| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: IObit wird als Malware erkannt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.03.2017, 19:02
| #1 |
 |  IObit wird als Malware erkannt? Guten Abend  Nachdem Ihr mir vor einiger Zeit mal geholfen habt, einen DHL Trojaner loszuwerden, lasse ich ziemlich regelmäßig Malwarebytes drüber laufen. Nun habe ich mal wieder einen Fund, nachdem ich vor einiger Zeit den IOBIT Uninstaller installiert habe.  Ist das wirklich schädlich, dieses Tool? Ich finde es als "Laie" nämlich praktisch, daß es auch die Reste in der Registry löscht, die mit zu deinstallierenden Programmen noch zusammenhängen.... Desweiteren habe ich noch einen in die Quarantäne verschoben: PUP.Optional.AshampooRegistryCleaner Vielleicht können wir den dann auch gleich entsorgen. Oder reicht das, wenn ich den lösche? Vielen Dank im Voraus! Engelfee |
|
17.03.2017, 21:08
| #2 | |
| /// TB-Ausbilder   | IObit wird als Malware erkannt? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zitat:
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
18.03.2017, 19:17
| #3 |
| | IObit wird als Malware erkannt? Hallo Matthias,
__________________vielen Dank, daß Du mir helfen willst! Uns so schnell hatte ich mit Deiner Antwort gar nicht gerechnet Nu zu Deinen Logs: wenn ich in den entsprechenden Ordner von Malwarebytes gehe, gibt es einen Logordner, den ich aber nur mit Excel öffnen kann. Ich hab deshalb das Programm nochmal laufen lassen und kann nun folgendes anbieten: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.03.2017 Suchlaufzeit: 18:52 Protokolldatei: log 180317.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.03.18.05 Rootkit-Datenbank: v2017.03.11.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Traude Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 356560 Abgelaufene Zeit: 6 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 1 PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader, , [0677cefd26829e9801c0a77e54ae3ec2], Dateien: 1 PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Downloader.log, , [0677cefd26829e9801c0a77e54ae3ec2], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.03.2017 Suchlaufzeit: 07:46 Protokolldatei: log 110317.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.03.11.03 Rootkit-Datenbank: v2017.03.10.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Traude Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 354866 Abgelaufene Zeit: 7 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.AshampooRegistryCleaner, C:\ProgramData\ashampoo\ico_ashampoo_marketplace.ico, In Quarantäne, [d5eacff95a4ecb6b305801d07789669a], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 durchgeführt von Traude (Administrator) auf TRAUDE (18-03-2017 19:10:44) Gestartet von C:\Users\Traude\Desktop Geladene Profile: Traude (Verfügbare Profile: Traude) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Alexander Seeliger Software) C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe (Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2650576 2017-02-08] (Malwarebytes Corporation) HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [254776 2017-03-13] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [4774840 2016-05-23] (Greatis Software) HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Run: [RfxSrvTray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-11-16] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155976 2015-11-16] (NVIDIA Corporation) Lsa: [Notification Packages] DPPassFilter scecli ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.) Startup: C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-10-29] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.177.1 Tcpip\..\Interfaces\{0512DD7A-CFFA-45F7-98BE-6896EF174380}: [DhcpNameServer] 192.168.177.1 Internet Explorer: ================== HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.clustercoaching699.de/ SearchScopes: HKLM -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox SearchScopes: HKLM-x32 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2017-02-18] (IObit) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20] (Atheros Commnucations) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default [2017-03-18] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\htysxxqg.default -> Startpage HTTPS - Deutsch FF Homepage: Mozilla\Firefox\Profiles\htysxxqg.default -> hxxps://login.yahoo.com/config/login_verify2?.intl=de&.src=ym about:preferences FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> no_proxies_on", "localhost, 127.0.0.1, stealthy.co" FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> share_proxy_settings", true FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27] FF Extension: (ClipConverter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-08-28] FF Extension: (Add-on Compatibility Reporter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-11-23] FF Extension: (Ghostery) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\firefox@ghostery.com.xpi [2017-02-11] FF Extension: (ProxTube) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\ich@maltegoetz.de.xpi [2016-10-13] FF Extension: (Kein Name) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\nostmp [2011-10-26] [ist nicht signiert] FF Extension: (Photobucket Uploader) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\pbupload@photobucket.com.xpi [2016-04-27] FF Extension: (Screengrab (fix version)) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-12-10] FF Extension: (ColorfulTabs) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2017-03-14] FF Extension: (FlashGot) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01] FF Extension: (NoScript) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-17] FF Extension: (Video DownloadHelper) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30] FF Extension: (Fasterfox) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-04-27] FF Extension: (Adblock Plus) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml [2011-07-18] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\forestle-de.xml [2011-07-18] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-images.xml [2014-12-30] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-maps.xml [2014-12-30] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-scholar.xml [2011-07-18] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\startpage-https---deutsch.xml [2016-03-21] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml [2011-07-18] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml [2011-07-18] FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml [2011-07-18] FF ProfilePath: C:\Users\Traude\AppData\Roaming\KompoZer\Profiles\go9l27sd.default [2012-01-04] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-10-21] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension => nicht gefunden FF HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\extensions\cliqz@cliqz.com => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-16] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-03] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-16] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-12-02] (Nero AG) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\Traude\AppData\Local\Hola\firefox\app\vlc [Keine Datei] FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-29] (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll [2010-03-08] (Midasplayer Ltd) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-10] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-10] (Apple Inc.) ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-16] (Adobe Systems) [Datei ist nicht signiert] R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [Datei ist nicht signiert] R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [Datei ist nicht signiert] R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [263720 2017-03-13] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7197976 2017-03-13] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.) R2 Backup Service Home-Dienst; C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe [29696 2015-03-14] (Alexander Seeliger Software) [Datei ist nicht signiert] R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [87992 2016-05-10] (Greatis Software, LLC) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation) R2 KDService; C:\Program Files\KDService\bin\KDService.exe [441856 2013-10-24] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2017-02-18] (IObit) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [155600 2017-02-08] (Malwarebytes Corporation) S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation) R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166136 2017-03-13] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [311592 2017-03-13] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-03-13] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336920 2017-03-13] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-03-13] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-03-13] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [127584 2017-03-13] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [101624 2017-03-13] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76688 2017-03-13] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [994592 2017-03-13] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [549912 2017-03-13] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [163512 2017-03-13] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [338576 2017-03-14] (AVG Technologies CZ, s.r.o.) R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2016-06-23] (Dell Computer Corporation) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2016-06-23] (Dell Computer Corporation) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [77408 2017-02-08] () R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-18] (Malwarebytes) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299312 2015-11-16] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation) R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34392 2016-09-07] () R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] () R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] () R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-03-18 19:10 - 2017-03-18 19:11 - 00030817 _____ C:\Users\Traude\Desktop\FRST.txt 2017-03-18 19:09 - 2017-03-18 19:10 - 00000000 ____D C:\FRST 2017-03-18 18:59 - 2017-03-18 19:06 - 00000000 ____D C:\Users\Traude\Desktop\Malware-Logs 2017-03-18 18:57 - 2017-03-18 18:57 - 02424832 _____ (Farbar) C:\Users\Traude\Desktop\FRST64.exe 2017-03-16 07:07 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-16 07:07 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-16 07:07 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-16 07:07 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-16 07:07 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-16 07:07 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-16 07:07 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-03-16 07:07 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-16 07:07 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-16 06:56 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-16 06:56 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-16 06:56 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-03-16 06:56 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-03-16 06:56 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-03-16 06:56 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-16 06:56 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-03-16 06:56 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-03-16 06:56 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-03-16 06:56 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-16 06:56 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-03-16 06:56 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-03-16 06:56 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-16 06:56 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-03-16 06:56 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-03-16 06:56 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-03-16 06:56 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-16 06:56 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-16 06:56 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-03-16 06:56 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-03-16 06:56 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-16 06:56 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-03-16 06:56 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-03-16 06:56 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-03-16 