================ 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0: 10:47:41.0374 0x1cc4 GPT partitions: 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {E08814AF-E4BB-4626-B4AA-3319CC3969EF}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70E465F7-7DF0-494A-8011-B46D3FF1CF59}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2770800 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {59A64FFB-913E-44C6-95F9-3B8F796BFC72}, Name: EFI system partition, StartLBA 0x27F3000, BlocksNum 0x82000 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E56D6388-93FF-42AF-98AF-01F0CC456D53}, Name: Microsoft reserved partition, StartLBA 0x2875000, BlocksNum 0x40000 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F5701A7C-A6B6-414B-B626-B3EE5575F36A}, Name: Basic data partition, StartLBA 0x28B5000, BlocksNum 0x25FC228F 10:47:41.0374 0x1cc4 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8D692FF1-F04C-4963-B407-5DCE968DB247}, Name: Basic data partition, StartLBA 0x28877800, BlocksNum 0x21FE0800 10:47:41.0374 0x1cc4 MBR partitions: 10:47:41.0374 0x1cc4 \Device\Harddisk1\DR1: 10:47:41.0374 0x1cc4 MBR partitions: 10:47:41.0374 0x1cc4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x38, BlocksNum 0x777FC8 10:47:41.0374 0x1cc4 ============================================================ 10:47:41.0452 0x1cc4 C: <-> \Device\Harddisk0\DR0\Partition5 10:47:41.0498 0x1cc4 D: <-> \Device\Harddisk0\DR0\Partition6 10:47:41.0498 0x1cc4 ============================================================ 10:47:41.0498 0x1cc4 Initialize success 10:47:41.0498 0x1cc4 ============================================================ 10:49:02.0431 0x1618 ============================================================ 10:49:02.0431 0x1618 Scan started 10:49:02.0431 0x1618 Mode: Manual; SigCheck; TDLFS; 10:49:02.0431 0x1618 ============================================================ 10:49:02.0431 0x1618 KSN ping started 10:49:09.0561 0x1618 KSN ping finished: true 10:49:10.0559 0x1618 ================ Scan system memory ======================== 10:49:10.0559 0x1618 System memory - ok 10:49:10.0559 0x1618 ================ Scan services ============================= 10:49:10.0840 0x1618 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:49:10.0933 0x1618 1394ohci - ok 10:49:11.0043 0x1618 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 10:49:11.0058 0x1618 ACDaemon - ok 10:49:11.0074 0x1618 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:49:11.0105 0x1618 ACPI - ok 10:49:11.0121 0x1618 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:49:11.0199 0x1618 AcpiPmi - ok 10:49:11.0245 0x1618 [ 69971851E8530ACE7DE6C6C87C06D8AB, ABCD695E453185722D01C03B89C9D3A8047B7BBABC49F6E749D6EFA9FBD767C6 ] ActiveDelayDeviceService C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe 10:49:11.0261 0x1618 ActiveDelayDeviceService - ok 10:49:11.0355 0x1618 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:49:11.0355 0x1618 AdobeARMservice - ok 10:49:11.0417 0x1618 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 10:49:11.0433 0x1618 adp94xx - ok 10:49:11.0464 0x1618 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 10:49:11.0479 0x1618 adpahci - ok 10:49:11.0495 0x1618 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 10:49:11.0511 0x1618 adpu320 - ok 10:49:11.0542 0x1618 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:49:11.0620 0x1618 AeLookupSvc - ok 10:49:11.0667 0x1618 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 10:49:11.0729 0x1618 AFD - ok 10:49:11.0760 0x1618 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 10:49:11.0760 0x1618 agp440 - ok 10:49:11.0791 0x1618 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 10:49:11.0791 0x1618 ALG - ok 10:49:11.0838 0x1618 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 10:49:11.0838 0x1618 aliide - ok 10:49:11.0885 0x1618 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 10:49:11.0885 0x1618 amdide - ok 10:49:11.0916 0x1618 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 10:49:11.0947 0x1618 AmdK8 - ok 10:49:11.0979 0x1618 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 10:49:12.0010 0x1618 AmdPPM - ok 10:49:12.0041 0x1618 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:49:12.0057 0x1618 amdsata - ok 10:49:12.0088 0x1618 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 10:49:12.0103 0x1618 amdsbs - ok 10:49:12.0119 0x1618 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:49:12.0119 0x1618 amdxata - ok 10:49:12.0150 0x1618 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys 10:49:12.0197 0x1618 AMPPAL - ok 10:49:12.0213 0x1618 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 10:49:12.0228 0x1618 AMPPALP - ok 10:49:12.0306 0x1618 [ E1841818278F2A9D66F834451D608AEA, 1773C8C97B8945232847364E27B47A0FA1837EF6D928005972B76B5A7CF6C59E ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 10:49:12.0322 0x1618 AMPPALR3 - ok 10:49:12.0369 0x1618 [ 9F83C7EA6A97124DA6C207C1BE1FB3AC, 0C3315125F74C6252204016FE22591299208CE8EA076419D5B4FD92C09F569EB ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys 10:49:12.0384 0x1618 AnyDVD - ok 10:49:12.0415 0x1618 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys 10:49:12.0462 0x1618 AppID - ok 10:49:12.0478 0x1618 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:49:12.0509 0x1618 AppIDSvc - ok 10:49:12.0556 0x1618 [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo C:\Windows\System32\appinfo.dll 10:49:12.0603 0x1618 Appinfo - ok 10:49:12.0634 0x1618 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 10:49:12.0696 0x1618 AppMgmt - ok 10:49:12.0727 0x1618 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 10:49:12.0727 0x1618 arc - ok 10:49:12.0759 0x1618 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 10:49:12.0759 0x1618 arcsas - ok 10:49:12.0852 0x1618 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 10:49:12.0852 0x1618 aspnet_state - ok 10:49:12.0883 0x1618 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:49:12.0977 0x1618 AsyncMac - ok 10:49:13.0039 0x1618 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 10:49:13.0039 0x1618 atapi - ok 10:49:13.0117 0x1618 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys 10:49:13.0180 0x1618 athr - ok 10:49:13.0242 0x1618 [ 0C9039EC45E6C4631BE31DDEC370D341, 3677B95F5399219EB614F8BA2EA2B92FA720AEF3BCE0ED002FBAC30D9F092A6A ] ATSwpWDF C:\Windows\system32\DRIVERS\ATSwpWDF.sys 10:49:13.0258 0x1618 ATSwpWDF - ok 10:49:13.0320 0x1618 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:49:13.0383 0x1618 AudioEndpointBuilder - ok 10:49:13.0398 0x1618 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:49:13.0414 0x1618 AudioSrv - ok 10:49:13.0523 0x1618 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe 10:49:13.0539 0x1618 AVP16.0.0 - ok 10:49:13.0617 0x1618 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:49:13.0679 0x1618 AxInstSV - ok 10:49:13.0726 0x1618 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 10:49:13.0788 0x1618 b06bdrv - ok 10:49:13.0819 0x1618 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:49:13.0851 0x1618 b57nd60a - ok 10:49:13.0897 0x1618 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 10:49:13.0944 0x1618 BDESVC - ok 10:49:13.0960 0x1618 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 10:49:13.0975 0x1618 Beep - ok 10:49:14.0022 0x1618 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 10:49:14.0100 0x1618 BFE - ok 10:49:14.0147 0x1618 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 10:49:14.0287 0x1618 BITS - ok 10:49:14.0303 0x1618 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 10:49:14.0334 0x1618 blbdrive - ok 10:49:14.0428 0x1618 [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 10:49:14.0443 0x1618 Bluetooth Device Monitor - ok 10:49:14.0490 0x1618 [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 10:49:14.0521 0x1618 Bluetooth Media Service - ok 10:49:14.0584 0x1618 [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 10:49:14.0615 0x1618 Bluetooth OBEX Service - ok 10:49:14.0631 0x1618 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:49:14.0693 0x1618 bowser - ok 10:49:14.0709 0x1618 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 10:49:14.0740 0x1618 BrFiltLo - ok 10:49:14.0771 0x1618 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 10:49:14.0802 0x1618 BrFiltUp - ok 10:49:14.0833 0x1618 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 10:49:14.0880 0x1618 Browser - ok 10:49:14.0911 0x1618 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:49:14.0943 0x1618 Brserid - ok 10:49:14.0974 0x1618 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:49:15.0005 0x1618 BrSerWdm - ok 10:49:15.0036 0x1618 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:49:15.0067 0x1618 BrUsbMdm - ok 10:49:15.0099 0x1618 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:49:15.0130 0x1618 BrUsbSer - ok 10:49:15.0177 0x1618 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 10:49:15.0223 0x1618 BthEnum - ok 10:49:15.0239 0x1618 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 10:49:15.0255 0x1618 BTHMODEM - ok 10:49:15.0270 0x1618 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 10:49:15.0301 0x1618 BthPan - ok 10:49:15.0348 0x1618 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 10:49:15.0411 0x1618 BTHPORT - ok 10:49:15.0426 0x1618 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 10:49:15.0473 0x1618 bthserv - ok 10:49:15.0504 0x1618 [ 618AFD0072F4A672977484BFF6FE4FE2, 0F234937C781718F6C7A7791D9BC4036F83F69D0E8BF21D1AFC0F799FE54742D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 10:49:15.0504 0x1618 BTHSSecurityMgr - ok 10:49:15.0535 0x1618 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 10:49:15.0582 0x1618 BTHUSB - ok 10:49:15.0613 0x1618 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 10:49:15.0660 0x1618 btmaux - ok 10:49:15.0707 0x1618 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 10:49:15.0769 0x1618 btmhsf - ok 10:49:15.0816 0x1618 [ E6173DECFE8599355CEDC6D67A9C5D4C, B19ACC639E2C8620E91F83C90D6789E6FF7F249F3429FCB431323B6E6EDA2435 ] CBTService C:\Program Files\Cogent BioTrust 3.0\CBTService.exe 10:49:15.0816 0x1618 CBTService - detected UnsignedFile.Multi.Generic ( 1 ) 10:49:23.0023 0x1618 CBTService ( UnsignedFile.Multi.Generic ) - warning 10:49:23.0023 0x1618 Force sending object to P2P due to detect: CBTService 10:49:30.0246 0x1618 Object send P2P result: true 10:49:37.0578 0x1618 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:49:37.0641 0x1618 cdfs - ok 10:49:37.0687 0x1618 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:49:37.0687 0x1618 cdrom - ok 10:49:37.0719 0x1618 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 10:49:37.0765 0x1618 CertPropSvc - ok 10:49:37.0781 0x1618 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 10:49:37.0828 0x1618 circlass - ok 10:49:37.0875 0x1618 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 10:49:37.0890 0x1618 CLFS - ok 10:49:38.0218 0x1618 [ 89772864139E48E6E1CEF832AB83E449, 6587F4CBA9143E5889060C2FF1461C9FA51373A84067209BF5B2F57E9359C9F1 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 10:49:38.0280 0x1618 ClickToRunSvc - ok 10:49:38.0343 0x1618 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:49:38.0358 0x1618 clr_optimization_v2.0.50727_32 - ok 10:49:38.0374 0x1618 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:49:38.0389 0x1618 clr_optimization_v2.0.50727_64 - ok 10:49:38.0452 0x1618 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:49:38.0452 0x1618 clr_optimization_v4.0.30319_32 - ok 10:49:38.0467 0x1618 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:49:38.0483 0x1618 clr_optimization_v4.0.30319_64 - ok 10:49:38.0499 0x1618 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 10:49:38.0530 0x1618 CmBatt - ok 10:49:38.0577 0x1618 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:49:38.0577 0x1618 cmdide - ok 10:49:38.0686 0x1618 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys 10:49:38.0701 0x1618 cm_km - ok 10:49:38.0748 0x1618 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys 10:49:38.0764 0x1618 CNG - ok 10:49:38.0811 0x1618 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 10:49:38.0826 0x1618 Compbatt - ok 10:49:38.0826 0x1618 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 10:49:38.0857 0x1618 CompositeBus - ok 10:49:38.0889 0x1618 COMSysApp - ok 10:49:38.0951 0x1618 [ FB08CDC7BB9584F82AE826C1068A9C14, F7E3F97B96E4447746C1FA60A2CEF8DB7EC7B74D9282A0B4B15DB49DF82D4B76 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 10:49:38.0967 0x1618 cphs - ok 10:49:38.0982 0x1618 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 10:49:38.0998 0x1618 crcdisk - ok 10:49:39.0060 0x1618 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:49:39.0107 0x1618 CryptSvc - ok 10:49:39.0138 0x1618 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 10:49:39.0201 0x1618 CSC - ok 10:49:39.0232 0x1618 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 10:49:39.0279 0x1618 CscService - ok 10:49:39.0357 0x1618 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll 10:49:39.0388 0x1618 DcomLaunch - ok 10:49:39.0419 0x1618 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 10:49:39.0450 0x1618 defragsvc - ok 10:49:39.0481 0x1618 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:49:39.0528 0x1618 DfsC - ok 10:49:39.0637 0x1618 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 10:49:39.0637 0x1618 dg_ssudbus - ok 10:49:39.0684 0x1618 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 10:49:39.0747 0x1618 Dhcp - ok 10:49:39.0856 0x1618 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 10:49:39.0934 0x1618 DiagTrack - ok 10:49:39.0965 0x1618 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 10:49:40.0012 0x1618 discache - ok 10:49:40.0074 0x1618 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys 10:49:40.0074 0x1618 Disk - ok 10:49:40.0105 0x1618 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 10:49:40.0152 0x1618 dmvsc - ok 10:49:40.0183 0x1618 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:49:40.0246 0x1618 Dnscache - ok 10:49:40.0261 0x1618 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 10:49:40.0324 0x1618 dot3svc - ok 10:49:40.0324 0x1618 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 10:49:40.0371 0x1618 DPS - ok 10:49:40.0417 0x1618 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:49:40.0433 0x1618 drmkaud - ok 10:49:40.0495 0x1618 