06:56 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-03-16 06:56 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-16 06:56 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-03-16 06:56 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-16 06:56 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-03-16 06:56 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-16 06:56 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-16 06:56 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-03-16 06:56 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-16 06:56 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-16 06:56 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-16 06:56 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-16 06:56 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-16 06:56 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-03-16 06:56 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-03-16 06:56 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-16 06:56 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-03-16 06:56 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-03-16 06:56 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-16 06:56 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-16 06:56 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-03-16 06:56 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-03-16 06:56 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-03-16 06:56 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-03-16 06:56 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-16 06:56 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-03-16 06:56 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-03-16 06:56 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-03-16 06:56 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-03-16 06:56 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-03-16 06:56 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-16 06:56 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-16 06:56 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-03-16 06:56 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-16 06:56 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-16 06:56 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-16 06:56 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-16 06:56 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-03-16 06:56 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-16 06:56 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-16 06:56 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-16 06:56 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-16 06:56 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-16 06:56 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-16 06:56 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2017-03-16 06:56 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2017-03-16 06:56 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-16 06:56 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2017-03-16 06:56 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-16 06:56 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-16 06:56 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-16 06:56 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-16 06:56 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-16 06:56 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-03-16 06:56 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-03-16 06:56 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-03-16 06:56 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-03-16 06:56 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-03-16 06:56 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-03-16 06:56 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-03-16 06:56 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-03-16 06:56 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-03-16 06:56 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-16 06:56 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-03-16 06:56 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-03-16 06:56 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-03-16 06:56 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-16 06:56 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-16 06:56 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-03-16 06:56 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-03-16 06:56 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-03-16 06:56 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll 2017-03-16 06:56 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-03-16 06:56 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-03-16 06:56 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-03-16 06:56 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-03-16 06:56 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-03-16 06:56 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-03-16 06:56 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-16 06:56 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-16 06:56 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-16 06:56 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-16 06:56 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2017-03-16 06:56 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-16 06:56 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2017-03-16 06:56 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-16 06:56 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2017-03-16 06:56 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-16 06:56 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2017-03-16 06:56 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-16 06:56 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-13 07:18 - 2017-03-14 12:35 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgvmm.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgsp.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00399392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2017-03-13 07:18 - 2017-03-13 07:18 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys 2017-03-13 07:18 - 2017-03-13 07:18 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update 2017-03-13 07:18 - 2017-03-13 07:17 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2017-03-13 07:18 - 2017-03-13 07:17 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys 2017-03-13 07:18 - 2017-03-13 07:17 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys 2017-03-13 07:18 - 2017-03-13 07:17 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys 2017-03-13 07:18 - 2017-03-13 07:17 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys 2017-03-13 07:18 - 2017-03-13 07:17 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys 2017-03-04 12:38 - 2017-03-04 13:08 - 00000000 ____D C:\ProgramData\SupportAssistAgent 2017-03-04 12:38 - 2017-03-04 12:38 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate 2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398} 2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc 2017-03-04 12:37 - 2017-03-04 14:04 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2017-03-04 12:37 - 2017-03-04 12:37 - 00004026 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2017-03-04 12:37 - 2017-03-04 12:37 - 00003342 _____ C:\Windows\System32\Tasks\PCDDataUploadTask 2017-03-04 12:37 - 2017-03-04 12:37 - 00003216 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\Program Files\Dell Support Center 2017-03-04 12:36 - 2017-03-04 12:36 - 02219736 _____ (Dell Inc) C:\Users\Traude\Downloads\aulauncher.exe 2017-03-04 12:34 - 2017-03-04 12:34 - 13517824 _____ C:\Users\Traude\Downloads\SupportAssistx64.msi 2017-03-04 12:06 - 2017-03-04 14:04 - 00000000 ____D C:\ProgramData\PCDr 2017-03-04 12:06 - 2017-03-04 12:38 - 00000000 ____D C:\Users\Traude\AppData\Roaming\PCDr 2017-03-02 21:43 - 2017-03-15 19:31 - 00000000 ____D C:\Users\Traude\Documents\1a-Jörg 2017-02-18 21:44 - 2017-02-18 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-02-18 21:43 - 2017-02-18 21:44 - 00000000 ____D C:\Program Files\iTunes 2017-02-18 21:43 - 2017-02-18 21:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple Computer 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\iPod 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Bonjour 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Bonjour 2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-02-18 21:15 - 2017-02-18 21:15 - 00000000 ____D C:\Users\Traude\AppData\Roaming\ProductData 2017-02-18 21:14 - 2017-03-13 13:34 - 00000000 ____D C:\ProgramData\ProductData 2017-02-18 21:14 - 2017-02-18 21:26 - 00000000 ____D C:\ProgramData\IObit 2017-02-18 21:14 - 2017-02-18 21:14 - 00002888 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator 2017-02-18 21:14 - 2017-02-18 21:14 - 00001218 _____ C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2017-02-18 21:14 - 2017-02-18 21:14 - 00001194 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Users\Traude\AppData\Roaming\IObit 2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Program Files (x86)\IObit 2017-02-18 21:13 - 2017-02-18 21:13 - 12906784 _____ (IObit) C:\Users\Traude\Downloads\iobituninstaller.exe 2017-02-18 17:42 - 2017-02-18 21:17 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2017-02-18 17:35 - 2017-02-18 17:38 - 177092424 _____ (Apple Inc.) C:\Users\Traude\Downloads\iTunes6464Setup.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-03-18 19:03 - 2015-05-15 21:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-18 19:00 - 2011-10-26 15:06 - 00000000 ____D C:\Users\Traude\AppData\Local\CrashDumps 2017-03-18 18:43 - 2016-11-19 07:57 - 00000000 ____D C:\Users\Traude\AppData\LocalLow\Mozilla 2017-03-18 16:21 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-03-18 16:21 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-03-18 16:17 - 2010-11-21 07:50 - 00780482 _____ C:\Windows\system32\perfh007.dat 2017-03-18 16:17 - 2010-11-21 07:50 - 00179508 _____ C:\Windows\system32\perfc007.dat 2017-03-18 16:17 - 2009-07-14 06:13 - 01845602 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-18 16:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-03-18 16:13 - 2016-10-30 09:18 - 00983040 _____ C:\Users\Public\Documents\bootracer.his 2017-03-18 16:13 - 2016-10-30 09:16 - 00000422 _____ C:\Users\Public\Documents\bootracer.ini 2017-03-18 16:13 - 2016-10-30 09:16 - 00000000 ____D C:\ProgramData\BootRacer 2017-03-18 16:13 - 2016-10-30 09:16 - 00000000 ____D C:\Program Files (x86)\BootRacer 2017-03-18 16:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-18 07:50 - 2016-09-20 17:50 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-03-17 18:52 - 2015-05-18 14:47 - 00000000 ____D C:\Users\Traude\AppData\Roaming\KeePass 2017-03-17 17:38 - 2015-05-19 23:12 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2017-03-17 14:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-17 06:57 - 2009-07-14 05:45 - 00556656 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-16 18:34 - 2015-04-16 11:42 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-16 18:34 - 2014-05-06 18:26 - 00000000 ___SD C:\Windows\system32\CompatTel 2017-03-16 18:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker 2017-03-16 07:12 - 2013-08-14 07:40 - 00000000 ____D C:\Windows\system32\MRT 2017-03-16 07:09 - 2011-10-27 23:10 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-16 07:08 - 2013-03-13 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-15 16:08 - 2011-10-26 11:10 - 00000000 ____D C:\Users\Traude\AppData\Roaming\Audacity 2017-03-15 16:06 - 2011-11-01 09:45 - 00000000 ____D C:\Users\Traude\Documents\Questico 2017-03-13 13:42 - 2015-10-26 12:53 - 00000000 ____D C:\ProgramData\Avg 2017-03-13 13:33 - 2015-06-02 19:09 - 00000000 ____D C:\Users\Traude\AppData\Local\Avg 2017-03-13 13:33 - 2011-10-26 09:07 - 00000000 ____D C:\ProgramData\MFAData 2017-03-13 07:19 - 2015-10-26 13:02 - 00000000 ____D C:\Users\Traude\AppData\Roaming\AVG 2017-03-13 07:17 - 2015-10-26 12:52 - 00000000 ____D C:\Users\Traude\AppData\Local\AvgSetupLog 2017-03-13 07:16 - 2015-11-26 07:26 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk 2017-03-13 07:16 - 2011-10-26 09:08 - 00000000 ____D C:\Program Files (x86)\AVG 2017-03-12 08:31 - 2016-05-24 16:12 - 00000898 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2017-03-11 07:55 - 2012-01-28 08:56 - 00000000 ____D C:\ProgramData\ashampoo 2017-03-08 16:21 - 2016-07-27 15:19 - 00000000 ____D C:\Users\Traude\Documents\Testamentsvollstreckung 2017-03-05 20:54 - 2013-08-19 18:39 - 00000000 ____D C:\Users\Traude\AppData\Local\Audible 