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:49:40.0511 0x1618 DXGKrnl - ok 10:49:40.0542 0x1618 [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys 10:49:40.0605 0x1618 e1yexpress - ok 10:49:40.0651 0x1618 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 10:49:40.0698 0x1618 EapHost - ok 10:49:40.0807 0x1618 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 10:49:40.0948 0x1618 ebdrv - ok 10:49:40.0979 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] EFS C:\Windows\System32\lsass.exe 10:49:41.0057 0x1618 EFS - ok 10:49:41.0104 0x1618 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:49:41.0182 0x1618 ehRecvr - ok 10:49:41.0229 0x1618 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 10:49:41.0260 0x1618 ehSched - ok 10:49:41.0338 0x1618 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 10:49:41.0338 0x1618 ElbyCDIO - ok 10:49:41.0385 0x1618 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 10:49:41.0400 0x1618 elxstor - ok 10:49:41.0416 0x1618 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:49:41.0431 0x1618 ErrDev - ok 10:49:41.0494 0x1618 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 10:49:41.0556 0x1618 EventSystem - ok 10:49:41.0681 0x1618 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 10:49:41.0712 0x1618 EvtEng - ok 10:49:41.0728 0x1618 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 10:49:41.0775 0x1618 exfat - ok 10:49:41.0790 0x1618 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:49:41.0837 0x1618 fastfat - ok 10:49:41.0915 0x1618 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 10:49:41.0962 0x1618 Fax - ok 10:49:41.0977 0x1618 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 10:49:41.0977 0x1618 fdc - ok 10:49:42.0009 0x1618 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 10:49:42.0024 0x1618 fdPHost - ok 10:49:42.0040 0x1618 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 10:49:42.0087 0x1618 FDResPub - ok 10:49:42.0133 0x1618 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:49:42.0149 0x1618 FileInfo - ok 10:49:42.0165 0x1618 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:49:42.0180 0x1618 Filetrace - ok 10:49:42.0196 0x1618 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 10:49:42.0227 0x1618 flpydisk - ok 10:49:42.0258 0x1618 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:49:42.0258 0x1618 FltMgr - ok 10:49:42.0321 0x1618 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll 10:49:42.0399 0x1618 FontCache - ok 10:49:42.0445 0x1618 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:49:42.0445 0x1618 FontCache3.0.0.0 - ok 10:49:42.0508 0x1618 [ 0EDE464DFA37D50FA28D1F88047A7812, 20E83275EBE2EBEF27132EFB444AD7C1C408C0F7FEB785A7312C2D19E890CC6E ] FPLService C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe 10:49:42.0508 0x1618 FPLService - ok 10:49:42.0523 0x1618 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:49:42.0539 0x1618 FsDepends - ok 10:49:42.0555 0x1618 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:49:42.0555 0x1618 Fs_Rec - ok 10:49:42.0617 0x1618 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:49:42.0633 0x1618 fvevol - ok 10:49:42.0648 0x1618 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:49:42.0664 0x1618 gagp30kx - ok 10:49:42.0726 0x1618 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 10:49:42.0742 0x1618 GamesAppService - ok 10:49:42.0773 0x1618 [ 9495607C14F345E9632B3E1C12CEA7B0, FAE7B15D1F593DFC79B5B57139BB4EA3BCD38D3461D9F54A2EF500C747C9433D ] gobi3kfilter C:\Windows\system32\DRIVERS\gobi3kfilter.sys 10:49:42.0820 0x1618 gobi3kfilter - ok 10:49:42.0867 0x1618 [ 3568FB393C8D4099B8412476C9E2B7B1, 565E1274502F7569BB281BEBD76FBCD8B68B1D7D410072D617C4286972737207 ] gobi3kmbb C:\Windows\system32\DRIVERS\gobi3kmbb.sys 10:49:42.0929 0x1618 gobi3kmbb - ok 10:49:42.0960 0x1618 [ DBB405772F1C21CB7ED51593BAD5880D, 7925EA2C85C22CDD113F30880176260BF9D9E5B752107C5538224542356C8939 ] gobi3kserial C:\Windows\system32\DRIVERS\gobi3kserial.sys 10:49:42.0976 0x1618 gobi3kserial - ok 10:49:43.0038 0x1618 [ 1808B4A32A781F152DB731F1581AA81C, 03EE515631B0521CE126B500CC1113CB98EF5EDFF0D4E4A0682AA3374DE163BF ] GobiQDLService C:\Program Files (x86)\Huawei\Gobi\GobiQDLService\GobiQDLService.exe 10:49:43.0054 0x1618 GobiQDLService - detected UnsignedFile.Multi.Generic ( 1 ) 10:49:50.0214 0x1618 Detect skipped due to KSN trusted 10:49:50.0214 0x1618 GobiQDLService - ok 10:49:50.0277 0x1618 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll 10:49:50.0339 0x1618 gpsvc - ok 10:49:50.0370 0x1618 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 10:49:50.0417 0x1618 hcw85cir - ok 10:49:50.0448 0x1618 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:49:50.0495 0x1618 HdAudAddService - ok 10:49:50.0542 0x1618 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 10:49:50.0573 0x1618 HDAudBus - ok 10:49:50.0620 0x1618 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 10:49:50.0651 0x1618 HidBatt - ok 10:49:50.0682 0x1618 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 10:49:50.0698 0x1618 HidBth - ok 10:49:50.0729 0x1618 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 10:49:50.0760 0x1618 HidIr - ok 10:49:50.0838 0x1618 [ 720DF11CACA61177EB779987F393086E, 5EDD5CF0213E2BE667A2B95833C14C61906AC47F872D5E0699B745F1458A8949 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys 10:49:50.0838 0x1618 hidkmdf - ok 10:49:50.0869 0x1618 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 10:49:50.0901 0x1618 hidserv - ok 10:49:50.0947 0x1618 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:49:50.0963 0x1618 HidUsb - ok 10:49:50.0979 0x1618 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:49:51.0025 0x1618 hkmsvc - ok 10:49:51.0057 0x1618 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:49:51.0072 0x1618 HomeGroupListener - ok 10:49:51.0103 0x1618 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:49:51.0119 0x1618 HomeGroupProvider - ok 10:49:51.0135 0x1618 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:49:51.0150 0x1618 HpSAMD - ok 10:49:51.0197 0x1618 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:49:51.0259 0x1618 HTTP - ok 10:49:51.0275 0x1618 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:49:51.0291 0x1618 hwpolicy - ok 10:49:51.0306 0x1618 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 10:49:51.0322 0x1618 i8042prt - ok 10:49:51.0353 0x1618 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\drivers\iaStor.sys 10:49:51.0369 0x1618 iaStor - ok 10:49:51.0431 0x1618 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 10:49:51.0431 0x1618 IAStorDataMgrSvc - ok 10:49:51.0462 0x1618 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:49:51.0478 0x1618 iaStorV - ok 10:49:51.0493 0x1618 [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 10:49:51.0525 0x1618 ibtfltcoex - ok 10:49:51.0665 0x1618 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 10:49:51.0727 0x1618 IconMan_R - ok 10:49:51.0790 0x1618 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:49:51.0821 0x1618 idsvc - ok 10:49:52.0164 0x1618 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 10:49:52.0726 0x1618 igfx - ok 10:49:52.0757 0x1618 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 10:49:52.0773 0x1618 iirsp - ok 10:49:52.0835 0x1618 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 10:49:52.0897 0x1618 IKEEXT - ok 10:49:53.0007 0x1618 [ A387D6DE360C3B2284B23000B212910A, 1DEAFDB1C9A467E437714E753292313F58526B6D719C2B21BD23C6F2F0389251 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 10:49:53.0022 0x1618 intaud_WaveExtensible - ok 10:49:53.0319 0x1618 [ E83BB47C3446F0497019DE7FD6C6A86F, DAD20D57743EB03951FD4078FD105BCD684A9652CFFDF8D03509D814820917CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 10:49:53.0412 0x1618 IntcAzAudAddService - ok 10:49:53.0475 0x1618 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 10:49:53.0553 0x1618 IntcDAud - ok 10:49:53.0662 0x1618 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 10:49:53.0677 0x1618 Intel(R) Capability Licensing Service Interface - ok 10:49:53.0740 0x1618 [ 5A8C154DE7DDEE8ADA3375CC76C4351F, 09B7036AFE795CD048D832B262F1B0BF59BED4B3263C46BBCCB7DF371C3D3A33 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 10:49:53.0740 0x1618 Intel(R) ME Service - ok 10:49:53.0771 0x1618 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 10:49:53.0787 0x1618 intelide - ok 10:49:53.0833 0x1618 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 10:49:53.0880 0x1618 intelppm - ok 10:49:53.0927 0x1618 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:49:53.0974 0x1618 IPBusEnum - ok 10:49:53.0989 0x1618 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:49:54.0036 0x1618 IpFilterDriver - ok 10:49:54.0083 0x1618 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:49:54.0145 0x1618 iphlpsvc - ok 10:49:54.0145 0x1618 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:49:54.0192 0x1618 IPMIDRV - ok 10:49:54.0192 0x1618 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:49:54.0223 0x1618 IPNAT - ok 10:49:54.0270 0x1618 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:49:54.0270 0x1618 IRENUM - ok 10:49:54.0301 0x1618 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:49:54.0317 0x1618 isapnp - ok 10:49:54.0348 0x1618 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:49:54.0364 0x1618 iScsiPrt - ok 10:49:54.0379 0x1618 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys 10:49:54.0395 0x1618 iusb3hcs - ok 10:49:54.0426 0x1618 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys 10:49:54.0442 0x1618 iusb3hub - ok 10:49:54.0457 0x1618 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys 10:49:54.0489 0x1618 iusb3xhc - ok 10:49:54.0504 0x1618 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys 10:49:54.0504 0x1618 iwdbus - ok 10:49:54.0535 0x1618 [ 13E838EA8652F8451F29301D3B56B17B, 2FE65DDBB0ACFD34227001616D0B66B8748132DB7C0FA9342D3AB404B92732CC ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 10:49:54.0551 0x1618 jhi_service - ok 10:49:54.0582 0x1618 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 10:49:54.0598 0x1618 kbdclass - ok 10:49:54.0613 0x1618 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 10:49:54.0645 0x1618 kbdhid - ok 10:49:54.0660 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] KeyIso C:\Windows\system32\lsass.exe 10:49:54.0676 0x1618 KeyIso - ok 10:49:54.0754 0x1618 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 10:49:54.0769 0x1618 kl1 - ok 10:49:54.0801 0x1618 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys 10:49:54.0801 0x1618 klbackupdisk - ok 10:49:54.0863 0x1618 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys 10:49:54.0863 0x1618 klbackupflt - ok 10:49:54.0910 0x1618 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys 10:49:54.0910 0x1618 kldisk - ok 10:49:54.0957 0x1618 [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 10:49:54.0972 0x1618 klflt - ok 10:49:55.0019 0x1618 [ 84A66A73DD916014D240E9DE8864B84B, B3DB8E168E4B8249C953B05623EEAEEB4ED827BC867760DC8E118C4FE05F70B1 ] klhk C:\Windows\system32\DRIVERS\klhk.sys 10:49:55.0019 0x1618 klhk - ok 10:49:55.0097 0x1618 [ B54F93308794842E37173152CE92F62C, 407C88B2596B753810346D91282E8FD89B031DF15596EDBC41FFDA9949F5F6FC ] KLIF C:\Windows\system32\DRIVERS\klif.sys 10:49:55.0113 0x1618 KLIF - ok 10:49:55.0128 0x1618 [ 4F50FD68F7F1A21AA1F811AF992574E6, 9683A48F454FEB187ED1DC1A14600E250283C9D757DAEBAEF983214916B11830 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 10:49:55.0144 0x1618 KLIM6 - ok 10:49:55.0206 0x1618 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 10:49:55.0206 0x1618 klkbdflt - ok 10:49:55.0253 0x1618 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 10:49:55.0253 0x1618 klmouflt - ok 10:49:55.0331 0x1618 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 10:49:55.0331 0x1618 klpd - ok 10:49:55.0393 0x1618 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 10:49:55.0393 0x1618 kltdi - ok 10:49:55.0456 0x1618 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys 10:49:55.0456 0x1618 Klwtp - ok 10:49:55.0487 0x1618 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 10:49:55.0503 0x1618 kneps - ok 10:49:55.0534 0x1618 [ 3974E5264A0481600370C5BEED061DDF, 6365DC2B3ECAF462F98481103F47B7550688D1A3AE96C88FDBCB3ED3BBB76EB6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:49:55.0549 0x1618 KSecDD - ok 10:49:55.0549 0x1618 [ 6E85615A86FE86E76DAE49BF9F227483, 825F9906910C33A36D04D805402A8C0C8E09232407E077B85282E3208A9BFC25 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:49:55.0565 0x1618 KSecPkg - ok 10:49:55.0612 0x1618 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:49:55.0659 0x1618 ksthunk - ok 10:49:55.0705 0x1618 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 10:49:55.0752 0x1618 KtmRm - ok 10:49:55.0815 0x1618 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:49:55.0861 0x1618 LanmanServer - ok 10:49:55.0908 0x1618 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:49:55.0955 0x1618 LanmanWorkstation - ok 10:49:55.0986 0x1618 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:49:56.0017 0x1618 lltdio - ok 10:49:56.0033 0x1618 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:49:56.0095 0x1618 lltdsvc - ok 10:49:56.0111 0x1618 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:49:56.0142 0x1618 lmhosts - ok 10:49:56.0173 0x1618 [ BD9457699AC9C1A0FE43398043617279, 7955D2F5B9CB4FAD53F8D2CCC163FD575714175623F03DA1C3C2495CE3C0F342 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 10:49:56.0173 0x1618 LMS - ok 10:49:56.0220 0x1618 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 10:49:56.0220 0x1618 LSI_FC - ok 10:49:56.0236 0x1618 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:49:56.0251 0x1618 LSI_SAS - ok 10:49:56.0267 0x1618 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 10:49:56.0283 0x1618 LSI_SAS2 - ok 10:49:56.0283 0x1618 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 10:49:56.0298 0x1618 LSI_SCSI - ok 10:49:56.0314 0x1618 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 10:49:56.0361 0x1618 luafv - ok 10:49:56.0392 0x1618 lxec_device - ok 10:49:56.0470 0x1618 [ 77AB66599EAFF797744D17C502FECDB9, E3A356AC3D6958B08C126D2C4231F2F7A655348606AE53FB95C6DA17908B32D1 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe 10:49:56.0470 0x1618 McComponentHostServiceSony - ok 10:49:56.0501 0x1618 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:49:56.0517 0x1618 Mcx2Svc - ok 10:49:56.0532 0x1618 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 10:49:56.0532 0x1618 megasas - ok 10:49:56.0579 0x1618 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 10:49:56.0595 0x1618 MegaSR - ok 10:49:56.0641 0x1618 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 10:49:56.0641 0x1618 MEIx64 - ok 10:49:56.0657 0x1618 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 10:49:56.0688 0x1618 MMCSS - ok 10:49:56.0688 0x1618 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 10:49:56.0735 0x1618 Modem - ok 10:49:56.0782 0x1618 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:49:56.0813 0x1618 monitor - ok 10:49:56.0875 0x1618 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:49:56.0875 0x1618 mouclass - ok 10:49:56.0922 0x1618 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:49:56.0922 0x1618 mouhid - ok 10:49:56.0969 0x1618 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:49:56.0969 0x1618 mountmgr - ok 10:49:57.0016 0x1618 [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:49:57.0031 0x1618 MozillaMaintenance - ok 10:49:57.0047 0x1618 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 10:49:57.0063 0x1618 mpio - ok 10:49:57.0063 0x1618 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:49:57.0109 0x1618 mpsdrv - ok 10:49:57.0156 0x1618 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:49:57.0219 0x1618 MpsSvc - ok 10:49:57.0265 0x1618 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:49:57.0297 0x1618 MRxDAV - ok 10:49:57.0343 0x1618 [ 10112D850C844606419C79EE24EE6016, 1668F47ED9C31D805542646A0AD6E572C3547FF822F5BCDF1BB3F521714F8B85 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:49:57.0390 0x1618 mrxsmb - ok 10:49:57.0406 0x1618 [ DCC4343B422A13B42C7678998449CE8A, 9C143543DC9B21A15C5E86640464A3A78C5E820857D0A6BE05D4FBC20D0BF866 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:49:57.0453 0x1618 mrxsmb10 - ok 10:49:57.0468 0x1618 [ 46C4F5BEE8D98BB1688752EAD0ABB7C0, C744F39E462798DC98D1C4603758AC43DB4A7961F3BAF9E5ABA22AD905E012F8 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:49:57.0499 0x1618 mrxsmb20 - ok 10:49:57.0531 0x1618 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 10:49:57.0546 0x1618 msahci - ok 10:49:57.0577 0x1618 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:49:57.0577 0x1618 msdsm - ok 10:49:57.0609 0x1618 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 10:49:57.0609 0x1618 MSDTC - ok 10:49:57.0640 0x1618 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:49:57.0687 0x1618 Msfs - ok 10:49:57.0702 0x1618 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:49:57.0733 0x1618 mshidkmdf - ok 10:49:57.0749 0x1618 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:49:57.0749 0x1618 msisadrv - ok 10:49:57.0780 0x1618 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:49:57.0811 0x1618 MSiSCSI - ok 10:49:57.0811 0x1618 msiserver - ok 10:49:57.0843 0x1618 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:49:57.0858 0x1618 MSKSSRV - ok 10:49:57.0874 0x1618 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:49:57.0921 0x1618 MSPCLOCK - ok 10:49:57.0921 0x1618 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:49:57.0952 0x1618 MSPQM - ok 10:49:57.0983 0x1618 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:49:57.0999 0x1618 MsRPC - ok 10:49:58.0014 0x1618 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 10:49:58.0014 0x1618 mssmbios - ok 10:49:58.0030 0x1618 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:49:58.0061 0x1618 MSTEE - ok 10:49:58.0061 0x1618 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 10:49:58.0092 0x1618 MTConfig - ok 10:49:58.0123 0x1618 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 10:49:58.0139 0x1618 Mup - ok 10:49:58.0217 0x1618 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 10:49:58.0233 0x1618 MyWiFiDHCPDNS - ok 10:49:58.0279 0x1618 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 10:49:58.0357 0x1618 napagent - ok 10:49:58.0404 0x1618 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:49:58.0420 0x1618 NativeWifiP - ok 10:49:58.0482 0x1618 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:49:58.0529 0x1618 NDIS - ok 10:49:58.0529 0x1618 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:49:58.0576 0x1618 NdisCap - ok 10:49:58.0623 0x1618 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:49:58.0669 0x1618 NdisTapi - ok 10:49:58.0701 0x1618 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:49:58.0747 0x1618 Ndisuio - ok 10:49:58.0779 0x1618 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:49:58.0825 0x1618 NdisWan - ok 10:49:58.0857 0x1618 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:49:58.0903 0x1618 NDProxy - ok 10:49:58.0935 0x1618 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:49:58.0966 0x1618 NetBIOS - ok 10:49:58.0997 0x1618 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:49:59.0059 0x1618 NetBT - ok 10:49:59.0075 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] Netlogon C:\Windows\system32\lsass.exe 10:49:59.0091 0x1618 Netlogon - ok 10:49:59.0106 0x1618 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 10:49:59.0169 0x1618 Netman - ok 10:49:59.0247 0x1618 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:49:59.0262 0x1618 NetMsmqActivator - ok 10:49:59.0262 0x1618 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:49:59.0278 0x1618 NetPipeActivator - ok 10:49:59.0325 0x1618 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 10:49:59.0371 0x1618 netprofm - ok 10:49:59.0371 0x1618 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:49:59.0387 0x1618 NetTcpActivator - ok 10:49:59.0403 0x1618 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:49:59.0403 0x1618 NetTcpPortSharing - ok 10:49:59.0699 0x1618 [ 47DC062656EA661FE9175DBACAD00E9D, 508CD435420C0EA2E5943BFE1B4687ECBFB9602209A539B213C5197A16BFF816 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 10:50:00.0011 0x1618 NETwNs64 - ok 10:50:00.0042 0x1618 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 10:50:00.0042 0x1618 nfrd960 - ok 10:50:00.0089 0x1618 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 10:50:00.0151 0x1618 NlaSvc - ok 10:50:00.0167 0x1618 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:50:00.0198 0x1618 Npfs - ok 10:50:00.0229 0x1618 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 10:50:00.0276 0x1618 nsi - ok 10:50:00.0276 0x1618 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:50:00.0292 0x1618 nsiproxy - ok 10:50:00.0370 0x1618 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:50:00.0417 0x1618 Ntfs - ok 10:50:00.0432 0x1618 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 10:50:00.0479 0x1618 Null - ok 10:50:00.0791 0x1618 [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:50:00.0994 0x1618 nvlddmkm - ok 10:50:01.0041 0x1618 [ 4086D655D237E091ECC34BEC94E55C3E, 498A57AC8F02247A4C95A74F0C19FF49A2B91872DB22B7EF7FAC4195402D9447 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 10:50:01.0041 0x1618 nvpciflt - ok 10:50:01.0072 0x1618 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:50:01.0087 0x1618 nvraid - ok 10:50:01.0103 0x1618 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:50:01.0119 0x1618 nvstor - ok 10:50:01.0150 0x1618 [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc C:\Windows\system32\nvvsvc.exe 10:50:01.0181 0x1618 nvsvc - ok 10:50:01.0275 0x1618 [ 7BAB808957880CF38EFC6816FEF7276E, C230EC66E6069C2CC820DFE468EC45192E99CBC5CD822E828F59C8DC9564B6E5 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 10:50:01.0306 0x1618 nvUpdatusService - ok 10:50:01.0321 0x1618 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:50:01.0337 0x1618 nv_agp - ok 10:50:01.0353 0x1618 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:50:01.0399 0x1618 ohci1394 - ok 10:50:01.0477 0x1618 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:50:01.0477 0x1618 ose - ok 10:50:01.0665 0x1618 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 10:50:01.0774 0x1618 osppsvc - ok 10:50:01.0805 0x1618 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:50:01.0867 0x1618 p2pimsvc - ok 10:50:01.0899 0x1618 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 10:50:01.0930 0x1618 p2psvc - ok 10:50:01.0977 0x1618 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 10:50:01.0992 0x1618 Parport - ok 10:50:02.0008 0x1618 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:50:02.0023 0x1618 partmgr - ok 10:50:02.0055 0x1618 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 10:50:02.0117 0x1618 PcaSvc - ok 10:50:02.0133 0x1618 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 10:50:02.0133 0x1618 pci - ok 10:50:02.0164 0x1618 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 10:50:02.0179 0x1618 pciide - ok 10:50:02.0195 0x1618 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:50:02.0211 0x1618 pcmcia - ok 10:50:02.0226 0x1618 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 10:50:02.0242 0x1618 pcw - ok 10:50:02.0289 0x1618 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:50:02.0320 0x1618 PEAUTH - ok 10:50:02.0367 0x1618 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:50:02.0413 0x1618 PeerDistSvc - ok 10:50:02.0476 0x1618 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:50:02.0507 0x1618 PerfHost - ok 10:50:02.0569 0x1618 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 10:50:02.0647 0x1618 pla - ok 10:50:02.0694 0x1618 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:50:02.0725 0x1618 PlugPlay - ok 10:50:02.0788 0x1618 [ F485770EEC8959684CC4C4786B63C06C, 34ECC6D83782A2F8E9E32456F3C6C527999283775626C772D0354D232A10604A ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 10:50:02.0835 0x1618 Pml Driver HPZ12 - ok 10:50:02.0850 0x1618 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:50:02.0881 0x1618 PNRPAutoReg - ok 10:50:02.0913 0x1618 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:50:02.0928 0x1618 PNRPsvc - ok 10:50:02.0975 0x1618 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:50:03.0037 0x1618 PolicyAgent - ok 10:50:03.0053 0x1618 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 10:50:03.0069 0x1618 Power - ok 10:50:03.0100 0x1618 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:50:03.0147 0x1618 PptpMiniport - ok 10:50:03.0193 0x1618 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 10:50:03.0209 0x1618 Processor - ok 10:50:03.0256 0x1618 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 10:50:03.0271 0x1618 ProfSvc - ok 10:50:03.0303 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] ProtectedStorage C:\Windows\system32\lsass.exe 10:50:03.0318 0x1618 ProtectedStorage - ok 10:50:03.0334 0x1618 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:50:03.0381 0x1618 Psched - ok 10:50:03.0443 0x1618 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 10:50:03.0474 0x1618 ql2300 - ok 10:50:03.0505 0x1618 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 10:50:03.0505 0x1618 ql40xx - ok 10:50:03.0552 0x1618 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 10:50:03.0568 0x1618 QWAVE - ok 10:50:03.0583 0x1618 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:50:03.0615 0x1618 QWAVEdrv - ok 10:50:03.0646 0x1618 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:50:03.0661 0x1618 RasAcd - ok 10:50:03.0677 0x1618 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:50:03.0708 0x1618 RasAgileVpn - ok 10:50:03.0739 0x1618 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 10:50:03.0786 0x1618 RasAuto - ok 10:50:03.0817 0x1618 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:50:03.0864 0x1618 Rasl2tp - ok 10:50:03.0895 0x1618 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 10:50:03.0927 0x1618 RasMan - ok 10:50:03.0958 0x1618 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:50:04.0005 0x1618 RasPppoe - ok 10:50:04.0036 0x1618 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:50:04.0051 0x1618 RasSstp - ok 10:50:04.0067 0x1618 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:50:04.0129 0x1618 rdbss - ok 10:50:04.0145 0x1618 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 10:50:04.0192 0x1618 rdpbus - ok 10:50:04.0223 0x1618 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:50:04.0254 0x1618 RDPCDD - ok 10:50:04.0254 0x1618 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:50:04.0270 0x1618 RDPDR - ok 10:50:04.0301 0x1618 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:50:04.0348 0x1618 RDPENCDD - ok 10:50:04.0379 0x1618 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:50:04.0395 0x1618 RDPREFMP - ok 10:50:04.0473 0x1618 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 10:50:04.0504 0x1618 RdpVideoMiniport - ok 10:50:04.0535 0x1618 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:50:04.0551 0x1618 RDPWD - ok 10:50:04.0582 0x1618 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:50:04.0597 0x1618 rdyboost - ok 10:50:04.0644 0x1618 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 10:50:04.0660 0x1618 RegSrvc - ok 10:50:04.0675 0x1618 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:50:04.0707 0x1618 RemoteAccess - ok 10:50:04.0722 0x1618 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:50:04.0785 0x1618 RemoteRegistry - ok 10:50:04.0831 0x1618 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 10:50:04.0847 0x1618 RFCOMM - ok 10:50:04.0863 0x1618 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:50:04.0878 0x1618 RpcEptMapper - ok 10:50:04.0894 0x1618 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 10:50:04.0909 0x1618 RpcLocator - ok 10:50:04.0956 0x1618 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll 10:50:04.0972 0x1618 RpcSs - ok 10:50:05.0003 0x1618 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 10:50:05.0019 0x1618 RSPCIESTOR - ok 10:50:05.0050 0x1618 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:50:05.0081 0x1618 rspndr - ok 10:50:05.0128 0x1618 [ 39A719875F572241C585A629EE62EB14, EE42DB11710374A2A97ED5B58A9DA0AECC8AB0DF4DEEAC5970F33046255CE2F9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 10:50:05.0143 0x1618 RTL8167 - ok 10:50:05.0175 0x1618 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 10:50:05.0175 0x1618 s3cap - ok 10:50:05.0206 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] SamSs C:\Windows\system32\lsass.exe 10:50:05.0221 0x1618 SamSs - ok 10:50:05.0237 0x1618 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:50:05.0253 0x1618 sbp2port - ok 10:50:05.0268 0x1618 