2017-03-04 12:38 - 2011-10-21 17:17 - 00000000 ____D C:\Program Files\Dell 2017-03-04 12:38 - 2011-10-21 17:09 - 00000000 ____D C:\Program Files (x86)\Dell 2017-03-04 12:37 - 2011-10-21 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2017-03-03 18:22 - 2016-12-11 16:21 - 00000000 ____D C:\Users\Traude\Desktop\Mietgesuche 2017-03-02 21:43 - 2014-03-19 21:48 - 00000000 ____D C:\Users\Traude\Documents\AaufräumenSpeichern Desktop 2017-02-23 16:10 - 2011-10-26 15:12 - 00000000 ____D C:\Users\Traude\Documents\Praxis 2017-02-23 15:07 - 2016-02-20 10:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-20 16:37 - 2015-05-18 15:22 - 00000000 ____D C:\Users\Traude\Documents\Sicherheit 2017-02-18 17:42 - 2014-02-05 21:13 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-02-16 12:57 - 2015-05-19 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2017-02-16 12:57 - 2015-05-19 23:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-11-17 11:26 - 2011-11-17 12:24 - 0038112 _____ () C:\Users\Traude\AppData\Roaming\Kommagetrennte Werte (DOS).ADR 2016-09-07 20:06 - 2016-09-07 20:06 - 0001181 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt 2016-09-07 20:06 - 2016-09-07 20:06 - 0000000 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2012-08-14 20:33 - 2012-08-14 20:33 - 0123959 _____ () C:\Users\Traude\AppData\Local\ars.cache 2012-08-14 20:34 - 2012-08-14 20:34 - 0893155 _____ () C:\Users\Traude\AppData\Local\census.cache 2011-11-27 12:19 - 2013-04-10 21:54 - 0008192 _____ () C:\Users\Traude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-06-26 06:18 - 2012-06-26 06:18 - 0033758 _____ () C:\Users\Traude\AppData\Local\dt.dat 2012-08-14 20:24 - 2012-08-14 20:24 - 0000036 _____ () C:\Users\Traude\AppData\Local\housecall.guid.cache 2011-11-07 13:19 - 2012-12-02 16:27 - 0007606 _____ () C:\Users\Traude\AppData\Local\Resmon.ResmonCfg 2011-11-08 18:10 - 2011-11-08 18:10 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Einige Dateien in TEMP: ==================== 2016-04-18 12:22 - 2016-03-23 15:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081356595972.exe 2016-05-31 17:47 - 2016-04-22 09:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081369225268.exe 2016-02-24 07:04 - 2016-01-12 16:23 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081416171258.exe 2016-06-24 16:23 - 2016-05-18 12:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081624092742.exe 2016-04-09 07:23 - 2016-02-18 12:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081845367172.exe 2016-07-27 12:01 - 2016-06-21 17:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081893819348.exe 2016-05-17 11:49 - 2016-04-14 16:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_082085062087.exe 2016-08-23 19:00 - 2016-07-20 13:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_08342509991.exe 2016-10-19 15:47 - 2016-10-19 15:47 - 2458672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Traude\AppData\Local\Temp\libeay32.dll 2016-10-19 15:47 - 2016-10-19 15:47 - 0970912 _____ (Microsoft Corporation) C:\Users\Traude\AppData\Local\Temp\msvcr120.dll 2016-10-19 15:47 - 2016-10-19 15:47 - 0772672 _____ () C:\Users\Traude\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2012-01-20 11:02 ==================== Ende von FRST.txt ============================ |
|
18.03.2017, 19:18
| #4 |
| | IObit wird als Malware erkannt? Hier die Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Traude (18-03-2017 19:11:15)
Gestartet von C:\Users\Traude\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-26 07:02:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2721480124-1926032340-2623985909-500 - Administrator - Disabled)
Gast (S-1-5-21-2721480124-1926032340-2623985909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2721480124-1926032340-2623985909-1003 - Limited - Enabled)
Traude (S-1-5-21-2721480124-1926032340-2623985909-1001 - Administrator - Enabled) => C:\Users\Traude
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.17 - STMicroelectronics)
Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2000174334.48.56.41298730 - Audible, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.2.3008 - AVG Technologies)
Backup Service Home 3.5.3 (HKLM-x32\...\{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1) (Version: 3.5.3.2 - Alexander Seeliger Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BootRacer (HKLM-x32\...\{AAF04580-CE8A-4C52-98B9-0394654BC5A9}) (Version: 6.0.0.407 - Greatis Software, LLC)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Business Contact Manager für Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
calibre 64bit (HKLM\...\{9B70C080-F90A-49EA-B8A4-3E4D7BDDA853}) (Version: 2.36.0 - Kovid Goyal)
Canon iP4200 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Data Vault (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
Dropbox (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
GDR 5520 für SQL Server 2008 (KB 2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
king.com (remove only) (HKLM-x32\...\king.com) (Version: - Midasplayer Ltd (king.com))
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Malwarebytes Anti-Exploit version 1.9.1.1334 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1334 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (HKLM-x32\...\{742D41A9-B3BF-3A65-806E-F8372FB3E492}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)
QuickSlide® Home & Business (HKLM-x32\...\{E4B98C7B-6850-4B52-819C-69FD9A3FC21B}) (Version: 1.113.4 - Strategy Compass)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SoundTap Streaming Audio-Recorder (HKLM-x32\...\SoundTap) (Version: 3.02 - NCH Software)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12189 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Validity Sensors DDK (HKLM\...\{10AAF056-7792-497A-ACAF-3BF002196574}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WISO Buchhaltung 2 (HKLM-x32\...\WISO Buchhaltung 2) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {20D86487-2013-4305-8334-C05F6F708A6A} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: {2A5597A6-ABD6-4A84-9A50-414667E7832D} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {2BD514D9-EE09-4942-8238-B4A8479A3F07} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {2CFBE6B6-5884-41BB-85E4-CFBBD457FCC2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-03-13] (AVG Technologies CZ, s.r.o.)