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:50:05.0299 0x1618 SCardSvr - ok 10:50:05.0315 0x1618 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:50:05.0346 0x1618 scfilter - ok 10:50:05.0409 0x1618 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 10:50:05.0487 0x1618 Schedule - ok 10:50:05.0518 0x1618 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:50:05.0533 0x1618 SCPolicySvc - ok 10:50:05.0565 0x1618 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 10:50:05.0580 0x1618 sdbus - ok 10:50:05.0596 0x1618 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:50:05.0627 0x1618 SDRSVC - ok 10:50:05.0643 0x1618 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:50:05.0689 0x1618 secdrv - ok 10:50:05.0721 0x1618 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll 10:50:05.0752 0x1618 seclogon - ok 10:50:05.0814 0x1618 [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys 10:50:05.0814 0x1618 semav6thermal64ro - ok 10:50:05.0845 0x1618 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 10:50:05.0892 0x1618 SENS - ok 10:50:05.0923 0x1618 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:50:05.0986 0x1618 SensrSvc - ok 10:50:06.0017 0x1618 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 10:50:06.0048 0x1618 Serenum - ok 10:50:06.0079 0x1618 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 10:50:06.0126 0x1618 Serial - ok 10:50:06.0142 0x1618 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 10:50:06.0173 0x1618 sermouse - ok 10:50:06.0204 0x1618 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 10:50:06.0235 0x1618 SessionEnv - ok 10:50:06.0267 0x1618 [ 85D0F874734C105D02280B39BF0AD23F, 8067852BC131363629B686D4DD6296748889482E2FC50C7A50F29906AF99C4C2 ] SFEP C:\Windows\system32\drivers\SFEP.sys 10:50:06.0282 0x1618 SFEP - ok 10:50:06.0313 0x1618 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:50:06.0313 0x1618 sffdisk - ok 10:50:06.0345 0x1618 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:50:06.0376 0x1618 sffp_mmc - ok 10:50:06.0407 0x1618 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:50:06.0407 0x1618 sffp_sd - ok 10:50:06.0438 0x1618 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 10:50:06.0469 0x1618 sfloppy - ok 10:50:06.0516 0x1618 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:50:06.0547 0x1618 SharedAccess - ok 10:50:06.0579 0x1618 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:50:06.0610 0x1618 ShellHWDetection - ok 10:50:06.0625 0x1618 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 10:50:06.0625 0x1618 SiSRaid2 - ok 10:50:06.0657 0x1618 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:50:06.0657 0x1618 SiSRaid4 - ok 10:50:06.0719 0x1618 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 10:50:06.0735 0x1618 SkypeUpdate - ok 10:50:06.0766 0x1618 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:50:06.0813 0x1618 Smb - ok 10:50:06.0891 0x1618 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:50:06.0922 0x1618 SNMPTRAP - ok 10:50:06.0969 0x1618 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 10:50:06.0984 0x1618 spldr - ok 10:50:07.0047 0x1618 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 10:50:07.0109 0x1618 Spooler - ok 10:50:07.0187 0x1618 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 10:50:07.0281 0x1618 sppsvc - ok 10:50:07.0296 0x1618 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:50:07.0343 0x1618 sppuinotify - ok 10:50:07.0390 0x1618 [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv C:\Windows\system32\DRIVERS\srv.sys 10:50:07.0405 0x1618 srv - ok 10:50:07.0437 0x1618 [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:50:07.0452 0x1618 srv2 - ok 10:50:07.0468 0x1618 [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:50:07.0483 0x1618 srvnet - ok 10:50:07.0515 0x1618 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:50:07.0546 0x1618 SSDPSRV - ok 10:50:07.0546 0x1618 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:50:07.0577 0x1618 SstpSvc - ok 10:50:07.0639 0x1618 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 10:50:07.0655 0x1618 ssudmdm - ok 10:50:07.0671 0x1618 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 10:50:07.0686 0x1618 stexstor - ok 10:50:07.0717 0x1618 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 10:50:07.0749 0x1618 stisvc - ok 10:50:07.0764 0x1618 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:50:07.0780 0x1618 storflt - ok 10:50:07.0795 0x1618 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 10:50:07.0842 0x1618 StorSvc - ok 10:50:07.0873 0x1618 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:50:07.0889 0x1618 storvsc - ok 10:50:07.0905 0x1618 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 10:50:07.0920 0x1618 swenum - ok 10:50:07.0983 0x1618 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 10:50:08.0014 0x1618 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 10:50:15.0159 0x1618 Detect skipped due to KSN trusted 10:50:15.0159 0x1618 SwitchBoard - ok 10:50:15.0221 0x1618 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 10:50:15.0283 0x1618 swprv - ok 10:50:15.0346 0x1618 [ 5112713CD4BC77AFA21647351702F909, 5A5CD7607F7EFA52E0E668511BBB4DF8126CCC70510CBADD8A39E69CE003E7E2 ] SynTP C:\Windows\system32\drivers\SynTP.sys 10:50:15.0346 0x1618 SynTP - ok 10:50:15.0424 0x1618 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 10:50:15.0517 0x1618 SysMain - ok 10:50:15.0549 0x1618 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:50:15.0580 0x1618 TabletInputService - ok 10:50:15.0611 0x1618 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 10:50:15.0658 0x1618 TapiSrv - ok 10:50:15.0767 0x1618 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:50:15.0814 0x1618 Tcpip - ok 10:50:15.0861 0x1618 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:50:15.0907 0x1618 TCPIP6 - ok 10:50:15.0939 0x1618 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:50:15.0970 0x1618 tcpipreg - ok 10:50:16.0001 0x1618 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:50:16.0017 0x1618 TDPIPE - ok 10:50:16.0032 0x1618 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:50:16.0063 0x1618 TDTCP - ok 10:50:16.0110 0x1618 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:50:16.0126 0x1618 tdx - ok 10:50:16.0360 0x1618 [ 2E7EFE9F59DA5EF7AAAE5712324FAAFD, 960130B0559F59AF3FF6DA1E6D11CAF663CEA2BCDAC3263699D67D20C1360318 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 10:50:16.0485 0x1618 TeamViewer - ok 10:50:16.0531 0x1618 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 10:50:16.0531 0x1618 TermDD - ok 10:50:16.0594 0x1618 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 10:50:16.0641 0x1618 TermService - ok 10:50:16.0672 0x1618 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 10:50:16.0703 0x1618 Themes - ok 10:50:16.0750 0x1618 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 10:50:16.0781 0x1618 THREADORDER - ok 10:50:16.0828 0x1618 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\Windows\system32\drivers\tpm.sys 10:50:16.0828 0x1618 TPM - ok 10:50:16.0859 0x1618 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 10:50:16.0890 0x1618 TrkWks - ok 10:50:16.0937 0x1618 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:50:16.0953 0x1618 TrustedInstaller - ok 10:50:16.0999 0x1618 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:50:17.0015 0x1618 tssecsrv - ok 10:50:17.0077 0x1618 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:50:17.0124 0x1618 TsUsbFlt - ok 10:50:17.0155 0x1618 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 10:50:17.0202 0x1618 TsUsbGD - ok 10:50:17.0233 0x1618 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:50:17.0265 0x1618 tunnel - ok 10:50:17.0280 0x1618 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:50:17.0296 0x1618 uagp35 - ok 10:50:17.0311 0x1618 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:50:17.0343 0x1618 udfs - ok 10:50:17.0374 0x1618 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:50:17.0405 0x1618 UI0Detect - ok 10:50:17.0436 0x1618 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:50:17.0436 0x1618 uliagpkx - ok 10:50:17.0467 0x1618 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:50:17.0499 0x1618 umbus - ok 10:50:17.0530 0x1618 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 10:50:17.0545 0x1618 UmPass - ok 10:50:17.0561 0x1618 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 10:50:17.0592 0x1618 UmRdpService - ok 10:50:17.0670 0x1618 [ F76057596EF65049869098677AB72C30, 4EE9353243CB64D0A3AFE060924D93225FB2EB085212F3AEC7A862FFF449C82A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 10:50:17.0686 0x1618 UNS - ok 10:50:17.0717 0x1618 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 10:50:17.0748 0x1618 upnphost - ok 10:50:17.0811 0x1618 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 10:50:17.0826 0x1618 usbaudio - ok 10:50:17.0842 0x1618 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:50:17.0857 0x1618 usbccgp - ok 10:50:17.0889 0x1618 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:50:17.0951 0x1618 usbcir - ok 10:50:17.0967 0x1618 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 10:50:17.0998 0x1618 usbehci - ok 10:50:18.0045 0x1618 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:50:18.0060 0x1618 usbhub - ok 10:50:18.0091 0x1618 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:50:18.0091 0x1618 usbohci - ok 10:50:18.0123 0x1618 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:50:18.0154 0x1618 usbprint - ok 10:50:18.0201 0x1618 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys 10:50:18.0263 0x1618 usbscan - ok 10:50:18.0294 0x1618 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:50:18.0341 0x1618 USBSTOR - ok 10:50:18.0357 0x1618 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:50:18.0388 0x1618 usbuhci - ok 10:50:18.0419 0x1618 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 10:50:18.0435 0x1618 usbvideo - ok 10:50:18.0544 0x1618 [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe 10:50:18.0559 0x1618 USER_ESRV_SVC - ok 10:50:18.0591 0x1618 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 10:50:18.0637 0x1618 UxSms - ok 10:50:18.0700 0x1618 [ 203FD19D70549A2939E1AE3A36608151, 2B965E52571B6F409132E5D7608B794D56538314BD4E68E58F9CBA39450A94B2 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe 10:50:18.0700 0x1618 VAIO Event Service - ok 10:50:18.0762 0x1618 [ 59308CD511A5F3EE33595FFD46F76B31, 757A8245AB2424DC245E5516BA6DB7DF30AF83E217CDA8EADAC0CA1DB24F457A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 10:50:18.0778 0x1618 VAIO Power Management - ok 10:50:18.0778 0x1618 [ C8A7F80DB5C193DD67747A1BA4B1782E, B216FC5A07C643868AD7C58F931F6327A21695E1734A62875F6E2909139F30B8 ] VaultSvc C:\Windows\system32\lsass.exe 10:50:18.0793 0x1618 VaultSvc - ok 10:50:18.0825 0x1618 [ 7CBA5728C50FCDFBB87FF9C2DCE881B0, CE12024F548B9380F90C559CB3448FD0CD4393061E9B0EDDAE8F13FBB100762D ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe 10:50:18.0825 0x1618 VCService - ok 10:50:18.0856 0x1618 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:50:18.0856 0x1618 vdrvroot - ok 10:50:18.0903 0x1618 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 10:50:18.0934 0x1618 vds - ok 10:50:18.0965 0x1618 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:50:18.0981 0x1618 vga - ok 10:50:18.0996 0x1618 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 10:50:19.0043 0x1618 VgaSave - ok 10:50:19.0090 0x1618 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:50:19.0121 0x1618 vhdmp - ok 10:50:19.0152 0x1618 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 10:50:19.0168 0x1618 viaide - ok 10:50:19.0168 0x1618 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:50:19.0183 0x1618 vmbus - ok 10:50:19.0199 0x1618 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 10:50:19.0215 0x1618 VMBusHID - ok 10:50:19.0230 0x1618 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:50:19.0230 0x1618 volmgr - ok 10:50:19.0277 0x1618 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:50:19.0293 0x1618 volmgrx - ok |
15.07.2016, 22:29 | #4 |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Logs - Teil 3 TDSS Killer 2/2 Code:
ATTFilter 10:50:19.0339 0x1618 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:50:19.0339 0x1618 volsnap - ok 10:50:19.0371 0x1618 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys 10:50:19.0386 0x1618 vpcbus - ok 10:50:19.0417 0x1618 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys 10:50:19.0480 0x1618 vpcnfltr - ok 10:50:19.0511 0x1618 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys 10:50:19.0511 0x1618 vpcusb - ok 10:50:19.0558 0x1618 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys 10:50:19.0573 0x1618 vpcvmm - ok 10:50:19.0589 0x1618 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:50:19.0605 0x1618 vsmraid - ok 10:50:19.0667 0x1618 [ B64F4E8CBD5428C20FB10E66808A56B3, C694BCA0B3CEE28A1419E908EBC92802EE91FEEE23C0A82C66F1780AF5E1CFA9 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 10:50:19.0698 0x1618 VSNService - ok 10:50:19.0761 0x1618 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 10:50:19.0823 0x1618 VSS - ok 10:50:19.0932 0x1618 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe 10:50:19.0948 0x1618 vssbrigde64 - ok 10:50:20.0041 0x1618 [ C460F38BCA36929693892DEC77857114, 230362A5B8F7BCA5484C62D219E3EF3CF2C0732669BBBA48DE8DB3282C4F87C9 ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe 10:50:20.0088 0x1618 VUAgent - ok 10:50:20.0104 0x1618 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 10:50:20.0119 0x1618 vwifibus - ok 10:50:20.0135 0x1618 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 10:50:20.0151 0x1618 vwififlt - ok 10:50:20.0166 0x1618 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 10:50:20.0182 0x1618 vwifimp - ok 10:50:20.0197 0x1618 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 10:50:20.0260 0x1618 W32Time - ok 10:50:20.0307 0x1618 [ D8DD34F9AC790781797A690C40906E09, 58259D01617BA4D9852F113AA35A0113E9F88E9FC82287A1F06DCE9CA8727A89 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys 10:50:20.0322 0x1618 WacHidRouter - ok 10:50:20.0338 0x1618 wacommousefilter - ok 10:50:20.0353 0x1618 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 10:50:20.0385 0x1618 WacomPen - ok 10:50:20.0431 0x1618 [ 8D151B5ACA3D12E00D119D1DC238B5DA, 76DC6F16B777126BA23CFB2D86D2220E6E9677F5C8D217DE7EB777DF6A1B6354 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys 10:50:20.0447 0x1618 wacomrouterfilter - ok 10:50:20.0447 0x1618 wacomvhid - ok 10:50:20.0478 0x1618 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:50:20.0525 0x1618 WANARP - ok 10:50:20.0525 0x1618 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:50:20.0556 0x1618 Wanarpv6 - ok 10:50:20.0634 0x1618 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 10:50:20.0665 0x1618 WatAdminSvc - ok 10:50:20.0743 0x1618 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 10:50:20.0790 0x1618 wbengine - ok 10:50:20.0806 0x1618 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:50:20.0821 0x1618 WbioSrvc - ok 10:50:20.0853 0x1618 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:50:20.0884 0x1618 wcncsvc - ok 10:50:20.0915 0x1618 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:50:20.0946 0x1618 WcsPlugInService - ok 10:50:20.0962 0x1618 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 10:50:20.0977 0x1618 Wd - ok 10:50:21.0024 0x1618 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:50:21.0055 0x1618 Wdf01000 - ok 10:50:21.0102 0x1618 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:50:21.0149 0x1618 WdiServiceHost - ok 10:50:21.0149 0x1618 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:50:21.0165 0x1618 WdiSystemHost - ok 10:50:21.0211 0x1618 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 10:50:21.0258 0x1618 WebClient - ok 10:50:21.0289 0x1618 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:50:21.0321 0x1618 Wecsvc - ok 10:50:21.0352 0x1618 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:50:21.0399 0x1618 wercplsupport - ok 10:50:21.0430 0x1618 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 10:50:21.0477 0x1618 WerSvc - ok 10:50:21.0523 0x1618 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:50:21.0555 0x1618 WfpLwf - ok 10:50:21.0555 0x1618 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:50:21.0570 0x1618 WIMMount - ok 10:50:21.0586 0x1618 WinDefend - ok 10:50:21.0586 0x1618 WinHttpAutoProxySvc - ok 10:50:21.0633 0x1618 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:50:21.0695 0x1618 Winmgmt - ok 10:50:21.0773 0x1618 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 10:50:21.0867 0x1618 WinRM - ok 10:50:21.0929 0x1618 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 10:50:21.0960 0x1618 WinUsb - ok 10:50:22.0023 0x1618 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:50:22.0054 0x1618 Wlansvc - ok 10:50:22.0101 0x1618 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:50:22.0101 0x1618 WmiAcpi - ok 10:50:22.0147 0x1618 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:50:22.0163 0x1618 wmiApSrv - ok 10:50:22.0194 0x1618 WMPNetworkSvc - ok 10:50:22.0241 0x1618 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:50:22.0288 0x1618 WPCSvc - ok 10:50:22.0303 0x1618 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:50:22.0335 0x1618 WPDBusEnum - ok 10:50:22.0350 0x1618 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:50:22.0413 0x1618 ws2ifsl - ok 10:50:22.0428 0x1618 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 10:50:22.0428 0x1618 wscsvc - ok 10:50:22.0491 0x1618 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 10:50:22.0506 0x1618 WSDPrintDevice - ok 10:50:22.0506 0x1618 WSearch - ok 10:50:22.0756 0x1618 [ E79A51AEAFF9DF8FFDD8B972C0A2DD30, 6292094ACD88A36B5F61A28DEAE93B88C4A464B72902A6320120661F50CCE8DD ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe 10:50:22.0787 0x1618 WTabletServicePro - ok 10:50:22.0990 0x1618 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll 10:50:23.0099 0x1618 wuauserv - ok 10:50:23.0146 0x1618 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:50:23.0224 0x1618 WudfPf - ok 10:50:23.0286 0x1618 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:50:23.0349 0x1618 WUDFRd - ok 10:50:23.0380 0x1618 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:50:23.0395 0x1618 wudfsvc - ok 10:50:23.0442 0x1618 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 10:50:23.0520 0x1618 WwanSvc - ok 10:50:23.0598 0x1618 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 10:50:23.0629 0x1618 ZeroConfigService - ok 10:50:23.0739 0x1618 ================ Scan global =============================== 10:50:23.0785 0x1618 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 10:50:23.0848 0x1618 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll 10:50:23.0895 0x1618 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll 10:50:23.0957 0x1618 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 10:50:24.0019 0x1618 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 10:50:24.0035 0x1618 [ Global ] - ok 10:50:24.0035 0x1618 ================ Scan MBR ================================== 10:50:24.0051 0x1618 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 10:50:24.0409 0x1618 \Device\Harddisk0\DR0 - ok 10:50:24.0425 0x1618 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1 10:50:24.0487 0x1618 \Device\Harddisk1\DR1 - ok 10:50:24.0487 0x1618 ================ Scan VBR ================================== 10:50:24.0503 0x1618 [ A93ECE5506FC903BB9521615EB059B4D ] \Device\Harddisk0\DR0\Partition1 10:50:24.0565 0x1618 \Device\Harddisk0\DR0\Partition1 - ok 10:50:24.0597 0x1618 [ B0C926318DEDBEEA915193632381ABC5 ] \Device\Harddisk0\DR0\Partition2 10:50:24.0612 0x1618 \Device\Harddisk0\DR0\Partition2 - ok 10:50:24.0628 0x1618 [ FFAA4B1A99DEAEF1A68F8E50CE371D6A ] \Device\Harddisk0\DR0\Partition3 10:50:24.0628 0x1618 \Device\Harddisk0\DR0\Partition3 - ok 10:50:24.0643 0x1618 [ 0A148C3F681DCB36846C5CCD35BA43FF ] \Device\Harddisk0\DR0\Partition4 10:50:24.0659 0x1618 \Device\Harddisk0\DR0\Partition4 - ok 10:50:24.0675 0x1618 [ 51644F465D347BDB474259BF63F6DAEA ] \Device\Harddisk0\DR0\Partition5 10:50:24.0690 0x1618 \Device\Harddisk0\DR0\Partition5 - ok 10:50:24.0706 0x1618 [ 6B6AD4D2D76A84EDC6A59B8B02613951 ] \Device\Harddisk0\DR0\Partition6 10:50:24.0706 0x1618 \Device\Harddisk0\DR0\Partition6 - ok 10:50:24.0721 0x1618 [ CED83D1AD7F210ACF1CCFF608C87BBC4 ] \Device\Harddisk1\DR1\Partition1 10:50:24.0721 0x1618 \Device\Harddisk1\DR1\Partition1 - ok 10:50:24.0721 0x1618 ================ Scan generic autorun ====================== 10:50:24.0924 0x1618 [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 10:50:24.0955 0x1618 RtHDVBg_Dolby - ok 10:50:24.0987 0x1618 [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 10:50:25.0018 0x1618 RtHDVBg - ok 10:50:25.0018 0x1618 BTMTrayAgent - ok 10:50:25.0065 0x1618 [ 5E7CDCB6438D5A83EAD39A3AAC542581, 3313FE3BFB9D92CA2B8E25DB2054CD7F07409BC4117DC68993055A102F67DC45 ] C:\Windows\system32\igfxtray.exe 10:50:25.0080 0x1618 IgfxTray - ok 10:50:25.0127 0x1618 [ F90A9CA2335386E0DE028AC82A73C751, 9500A2E4628EF4C9D983727AFBB2F805E2555B65E3E19BA1E4FCFF1B92C652BC ] C:\Windows\system32\hkcmd.exe 10:50:25.0143 0x1618 HotKeysCmds - ok 10:50:25.0158 0x1618 [ C7E9B3E1B219AE8C07A0C5ED1477A6A6, F669BB7683F74DF956B46A0A0AC94A8DAA0CAEF60EE0C1501C957109C53B92C3 ] C:\Windows\system32\igfxpers.exe 10:50:25.0174 0x1618 Persistence - ok 10:50:25.0174 0x1618 SynTPEnh - ok 10:50:25.0236 0x1618 [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 10:50:25.0236 0x1618 IAStorIcon - ok 10:50:25.0299 0x1618 [ 8D2B47285BCDE1943A16166702E3FA95, 621156A7861CA83BCD146D1CCCAC13F72951F2A64866C185796D7954E2EBAEA0 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe 10:50:25.0314 0x1618 Dolby Home Theater v4 - ok 10:50:25.0392 0x1618 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 10:50:25.0408 0x1618 USB3MON - ok 10:50:25.0470 0x1618 [ 4AD491D49890D794BFA77AAB935046C5, 9A3D575C4CF99844DAA1CD11D0F5BAD13653B12941F211A42C27A09B6E079BE8 ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe 10:50:25.0486 0x1618 ISBMgr.exe - ok 10:50:25.0533 0x1618 [ C1A08CC613C8CE4CFC3E9E3F99E4E3F2, 3A1CC4969D3CCC5CF5D726CD88B5D46582E9E433EF46457AD12A06F560E80131 ] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe 10:50:25.0548 0x1618 Intel AT Service signup - detected UnsignedFile.Multi.Generic ( 1 ) 10:50:32.0709 0x1618 Intel AT Service signup ( UnsignedFile.Multi.Generic ) - warning 10:50:32.0709 0x1618 Force sending object to P2P due to detect: c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe 10:50:40.0010 0x1618 Object send P2P result: true 10:50:47.0264 0x1618 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 10:50:47.0279 0x1618 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 10:50:47.0279 0x1618 Detect skipped due to KSN trusted 10:50:47.0279 0x1618 SwitchBoard - ok 10:50:47.0373 0x1618 [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe 10:50:47.0420 0x1618 AdobeCS5.5ServiceManager - ok 10:50:47.0498 0x1618 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:50:47.0544 0x1618 Sidebar - ok 10:50:47.0576 0x1618 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:50:47.0576 0x1618 mctadmin - ok 10:50:47.0607 0x1618 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:50:47.0654 0x1618 Sidebar - ok 10:50:47.0654 0x1618 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:50:47.0669 0x1618 mctadmin - ok 10:50:47.0700 0x1618 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:50:47.0732 0x1618 Sidebar - ok 10:50:47.0732 0x1618 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:50:47.0747 0x1618 mctadmin - ok 10:50:47.0825 0x1618 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 10:50:47.0872 0x1618 Sidebar - ok 10:50:47.0903 0x1618 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 10:50:47.0950 0x1618 Sidebar - ok 10:50:48.0012 0x1618 [ 5644535CAAEBA642398D6B9EC1025276, 7D41D1514CDF410FECAA2D576E3AF27023717EC6798361089D58593B4C2C72BC ] C:\Program Files (x86)\BirdieSync\BirdieSync.exe 10:50:48.0044 0x1618 BirdieSync - detected UnsignedFile.Multi.Generic ( 1 ) 10:50:55.0220 0x1618 Detect skipped due to KSN trusted 10:50:55.0220 0x1618 BirdieSync - ok 10:50:55.0313 0x1618 [ AB7A5868A3DEF58D4935F4982ED1FBD3, A1583F34456A32A23D6E955D23E4B532479C276A0BEE064FEFB9E580C9858BC7 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe 10:50:55.0344 0x1618 AnyDVD - ok 10:50:55.0563 0x1618 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe 10:50:55.0594 0x1618 Dropbox Update - ok 10:50:55.0594 0x1618 Waiting for KSN requests completion. In queue: 11 10:50:56.0608 0x1618 Waiting for KSN requests completion. In queue: 11 10:50:57.0622 0x1618 Waiting for KSN requests completion. In queue: 11 10:50:58.0636 0x1618 Waiting for KSN requests completion. In queue: 11 10:50:59.0650 0x1618 Waiting for KSN requests completion. In queue: 2 10:51:00.0664 0x1618 Waiting for KSN requests completion. In queue: 2 10:51:01.0678 0x1618 Waiting for KSN requests completion. In queue: 2 10:51:02.0692 0x1618 Waiting for KSN requests completion. In queue: 2 10:51:03.0722 0x1618 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated ) 10:51:03.0722 0x1618 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled ) 10:51:10.0898 0x1618 ============================================================ 10:51:10.0898 0x1618 Scan finished 10:51:10.0898 0x1618 ============================================================ 10:51:10.0898 0x15e4 Detected object count: 2 10:51:10.0898 0x15e4 Actual detected object count: 2 11:00:07.0305 0x15e4 CBTService ( UnsignedFile.Multi.Generic ) - skipped by user 11:00:07.0305 0x15e4 CBTService ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:00:07.0305 0x15e4 Intel AT Service signup ( UnsignedFile.Multi.Generic ) - skipped by user 11:00:07.0305 0x15e4 Intel AT Service signup ( UnsignedFile.Multi.Generic ) - User select action: Skip |
15.07.2016, 22:33 | #5 |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Logs Teil 4 ESET Online Scan: Code:
ATTFilter ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=64bdcd1bc002644ea3b07b3a462e265c # end=init # utc_time=2016-07-14 09:23:02 # local_time=2016-07-14 11:23:02 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 30105 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=64bdcd1bc002644ea3b07b3a462e265c # end=updated # utc_time=2016-07-14 09:25:56 # local_time=2016-07-14 11:25:56 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=64bdcd1bc002644ea3b07b3a462e265c # engine=30105 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-07-14 12:25:15 # local_time=2016-07-14 02:25:15 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Kaspersky Internet Security' # compatibility_mode=1305 16777213 100 100 13802 32717767 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 75279 220128965 0 0 # scanned=362093 # found=5 # cleaned=0 # scan_time=10759 sh=32722FFA8735A31DCEA29D60D05E3AB97B61E8BD ft=1 fh=74ff10e23973ec61 vn="Variante von Win32/DownloadGuide.K evtl. unerwÃŒnschte Anwendung" ac=I fn="C:\Disks\Recuva\Recuva.exe" sh=6129AD98EC5ACE89DE6E3CD1E48479A944D92CCA ft=1 fh=d999a402a382eaa6 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃŒnschte Anwendung" ac=I fn="C:\Disks\µtorrent\utorrent.exe" sh=61E6840E6EAC635A6F5E58284361BAC0E5D0DF84 ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" sh=61E6840E6EAC635A6F5E58284361BAC0E5D0DF84 ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" sh=6129AD98EC5ACE89DE6E3CD1E48479A944D92CCA ft=1 fh=d999a402a382eaa6 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃŒnschte Anwendung" ac=I fn="C:\Users\v\AppData\Roaming\uTorrent\updates\3.3.1_29938.exe" Last, but not least, nach all diesen Schritten: FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02 durchgeführt von v (Administrator) auf MONOLITH (14-07-2016 15:35:38) Gestartet von E:\FRST Geladene Profile: UpdatusUser & v (Verfügbare Profile: UpdatusUser & rk & v) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cogent Systems, Inc.) C:\Program Files\Cogent BioTrust 3.0\CBTService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (HUAWEI Technologies Co., Ltd.) C:\Program Files (x86)\Huawei\Gobi\GobiQDLService\GobiQDLService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe ( ) C:\Windows\System32\lxeccoms.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Cogent Systems, Inc.) C:\Program Files\Cogent BioTrust 3.0\CBTTrayEx.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Callicia) C:\Program Files (x86)\BirdieSync\BirdieSync.exe (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\BirdieSync\Android\Adb\1.0.31\adb.exe () C:\Program Files (x86)\BirdieSync\Android\Adb\1.0.31\adb.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-20] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-03-19] (Synaptics Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [CBTTray] => C:\Program Files\Cogent BioTrust 3.0\CBTTrayEx.exe [85504 2011-02-15] (Cogent Systems, Inc.) HKLM\...