Task: {3083436A-97EB-4EFE-AE8D-945EF7C8562F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {32764461-1BE0-4CFF-8573-91AFC4846F1E} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {3BF1C568-8A50-4D17-AF4B-DBFB7C45C098} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {3F599757-8E06-403F-B099-100507B811A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-16] (Adobe Systems Incorporated)
Task: {47AB7541-0A6D-4EE9-A2B5-4FC9121A8C48} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {4EFC7342-5717-4321-B287-DDAA6E1E0191} - System32\Tasks\0414bUpdateInfo => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe [2014-04-09] ()
Task: {517BFF39-1267-41C8-BBBC-A46A37AAFB29} - System32\Tasks\{82E25D12-D1E3-4F67-BA8E-3399E26270E5} => pcalua.exe -a C:\Users\Traude\Downloads\Radiotracker_6_Special_Computerbild.de.exe -d C:\Users\Traude\Downloads
Task: {5D9E8CE5-6CBD-4D20-85D2-A682418A612E} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-02-18] (IObit)
Task: {651F8BA7-E9A7-45CB-B074-FD30488F3A41} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: {8611A45D-4A77-4FD1-A4C2-4348546408DE} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: {8C021EE7-3E8E-4364-90FC-B5B5B7F43D02} - System32\Tasks\0415avUpdateInfo => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: {8D5A0BAF-DBA1-45C4-A5BA-64360FDFCBC2} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {9BA98E42-3CBE-4579-AFEF-8526474D9598} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9EC1493A-A223-4846-8D6E-ACE018DA0BE5} - System32\Tasks\HP Officejet 6500 E710n-z.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HP Officejet 6500 E710n-z.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A0A9A05F-AE72-4250-8E61-4F02C10F2170} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A4EC09E3-00FC-4821-A880-5C06304FAB15} - System32\Tasks\FaxSetupWizard.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxSetupWizard.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AB504399-C8DA-4B7F-805F-8124B45860E5} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: {C6F51862-32FE-4A4C-BCC1-64EDD6680382} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: {C9C2CE16-D76E-42B6-BCFE-3F6CE3728C86} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: {DD647DBF-B51B-46B2-AA19-AD152A458AB9} - System32\Tasks\1214avUpdateInfo => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: {E758412B-B717-455E-9368-7EE0EF23E29C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {EB2B061B-C3DF-4564-84A9-2D8D11AC6E13} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.)
Task: {EBBAFB6B-6A70-46D8-91DE-A0AE7824EAB1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F6056EB5-8BC4-4A1B-9C15-D571959F3845} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\0116avzUpdateInfo.job => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0316avzUpdateInfo.job => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2721480124-1926032340-2623985909-1001Core1d0c14aa289cce6.job => C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Traude\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-27 08:05 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-02 16:20 - 2015-06-02 16:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-27 17:40 - 2011-01-28 20:18 - 01208560 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2011-10-21 18:19 - 2011-07-20 14:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-29 00:02 - 2013-06-03 12:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2017-03-13 07:17 - 2017-03-13 07:17 - 00163584 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00793640 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-03-17 17:52 - 2017-03-17 17:52 - 05885952 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17031704\algo.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00656040 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2015-11-20 21:05 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-28 12:55 - 2016-11-28 12:55 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2011-11-29 00:02 - 2013-06-03 12:06 - 09907712 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll
2011-11-29 00:02 - 2013-05-16 13:28 - 00242688 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger
2017-03-13 07:17 - 2017-03-13 07:17 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-05-14 18:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.177.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Traude^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Adobe Version Cue CS2 => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BackupServiceHome3Run => C:\Program Files (x86)\Alexosoft\Backup Service Home 3\Alexosoft.BackupService.MainApp.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DataCardMonitor => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\TrayApp.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HW_OPENEYE_OUC_T-Mobile Internet Manager => "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{24552CB8-D2D0-4A98-B3BE-07DD0E3DC53A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{0C0719E5-E684-4226-9E33-5E85FBF14F1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D0B947FF-971B-474F-9CD9-5DD8265572F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{80770A80-46B0-4E8D-9EB5-F1A6E56B5C4B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{2B8A644B-50E1-4255-B6D7-307BA311D504}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8232CE5E-66C2-4D7E-9FF9-3FD2DBA23D93}] => (Allow) LPort=2869
FirewallRules: [{2B5D4181-353B-4219-BB44-8809CDED1138}] => (Allow) LPort=1900
FirewallRules: [{C316FCD8-186F-4629-8260-FEF61E44CB52}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3DF06A5E-13B7-4CCB-85E4-889AFDBCF12E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{831B0B33-4C67-452C-94CF-94860BB106D4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{B5F4DD3E-CA13-45C1-9802-878F4A27CED4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{34858832-A0F9-40FB-BDB1-483D1BEA8D7D}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{E2681585-9C84-4B34-9AF7-EC8A1D8660E7}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4238EC06-874F-44AD-9FC7-8086AEF3A50F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{BEFF5E89-E588-471D-97AD-5D5C0AEA0DFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{9D086069-1DE2-4F95-BC6D-5FC579ACE394}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F0C07CF2-C034-40DD-B167-8CD811F786B4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{3F2F45D5-CCB8-4166-83A8-22FE1D8BF5E3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{919DB40C-4C28-4394-B356-94FBF9A808D8}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{B2829EF0-9777-4910-B7B0-C4294B6AAA29}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EB96B583-CE15-4F82-AFB8-9888FE81E542}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{A849370C-B1A3-4842-B543-D93A8501B681}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{246D22FE-B805-4CEE-BBD3-7710F1C210E8}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [{F0785DF7-7FE0-4914-9E0F-98EBFBF016A6}] => (Allow) LPort=5353