\Run: [CBTMsgMgr] => C:\Program Files\Cogent BioTrust 3.0\CMBTMsgMgr.exe [15360 2011-02-15] (cogent) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-09] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation) HKLM-x32\...\Run: [Intel AT Service signup] => c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\Run: [BirdieSync] => C:\Program Files (x86)\BirdieSync\BirdieSync.exe [998912 2014-07-26] (Callicia) HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [93096 2014-05-14] (SlySoft, Inc.) HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\Run: [Dropbox Update] => C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) Lsa: [Notification Packages] scecli CBTEvH ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) Startup: C:\Users\v\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-11-01] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{40B32359-D767-4819-98E0-C9F8F709F9A8}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005 -> DefaultScope {0B652906-74ED-45B5-BBF9-6B94306ED415} URL = SearchScopes: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005 -> {29B9C86F-00A5-44D7-99B4-7345EF8A34FC} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms} BHO: SSOIEMonitor Class -> {2A3D4C3F-A06D-4EFD-90F9-421E3FD58E6D} -> C:\Windows\system32\SSOIEPlugin.dll [2011-02-15] (Cogent Systems Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-10] (Oracle Corporation) BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\IEBHO.DLL [2012-02-20] (AuthenTec Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-06-14] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-01] (AO Kaspersky Lab) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-10] (Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll [2012-02-20] (AuthenTec Inc.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-01] (AO Kaspersky Lab) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-01] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-01] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default FF NewTab: about:home FF SelectedSearchEngine: Yahoo® FF Homepage: about:home FF Session Restore: -> ist aktiviert. FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-10] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-23] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-23] (Intel Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN) FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] () FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Extension: Grab and Drag - C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi [2016-04-29] FF Extension: Password Bank - C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\Extensions\passwordbank@upek.com [2013-07-07] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\728iod3v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-07-13] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-10-20] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25] FF HKLM-x32\...\Sunbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Sunbird Service FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Sunbird Service [2015-05-13] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Thunderbird Service FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Thunderbird Service [2015-05-13] [ist nicht signiert] Chrome: ======= CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [nibgmhfiionbhpeidijmiildfjnbbkic] - C:\Program Files\AuthenTec TrueSuite\x86\tschrome.crx [2012-02-20] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 ActiveDelayDeviceService; C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [78472 2011-09-20] (Sony Corporation) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-11-01] (Kaspersky Lab ZAO) R2 CBTService; C:\Program Files\Cogent BioTrust 3.0\CBTService.exe [13824 2011-02-15] (Cogent Systems, Inc.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation) R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) R2 FPLService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [300360 2012-02-20] (AuthenTec, Inc) R2 GobiQDLService; C:\Program Files (x86)\Huawei\Gobi\GobiQDLService\GobiQDLService.exe [318464 2011-03-04] (HUAWEI Technologies Co., Ltd.) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-23] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-23] (Intel Corporation) R2 lxec_device; C:\Windows\system32\lxeccoms.exe [1052328 2010-04-14] ( ) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671000 2014-11-04] (Wacom Technology, Corp.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 gobi3kfilter; C:\Windows\System32\DRIVERS\gobi3kfilter.sys [34304 2010-12-13] (QUALCOMM Incorporated) S3 gobi3kmbb; C:\Windows\System32\DRIVERS\gobi3kmbb.sys [399872 2011-04-21] (QUALCOMM Incorporated) S3 gobi3kserial; C:\Windows\System32\DRIVERS\gobi3kserial.sys [233984 2010-12-13] (QUALCOMM Incorporated) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-01] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-01] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-07-09] () S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X] S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-14 15:34 - 2016-07-14 15:35 - 00000000 ____D C:\FRST 2016-07-14 11:22 - 2016-07-14 11:22 - 00000000 ____D C:\Program Files (x86)\ESET 2016-07-14 10:47 - 2016-07-14 11:10 - 00247462 _____ C:\TDSSKiller.3.1.0.9_14.07.2016_10.47.34_log.txt 2016-07-14 10:42 - 2016-07-14 10:42 - 00003467 _____ C:\Users\v\Desktop\JRT.txt 2016-07-14 10:25 - 2016-07-14 10:33 - 00000000 ____D C:\AdwCleaner 2016-07-14 09:53 - 2016-07-14 14:48 - 00000000 ____D C:\Users\v\Desktop\Entwurmung Protokolle 2016-07-14 09:42 - 2016-07-14 10:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-14 09:41 - 2016-07-14 09:41 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-07-14 09:41 - 2016-07-14 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-07-14 09:41 - 2016-07-14 09:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-07-14 09:41 - 2016-07-14 09:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-07-14 09:41 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-07-14 09:41 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-07-14 09:41 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-07-13 11:40 - 2016-07-13 11:40 - 00262144 _____ C:\Windows\system32\config\elam 2016-07-13 10:05 - 2016-07-13 10:05 - 06079168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2016-07-13 09:48 - 2016-07-13 09:48 - 00000000 ____D C:\Users\v\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-07-13 09:38 - 2016-07-13 11:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-07-08 09:23 - 2016-07-08 09:23 - 00000000 ____D C:\Users\v\AppData\Local\TempTaskUpdateDetection9FF88DE2-61BD-495E-8097-A853BFBCEDF0 2016-07-03 14:45 - 2016-07-03 14:45 - 00000000 ____D C:\Windows\EOONotify 2016-06-22 13:34 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-06-22 13:34 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-06-22 13:34 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2016-06-22 13:34 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2016-06-22 13:34 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2016-06-22 13:34 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2016-06-22 13:34 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2016-06-22 13:34 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe 2016-06-22 13:34 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2016-06-22 13:33 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-06-22 13:33 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-06-22 13:33 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-06-22 13:33 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-06-22 13:33 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-06-22 13:33 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-06-22 13:33 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2016-06-22 13:33 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-06-22 13:33 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-06-22 13:33 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-06-22 13:33 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-06-22 13:33 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-06-22 13:33 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-06-22 13:33 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-06-22 13:33 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-06-22 13:33 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-06-22 13:33 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-06-22 13:33 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-06-22 13:33 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-06-22 13:33 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-06-22 13:33 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-06-22 13:33 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-06-22 13:33 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-06-22 13:33 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-06-22 13:33 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2016-06-22 13:33 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-06-22 13:33 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-06-22 13:33 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-06-22 13:33 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-06-22 13:33 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-06-22 13:33 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-06-22 13:33 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe 2016-06-22 13:33 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-06-22 13:33 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-06-22 13:33 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-06-22 13:33 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll 2016-06-22 13:33 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-06-22 13:33 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe 2016-06-22 13:33 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-06-22 13:33 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-06-22 13:33 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-06-22 13:33 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-06-22 13:33 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-06-22 13:33 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-06-22 13:33 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2016-06-22 13:33 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-06-22 13:33 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-06-22 13:33 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-06-22 13:33 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-06-22 13:33 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-06-22 13:33 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-06-22 13:33 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-06-22 13:33 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-06-22 13:29 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-06-22 13:29 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-06-22 13:29 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-06-22 13:29 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-06-22 13:29 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-06-22 13:29 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-06-22 13:29 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-06-22 13:29 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-06-22 13:29 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2016-06-22 13:29 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2016-06-22 13:29 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-06-22 13:29 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-14 15:32 - 2015-06-19 11:21 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005UA.job 2016-07-14 15:30 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-14 15:30 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-14 15:22 - 2014-01-31 10:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-07-14 15:22 - 2013-07-07 19:06 - 00000000 ____D C:\Users\v\AppData\LocalLow\AuthenTec 2016-07-14 15:22 - 2012-05-05 09:55 - 00000000 ____D C:\ProgramData\Temp 2016-07-14 15:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-14 14:50 - 2013-07-18 10:26 - 00000000 ____D C:\Users\v\AppData\Roaming\uTorrent 2016-07-14 11:32 - 2015-06-19 11:21 - 00001156 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005Core.job 2016-07-14 10:55 - 2015-06-27 11:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-07-14 10:54 - 2015-06-27 10:56 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-07-14 10:40 - 2012-05-05 10:14 - 00701560 _____ C:\Windows\system32\perfh007.dat 2016-07-14 10:40 - 2012-05-05 10:14 - 00150428 _____ C:\Windows\system32\perfc007.dat 2016-07-14 10:40 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-14 10:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-07-14 10:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Web 2016-07-13 11:46 - 2013-06-21 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-07-13 10:05 - 2012-05-05 09:52 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-07-13 10:05 - 2012-05-05 09:52 - 00000000 ____D C:\Windows\system32\Macromed 2016-07-13 09:48 - 2013-07-23 18:39 - 00000000 ____D C:\Users\v\AppData\Roaming\Dropbox 2016-07-11 18:17 - 2015-02-22 14:12 - 00000000 ____D C:\Users\v\Desktop\Stuff 2016-07-11 18:17 - 2013-07-07 20:59 - 00000000 ____D C:\Users\v\AppData\Roaming\vlc 2016-07-08 10:46 - 2013-07-13 11:42 - 00001456 _____ C:\Users\v\AppData\Local\Adobe Save for Web 12.0 Prefs 2016-07-08 10:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2016-07-05 20:35 - 2013-06-21 12:04 - 00000000 ____D C:\Users\rk 2016-07-01 09:00 - 2013-06-21 16:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-06-22 15:36 - 2013-07-07 19:06 - 00000000 ___RD C:\Users\v\Virtual Machines 2016-06-22 14:39 - 2009-07-14 06:45 - 05047000 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-22 14:35 - 2014-12-12 08:15 - 00000000 ____D C:\Windows\system32\appraiser 2016-06-22 13:43 - 2013-07-17 17:50 - 00000000 ____D C:\Windows\system32\MRT 2016-06-22 13:37 - 2013-06-21 13:24 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-06-15 13:45 - 2015-06-27 12:04 - 00000000 ____D C:\Users\v\AppData\Local\Microsoft Help ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-11-04 23:39 - 2014-03-11 17:58 - 0000132 _____ () C:\Users\v\AppData\Roaming\Adobe BMP Format CS5 Prefs 2013-09-01 17:58 - 2016-02-02 13:06 - 0000132 _____ () C:\Users\v\AppData\Roaming\Adobe PNG Format CS5 Prefs 2013-07-13 11:42 - 2016-07-08 10:46 - 0001456 _____ () C:\Users\v\AppData\Local\Adobe Save for Web 12.0 Prefs 2015-01-25 14:57 - 2015-03-31 19:40 - 0004608 _____ () C:\Users\v\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-06-28 16:09 - 2013-06-28 16:09 - 0000040 ___SH () C:\ProgramData\.zreglib 2013-07-20 21:34 - 2013-07-20 21:34 - 0000405 _____ () C:\ProgramData\Coinstaller.log 2013-07-20 21:37 - 2013-07-20 21:37 - 0000576 _____ () C:\ProgramData\lxecJSW.log 2013-07-20 21:31 - 2013-07-20 21:31 - 0000086 _____ () C:\ProgramData\lxecscan.log Einige Dateien in TEMP: ==================== C:\Users\rk\AppData\Local\Temp\mfc80.dll C:\Users\rk\AppData\Local\Temp\mfc80u.dll C:\Users\rk\AppData\Local\Temp\mfcm80.dll C:\Users\rk\AppData\Local\Temp\mfcm80u.dll C:\Users\rk\AppData\Local\Temp\msvcm80.dll C:\Users\rk\AppData\Local\Temp\msvcp80.dll C:\Users\rk\AppData\Local\Temp\msvcr80.dll C:\Users\rk\AppData\Local\Temp\Uninstaller.exe C:\Users\rk\AppData\Local\Temp\UninstallerChina.dll C:\Users\rk\AppData\Local\Temp\UninstallerChiTrad.dll C:\Users\rk\AppData\Local\Temp\UninstallerFre.dll C:\Users\rk\AppData\Local\Temp\UninstallerGer.dll C:\Users\rk\AppData\Local\Temp\UninstallerIta.dll C:\Users\rk\AppData\Local\Temp\UninstallerPol.dll C:\Users\rk\AppData\Local\Temp\UninstallerRus.dll C:\Users\rk\AppData\Local\Temp\UninstallerSpa.dll C:\Users\rk\AppData\Local\Temp\WtgDriverInstallX.dll C:\Users\rk\AppData\Local\Temp\WTGXMLUtil.dll C:\Users\v\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdncimm.dll C:\Users\v\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\v\AppData\Local\Temp\libeay32.dll C:\Users\v\AppData\Local\Temp\msvcr120.dll C:\Users\v\AppData\Local\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll C:\Users\v\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-13 19:34 ==================== Ende von FRST.txt ============================ Und FRST Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02 durchgeführt von v (2016-07-14 15:37:04) Gestartet von E:\FRST Windows 7 Professional Service Pack 1 (X64) (2012-08-27 07:11:32) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3938329548-1295178815-1076779813-500 - Administrator - Disabled) Gast (S-1-5-21-3938329548-1295178815-1076779813-501 - Limited - Disabled) rk (S-1-5-21-3938329548-1295178815-1076779813-1004 - Administrator - Enabled) => C:\Users\rk UpdatusUser (S-1-5-21-3938329548-1295178815-1076779813-1000 - Limited - Enabled) => C:\Users\UpdatusUser v (S-1-5-21-3938329548-1295178815-1076779813-1005 - Administrator - Enabled) => C:\Users\v ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19460 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated) Adobe Creative Suite 5.5 Design Standard (HKLM-x32\...\{53CF3920-648B-4F99-8D05-6A6C5298F57B}) (Version: 5.5 - Adobe Systems Incorporated) Anki (HKLM-x32\...\Anki) (Version: - ) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.7.0 - SlySoft) ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft) AuthenTec TrueSuite (HKLM\...\{1E1771A5-9BDA-4F91-ACEA-9798BCF8CFDD}) (Version: 5.2.0.675 - AuthenTec, Inc.) AuthenTec WinBio FingerPrint Software (HKLM\...\{403EB04F-20E8-4C55-B989-4040340B3040}) (Version: 3.2.1.1030 - AuthenTec, Inc.) BirdieSync 2.4.10.0 (HKLM-x32\...\BirdieSync) (Version: 2.4.10.0 - Callicia) Cell Biology Interactive (HKLM-x32\...\Cell_Biology_Interactive) (Version: - ) Cogent BioTrust (HKLM\...\{CCD89A93-80B3-4C9D-85A1-FF6704C9BBC1}) (Version: 3.00.4063 - Cogent Systems, Inc.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc) Dropbox (HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) DVD Architect Studio 5.0 (HKLM-x32\...\{7A491ACF-24FE-11E1-B81E-F04DA23A5C58}) (Version: 5.0.157 - Sony) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.) eWallet 7.3 for Windows PCs (HKLM-x32\...\Ilium Software eWallet_is1) (Version: 7.3 - Ilium Software) FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden foobar2000 v1.2.3 (HKLM-x32\...\foobar2000) (Version: 1.2.3 - Peter Pawlowski) FreeCAD 0.15 - A free open source CAD system (HKLM\...\FreeCAD 0.15) (Version: 0.15.4671 - Juergen Riegel) Gobi_Firmware (HKLM-x32\...\Gobi_Firmware) (Version: - ) HOFER Bestellsoftware 4.14.5 (HKLM-x32\...\HOFER Bestellsoftware) (Version: 4.14.5 - ORWO Net) HW Gobi 3000 Driver 1.08.00.00 (HKLM-x32\...\HW Gobi 3000 Driver) (Version: 1.08.00.00 - Huawei technologies Co., Ltd.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation) Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan) Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4841.1001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla) Mozilla Thunderbird 38.7.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 en-US)) (Version: 38.7.2 - Mozilla) Noise Ninja 2 (Standalone Version) (HKLM-x32\...\Noise Ninja (Standalone Version)_is1) (Version: - PictureCode LLC) NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1001 - Microsoft Corporation) Hidden OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.) RStudio (HKLM-x32\...\RStudio) (Version: 0.97.551 - RStudio) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.5 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.6.1 - uvnc bvba) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation) VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.2.2.16060 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.9.0.13190 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation) VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.2.02090 - Sony Corporation) VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 1.0.0.12300 - Sony Corporation) VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.3.0.12280 - Sony Corporation) VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.14.1.07010 - Sony Corporation) VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.7.1.06040 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation) VAIO CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.3.0.12300 - Sony Corporation) VBMx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Microsoft) Hidden ViceVersa Pro 2.5 64-bit (Build 2511) (HKLM\...\ViceVersa Pro Installation_is1) (Version: 2 - TGRMN Software) VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN) VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden VueScan x64 (HKLM\...\VueScan x64) (Version: - ) VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.10w2 - Wacom Technology Corp.) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.) WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation) WinHex (HKLM-x32\...\WinHex) (Version: - ) WinZip (HKLM-x32\...\WinZip) (Version: 9.0 (6028) - WinZip Computing, Inc.) xrecode II 1.0.0.203 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\v\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {04F0D55C-E33C-4703-92BB-6F101D4CBD1D} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation) Task: {09809DBB-2404-4E81-9F77-4331A7FF7636} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net Task: {1817D26F-7FF0-405C-B2DE-8C096B92C56E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005Core => C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {18E287BE-549A-4692-AD8E-B3D63051F865} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {298F11F3-BF81-4781-9581-69D84AD93C08} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {2F20DABC-EBFD-4ED9-BC96-7A2E389BF50C} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {32056E9D-DE4F-4CB1-B926-0D3625833644} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation) Task: {3AA35381-609E-445F-8F8E-203BA2A00450} - \{CDA12EEE-C06D-4B2C-5CFE-897C26EA1A59} -> Keine Datei <==== ACHTUNG Task: {3B0675BA-B5B5-4297-91B9-4596EDF08F65} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-14] (Microsoft Corporation) Task: {416BABCA-9A03-4C9F-AB03-AAACD5F01E0D} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2011-12-27] (Sony Corporation) Task: {419DDA92-92EA-4FCD-8309-73D91FE7DA55} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation) Task: {45DAD3C2-7F7A-4AC2-85EB-ECBB88C98B6A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-04-06] (Sony Corporation) Task: {47CF6933-D408-499C-AACD-AC566AA90C71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {508E50A6-B4C9-4E81-B46F-8A8C73C8A93F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {53F6EBB4-ACDA-4CCF-83D2-82FE78E4562C} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation) Task: {5668A0F2-E49E-4F60-8706-7A5E203EFD64} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation) Task: {5A2BFE9B-B3EE-4ACA-A44B-AFA7B6EDE911} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation) Task: {5B74A9F5-B845-42D6-96F8-3878680E1DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {5C7D5FFE-0916-47B8-A2A3-2A58B0B6ED3E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {5D6645BA-6BE6-42F0-8805-224F61A76B12} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation) Task: {5E19982A-1CEE-4F40-8239-1C259374F256} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation) Task: {666975EF-101D-47FC-9497-24BB732541D1} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {699B4F7D-0707-4501-B7FF-29E3E1B9E4F6} - System32\Tasks\{19B9DC89-C3B2-4269-84BF-94AD544C83F0} => pcalua.exe -a "C:\Disks\Canon CanoSacn 4200F Treiber\4200fvst648620a_64en\SetupSG.exe" -d "C:\Disks\Canon CanoSacn 4200F Treiber\4200fvst648620a_64en" Task: {6A23A304-4F34-486F-BA6D-5C95AF451126} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005UA => C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {78BEFE51-EBDF-4BCC-9A8C-D1F2CA7A8F8C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {79544FAE-FAF4-4AF6-9E5A-FB4C8F18D2B6} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {8ECCF8B7-FCA1-48FE-9CFD-88974EA6BC82} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {9355708D-4389-4650-AD0B-F7B6145DE62B} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation) Task: {9F5F8316-2083-46C5-8894-1FFB6639D098} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation) Task: {A5B7730E-D7CB-4A4D-814F-C0F6FC1AE552} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation) Task: {B63E84F7-06CC-4C21-B420-EF44A80F7096} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {B752D387-10E4-494C-A7CD-6CC1A76DCEA2} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {C9277B45-A6A9-4A81-BB00-619DD966FCEB} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {CF3B7440-7224-48C8-A3D1-DA24B435F45B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-12-27] (Sony Corporation) Task: {D8B08F86-5272-45F4-ADC4-06DB9A5F03EA} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-06-28] (Microsoft Corporation) Task: {DB0363E6-7158-42B8-BA91-98859226BAB7} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {DBCB3AD0-B352-4757-BB11-5E41AA715322} - System32\Tasks\{F560F251-798D-4D0F-A4CF-6D4A4B7276FC} => Firefox.exe hxxp://ui.skype.com/ui/0/7.15.0.102/de/abandoninstall?source=lightinstaller&page=tsBing Task: {F041941E-51C9-4EF0-8823-FF60D27A1085} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation) Task: {F57298D6-F599-4C84-9689-850C5AC72F26} - System32\Tasks\AdobeAAMUpdater-1.0-MONOLITH-v => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated) Task: {FC5ABC66-B90F-4855-AAB2-01E5EA2CF6FD} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-04-06] (Sony Corporation) Task: {FE3353BB-6C72-4115-A2BD-55EA804218DD} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-02-24] (Sony Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005Core.job => C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3938329548-1295178815-1076779813-1005UA.job => C:\Users\v\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2011-02-15 02:08 - 2011-02-15 02:08 - 00159744 _____ () C:\Windows\system32\CBTCommon.dll 2011-01-10 17:56 - 2011-01-10 17:56 - 01412608 _____ () C:\Windows\system32\LIBEAY32.dll 2011-02-15 02:08 - 2011-02-15 02:08 - 00073728 _____ () C:\Windows\system32\CBTAuthClient.dll 2011-02-15 02:08 - 2011-02-15 02:08 - 00079360 _____ () C:\Windows\system32\CBTAuthComm.dll 2011-02-15 02:08 - 2011-02-15 02:08 - 00096256 _____ () C:\Windows\system32\CBTAuthServer.dll 2012-05-05 09:31 - 2013-06-21 12:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-07-20 21:34 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll 2011-02-15 02:09 - 2011-02-15 02:09 - 00074240 _____ () C:\Windows\system32\CBTVCamHelp.dll 2011-02-15 02:09 - 2011-02-15 02:09 - 00020480 _____ () C:\Windows\system32\CFaceToken.dll 2011-02-15 02:09 - 2011-02-15 02:09 - 00279040 _____ () C:\Windows\system32\CFaceAuth.dll 2011-02-15 02:09 - 2011-02-15 02:09 - 00563712 _____ () C:\Windows\system32\SSOStorage.DLL 2011-02-15 02:09 - 2011-02-15 02:09 - 00066048 _____ () C:\Windows\system32\SSOBasicLibrary.dll 2015-06-27 10:56 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2012-05-05 09:33 - 2012-03-23 10:47 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2012-02-20 04:57 - 2012-02-20 04:57 - 00087880 _____ () C:\Program Files\AuthenTec TrueSuite\ssutil.dll 2012-02-20 04:57 - 2012-02-20 04:57 - 00556360 _____ () C:\Program Files\AuthenTec TrueSuite\DataManager.dll 2012-04-05 04:04 - 2012-04-03 22:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-02-15 02:09 - 2011-02-15 02:09 - 00130560 _____ () C:\Windows\system32\CBTWebPasteIE.dll 2013-09-05 12:10 - 2014-11-04 20:49 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2013-08-04 14:00 - 2013-08-04 14:00 - 00075864 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe 2013-09-17 10:29 - 2013-09-17 10:29 - 00819200 _____ () C:\Program Files (x86)\BirdieSync\Android\Adb\1.0.31\adb.exe 2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe 2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2012-05-05 09:46 - 2012-04-06 14:37 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll 2014-03-26 14:23 - 2014-03-26 14:23 - 00799232 _____ () C:\Program Files (x86)\BirdieSync\BirdieSync.Lib\sqlite3.dll 2014-07-26 11:55 - 2014-07-26 11:55 - 00029696 _____ () C:\Program Files (x86)\BirdieSync\BirdieSync.Lib\QtSolutions_SingleApplication-head.dll 2016-05-23 20:12 - 2016-05-23 20:12 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll 2012-05-05 09:26 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-05 09:32 - 2012-03-23 10:47 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Temp:E50ECC81 [312] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\...