FirewallRules: [{0128A8BD-76FC-4AFA-89A4-C2F48CD1D4B2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9AA37D79-CE72-4F3B-8AF1-D19EB346D35B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{A33136C1-5717-4C49-A3FA-F001C983D9DB}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{BBF2F086-6E39-418B-A731-3424CD3A5931}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{B6B5C4CD-CA56-406F-9587-1AC63C6311E8}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{19CEC1D9-2722-4DE9-9B6C-DB1B8FD2E469}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{91A75A44-C75F-4C7C-9CA8-CDD0364CF785}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{20E1AAC5-3F86-4A4F-81AE-C003AF82ACF2}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{94FDBDAB-CD4D-4D90-B2D2-D269A7FBEE91}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{7500D163-5284-442D-8BA0-5CC17A5EE3C2}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{ED10ED38-8903-4FF7-8FFE-5EAE395543C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0FF34D6-3465-4888-A43C-9DFB6D1B2D7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98E27789-53C7-491E-B04C-3C39098F7F86}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{0F4AE8E4-E73E-4CB2-A4BD-5A55EF49D9DE}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{E742269F-472D-4CF1-AA39-EC7754D495F4}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{5A086E20-3C42-43D4-BB89-79DCC9A192D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1456411F-26C7-4B39-8F9C-D24B4E3A53E4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9026CB27-9A63-42A7-9859-91121FB01CA4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3D5AF432-24C2-441A-94D3-83C3D918B297}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{64BBA564-6B64-44B0-949B-9E11EB42DCD4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{582732F3-521A-458C-808E-719A2B03D169}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A5ACCA1E-88F4-4258-962B-8A7D9844EF4C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{4A27FEA7-E66B-4E3D-B752-5EFC85240EC0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B14A0AF7-B02E-4643-AE3C-CB94C1FA1781}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{83222B37-73E0-4444-9811-52433A1C7A12}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{43ACFD01-5E4C-45D5-BEFC-CD9A5DDB82F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79EBD6B7-8AE7-4EB2-8B00-738B3551F608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12992321-48C2-4887-BD53-6823B06B2359}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A3A563EC-2FD6-40E1-9420-FFE93792DC30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A35EC85-C06E-435E-B8E0-656592C9E272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{67789EF0-192A-43B5-89B5-AECE3552FE95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1C096973-E374-4B11-A4DD-9223335E0022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AAFEC492-365D-42C1-B32C-167D9A628745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECD259E3-AE26-415B-BD58-36C56816C6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9F6A9E4-C939-4CA6-890F-8EDB7018EBDB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{66605E5C-0066-4342-AB66-BBAD7B296E8C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{7DBB20F1-6B03-4758-BA41-79B57B0E87FB}] => (Allow) LPort=3702
FirewallRules: [{8F5F19C1-C715-4180-B91F-FE5CA594B537}] => (Allow) LPort=9244
FirewallRules: [{301A239F-A0B9-44DC-80EC-8E09B74ED85B}] => (Allow) LPort=3702
FirewallRules: [{26068542-29E7-4C3B-808B-06D8AC8B31C1}] => (Allow) LPort=9244
FirewallRules: [{067222A9-F4FD-43DF-ABA4-0E81A9D09F97}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{37D0E031-B371-45D3-A2B9-D0FDE497C5E1}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{B8743A74-EBD6-4ECF-BE6F-DD69000F1F96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB18389F-4745-47F8-A89C-639418769D3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E54CC96-1D8C-4650-8619-553534100FD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7C6238E-CEA6-481D-A4C7-E3E4A47757A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC898EE7-4072-4177-A7F8-AF8603A76DFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
02-03-2017 22:19:28 Geplanter Prüfpunkt
04-03-2017 12:32:44 IObit Uninstaller restore point
04-03-2017 14:00:21 nach neuer PC-Doctor-Software-Version
12-03-2017 10:42:41 Geplanter Prüfpunkt
13-03-2017 07:19:52 Removed AVG
13-03-2017 07:20:24 Removed AVG 2016
16-03-2017 07:07:28 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/18/2017 07:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.173.0, Zeitstempel: 0x56e065b4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x37cbf820
ID des fehlerhaften Prozesses: 0x1ea4
Startzeit der fehlerhaften Anwendung: 0x01d2a00fe3084e0b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d48b09f3-0c04-11e7-9031-60d819221d02
Error: (03/18/2017 04:13:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 04:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/18/2017 04:13:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/18/2017 12:10:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 07:35:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/17/2017 01:51:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/17/2017 01:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/17/2017 01:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/17/2017 06:57:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (03/18/2017 04:13:29 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/18/2017 12:10:42 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/18/2017 07:35:07 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/17/2017 01:50:54 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/17/2017 06:57:14 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/16/2017 06:48:19 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/15/2017 06:18:34 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/15/2017 01:18:27 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/15/2017 06:38:13 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
Error: (03/14/2017 08:13:57 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147549183.