\localhost -> localhost ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3938329548-1295178815-1076779813-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\v\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E67FB145-AAB0-4D1B-87F7-AD3F83A4832A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{164D7909-A597-4C06-948C-6AD7600F1D42}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{D3229C08-5D08-4223-81D8-2BD8E2A60138}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{C40598A6-AE11-48C4-9F3C-C2C603B79952}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe FirewallRules: [{79B5A820-D774-4F4D-B499-7F7ADD9B2E97}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe FirewallRules: [{AA191212-CA94-40D8-8523-1216C5BEBF9E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE FirewallRules: [{D30BF9DF-4355-4835-B43B-1C090C3BC332}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{3F67ED36-4021-4363-BED1-7635E00DCE11}] => (Allow) LPort=5900 FirewallRules: [{7BA0E2A6-33BA-458D-AFC1-E1A0D036B65C}] => (Allow) LPort=5800 FirewallRules: [{3EDAC5B8-0D42-4B10-8E11-EE1DBD398BAD}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe FirewallRules: [{69ECD759-A31A-47AD-A584-0177C70AF28D}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{5F427061-2E7A-4111-8936-9A35CF95AA31}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{A3919CF4-0384-4ED0-BB87-B9344D5CB5E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{2DCE622C-190F-4950-ACDB-1450941432B0}] => (Allow) C:\Windows\system32\lxeccoms.exe FirewallRules: [{0754CBE4-EF55-4CC6-BF0C-3B5E88731135}] => (Allow) C:\Users\v\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{2BB3953B-5606-4DE6-864E-2DE5DD0ED401}] => (Allow) C:\Users\v\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{5A52471D-A3CA-4DAD-A8AE-7C8F4C9A3C9E}C:\users\v\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\v\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{FEE398BB-0E36-44D2-A2D4-3B8F545A0459}C:\users\v\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\v\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{9FEF8E85-7C3F-4C51-9DFD-C3B50B1A4D81}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe FirewallRules: [{C5B53779-8020-4532-997F-E207AFCAB1F9}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{5F154EDA-B3E5-4C85-9991-24E73D21A25D}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{C86C8E0E-6E3A-4429-B17C-9998619AC8BD}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe FirewallRules: [{28E91494-8E97-40AC-A70A-759208536003}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe FirewallRules: [{47ECC2B9-E844-47F0-83DC-D5ACD28CBC77}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe FirewallRules: [{C925B30F-B0F9-4511-8355-F0DA4D347141}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe FirewallRules: [{7B96A420-63CC-419E-9C33-5E8F85D8DF50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D441DCBB-1D24-46C0-A0E0-ABB76DED9F7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A54D1FA1-F04D-4FE8-82E9-F2B0B80E6FEA}] => (Allow) C:\Program Files (x86)\BirdieSync\BirdieSync.exe FirewallRules: [{15AFAD8D-9CA6-4A82-A8F8-051B362714D4}] => (Allow) C:\Program Files (x86)\BirdieSync\BirdieSync.exe FirewallRules: [TCP Query User{F90AE816-883E-43E2-905A-A56E3183C52C}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Block) C:\program files (x86)\mozilla thunderbird\thunderbird.exe FirewallRules: [UDP Query User{0F58EDB2-1C6A-4BB2-9844-70ED36D20B5E}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Block) C:\program files (x86)\mozilla thunderbird\thunderbird.exe FirewallRules: [{CF235CE6-ADD4-4B2F-9315-EBD836917617}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{110958DB-D599-4A1F-A89A-0CD6D9621CFA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{4FA74B7F-913C-4136-8152-3F0CB94A9D75}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{69E4E919-D465-45A9-A513-87BE64BDA936}C:\users\v\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\v\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{87AF74C0-042D-4DC3-B441-1409B6331B8F}C:\users\v\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\v\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{96A02258-6E04-427E-9458-4DCAEB382660}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E70F4D63-E619-4AA7-8E47-0C5B5F03FF35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DDF016E9-AF5D-44EA-B767-06C69264CA8B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7AF5C0EE-6E07-4911-AC8E-B28E6C6B2662}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{922FB138-638C-43A9-9617-E4EAB73BBD1E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{4C3156D6-C9C3-46E1-AA8E-AA1F7414DF35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{AF9606CF-C757-4CAD-94E8-9D0C55B3849D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{499012ED-AB5D-416C-B14B-BBCE9F46D375}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{1BB3982B-BBE6-4E68-984E-708C44F357FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Wiederherstellungspunkte ========================= 22-06-2016 13:34:14 Windows Update 27-06-2016 18:29:57 Windows Update 03-07-2016 14:44:00 Windows Update 13-07-2016 17:26:00 OpenOffice 4.1.0 wird entfernt 14-07-2016 10:40:41 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/14/2016 03:21:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/14/2016 02:47:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 11:22:53 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 11:22:49 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 11:22:20 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 11:22:15 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 11:21:56 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/14/2016 10:55:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/14/2016 10:35:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/14/2016 10:17:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Systemfehler: ============= Error: (07/14/2016 11:25:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 = Der Treiber konnte nicht geladen werden. Error: (07/14/2016 11:25:48 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\v\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (07/14/2016 11:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 = Der Treiber konnte nicht geladen werden. Error: (07/14/2016 11:25:47 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\v\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (07/14/2016 11:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 = Der Treiber konnte nicht geladen werden. Error: (07/14/2016 11:25:47 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\v\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (07/14/2016 11:23:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 = Der Treiber konnte nicht geladen werden. Error: (07/14/2016 11:23:50 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\v\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (07/14/2016 11:23:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 = Der Treiber konnte nicht geladen werden. Error: (07/14/2016 11:23:50 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\v\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. CodeIntegrity: =================================== Date: 2014-09-30 20:01:03.798 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-30 20:01:03.798 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-30 20:01:03.782 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-30 20:01:03.751 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-30 20:01:03.751 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-30 20:01:03.751 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-19 09:48:28.383 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-19 09:48:28.378 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-19 09:48:28.364 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-09-19 09:48:28.362 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Prozentuale Nutzung des RAM: 51% Installierter physikalischer RAM: 6043.28 MB Verfügbarer physikalischer RAM: 2914.21 MB Summe virtueller Speicher: 12084.74 MB Verfügbarer virtueller Speicher: 8904.84 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:303.88 GB) (Free:145.71 GB) NTFS Drive d: (Daten) (Fixed) (Total:271.94 GB) (Free:118.37 GB) NTFS Drive e: (USB DISK) (Removable) (Total:3.73 GB) (Free:3.68 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 718136C1) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0C) ==================== Ende von Addition.txt ============================ So, das war's vorerst. Was nun? |
17.07.2016, 21:31 | #6 | |
/// TB-Ausbilder | Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Also ich bin mir auch 99.9% sicher das die beiden Funde legitim sind, du kannst beides mal bei Virustotal hochladen: Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Sieht ansonsten gut aus soweit.
__________________ --> Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... |
19.07.2016, 12:37 | #7 | |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch...Zitat:
Sorry, dass es etwas gedauert hat...sehr viel offline zu tun. Aber hier die Überprüfung der beiden: https://www.virustotal.com/de/file/b19acc639e2c8620e91f83c90d6789e6ff7f249f3429fcb431323b6e6eda2435/analysis/ https://www.virustotal.com/de/file/3a1cc4969d3ccc5cf5d726cd88b5d46582e9e433ef46457ad12a06f560e80131/analysis/ Geändert von starspawn (19.07.2016 um 12:40 Uhr) Grund: Verlinkung wollte nicht...daher doch einfach so reinkopiert... |
20.07.2016, 14:57 | #8 | |
/// TB-Ausbilder | Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch...Zitat:
Gabs dazu evtl. mal ne Meldung von Kaspersky ? Mach einfach den Fix und die Dateien werden gelöscht: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter "C:\Users\All Users\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" "C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Ansonsten sieht alles gut aus. Ist dir noch etwas aufgefallen, wird Werbung gezeigt oder Popups usw. ?
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
20.07.2016, 17:35 | #9 | |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch...Zitat:
Alles Weitere habe ich gemacht, hier der Inhalt vom Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-07-2016 durchgeführt von v (2016-07-20 18:26:09) Run:1 Gestartet von E:\FRST Geladene Profile: UpdatusUser & rk & v (Verfügbare Profile: UpdatusUser & rk & v) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** "C:\Users\All Users\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" "C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" ***************** Konnte nicht verschoben werden "C:\Users\All Users\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" => ist geplant bei Neustart verschoben zu werden. Konnte nicht verschoben werden "C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B" => ist geplant bei Neustart verschoben zu werden. Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 2016-07-20 18:28:54) C:\Users\All Users\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B => ist erfolgreich verschoben C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S-1-5-21-3938329548-1295178815-1076779813-1005\FireFox\cache2\entries\33CA2957D0141269371151A16B88E31F49B7937B => ist erfolgreich verschoben ==== Ende von Fixlog 18:28:54 ==== |
22.07.2016, 07:58 | #10 | ||||||||
/// TB-Ausbilder | Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Ok, dann sollte es so passen. Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank: Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
24.07.2016, 15:37 | #11 |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Hallo! Habe die Liste abgearbeitet...d.h. DelFix drüberlaufen lassen (der Rest war ja nicht drauf) und es schaut eigentlich ganz gut aus... allerdings lässt sich jetzt Windows nicht updaten! Ich update immer "halb" manuell, soll heißen: Windows gibt Bescheid, dass Updates da sind und ich bestätige die Aktualisierung. So kann ich ggf. unerwünschte Updates abwählen. Wenn ich das mache wie bisher und die Installation bestätige tut sich nichts mehr...d.h. der Balken, der den Fortschritt anzeigt bewegt sich in der Endlosschleife weiter und es steht auch nach einiger Zeit noch "0 KB" bzw. "0 % abgeschlossen" geschrieben; trotz Internet-Verbindung. Es geht hier aber nur um 6 Updates, also keine riesigen Datenmengen... Ideen? (Ansonsten schon mal vielen Dank, war alles sehr verständlich und lief ja auch ganz gut bis jetzt ) |
26.07.2016, 18:34 | #12 |
/// TB-Ausbilder | Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Mach mal: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter startbatch: netsh int ip reset netsh winsock reset endbatch: reboot: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Der Rechner startet dabei neu ! Versuch danach nochmal das Update
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
27.07.2016, 12:45 | #13 |
| Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... Done. Hier der Log: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-07-2016 durchgeführt von v (2016-07-27 08:47:55) Run:1 Gestartet von E:\FRST Geladene Profile: UpdatusUser & rk & v (Verfügbare Profile: UpdatusUser & rk & v) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** startbatch: netsh int ip reset netsh winsock reset endbatch: reboot: ***************** ========= Batch: ========= E:\FRST>netsh int ip reset Global wird zur�ckgesetzt, OK! Schnittstelle wird zur�ckgesetzt, OK! Starten Sie den Computer neu, um die Aktion abzuschlie�en. E:\FRST>netsh winsock reset Der Winsock-Katalog wurde zur�ckgesetzt. Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en. ========= Ende von Batch: ========= Das System musste neu gestartet werden. ==== Ende von Fixlog 08:47:57 ==== UPDATE: Okay, wenn man den Rechner einfach ewig zum Updates downloaden stehen lässt schafft er es tatsächlich irgendwann. Es dauert nur ein paar Stunden....o_O; Also scheint es zu gehen - mit diesem Vorbehalt... |
Themen zu Win 7 - Kaspersky erkannte Adposhel, da ist aber noch mehr im Busch... |
apnsetup.exe, aufsetzen, browser, einstellungen, explorer, firefox, google, helper, hintergrund, internet, internet explorer, kaspersky, löschen, malwarebytes, microsoft, mozilla, neustart, ordner, popups, programme, proxy, security, surfen, temp, warum, windows, wmi |