CodeIntegrity:
===================================
Date: 2015-05-14 19:58:00.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-14 19:58:00.710
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 18:10:40.527
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.347
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.267
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:39.967
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 17:17:24.984
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3990.17 MB
Verfügbarer physikalischer RAM: 1122.41 MB
Summe virtueller Speicher: 7978.52 MB
Verfügbarer virtueller Speicher: 4847.06 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:444.27 GB) (Free:127.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=444.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
18.03.2017, 19:31
| #5 |
| | IObit wird als Malware erkannt? So, TDSS hat was gefunden - hier das file: Code:
ATTFilter 19:20:30.0561 0x1f40 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:21:04.0969 0x1f40 ============================================================
19:21:04.0969 0x1f40 Current date / time: 2017/03/18 19:21:04.0969
19:21:04.0969 0x1f40 SystemInfo:
19:21:04.0969 0x1f40
19:21:04.0969 0x1f40 OS Version: 6.1.7601 ServicePack: 1.0
19:21:04.0969 0x1f40 Product type: Workstation
19:21:04.0970 0x1f40 ComputerName: TRAUDE
19:21:04.0970 0x1f40 UserName: Traude
19:21:04.0970 0x1f40 Windows directory: C:\Windows
19:21:04.0970 0x1f40 System windows directory: C:\Windows
19:21:04.0970 0x1f40 Running under WOW64
19:21:04.0970 0x1f40 Processor architecture: Intel x64
19:21:04.0970 0x1f40 Number of processors: 8
19:21:04.0970 0x1f40 Page size: 0x1000
19:21:04.0970 0x1f40 Boot type: Normal boot
19:21:04.0970 0x1f40 CodeIntegrityOptions = 0x00000001
19:21:04.0970 0x1f40 ============================================================
19:21:05.0079 0x1f40 KLMD registered as C:\Windows\system32\drivers\23971953.sys
19:21:05.0079 0x1f40 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23677, osProperties = 0x1
19:21:05.0344 0x1f40 System UUID: {09CB10E9-28A7-BDBC-D2A0-52C1F2DDF1A3}
19:21:05.0740 0x1f40 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:21:05.0751 0x1f40 ============================================================
19:21:05.0751 0x1f40 \Device\Harddisk0\DR0:
19:21:05.0751 0x1f40 MBR partitions:
19:21:05.0752 0x1f40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2AC6000
19:21:05.0752 0x1f40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2AFA000, BlocksNum 0x3788B830
19:21:05.0752 0x1f40 ============================================================
19:21:05.0752 0x1f40 C: <-> \Device\Harddisk0\DR0\Partition2
19:21:05.0753 0x1f40 ============================================================
19:21:05.0753 0x1f40 Initialize success
19:21:05.0753 0x1f40 ============================================================
19:21:17.0854 0x1d00 ============================================================
19:21:17.0854 0x1d00 Scan started
19:21:17.0854 0x1d00 Mode: Manual;
19:21:17.0854 0x1d00 ============================================================
19:21:17.0854 0x1d00 KSN ping started
19:21:18.0010 0x1d00 KSN ping finished: true
19:21:18.0197 0x1d00 ================ Scan system memory ========================
19:21:18.0197 0x1d00 System memory - ok
19:21:18.0197 0x1d00 ================ Scan services =============================
19:21:18.0228 0x1d00 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:21:18.0228 0x1d00 1394ohci - ok
19:21:18.0244 0x1d00 [ AEDB94A49236F5FF060C90E09E70281F, 111ADF5A4B19A31A86DD9D62F06C065B983A11E3286BA973D0080FBB38D2E514 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
19:21:18.0244 0x1d00 Acceler - ok
19:21:18.0260 0x1d00 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:21:18.0275 0x1d00 ACPI - ok
19:21:18.0275 0x1d00 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:21:18.0275 0x1d00 AcpiPmi - ok
19:21:18.0306 0x1d00 [ 2C92197076820FC13BC1D3A93DAB76FC, 5775E3EC0E0E371216FAE527F8363ECFCF600816F3DAFB5CA545BB915E327D66 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
19:21:18.0322 0x1d00 AcrSch2Svc - ok
19:21:18.0338 0x1d00 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:21:18.0338 0x1d00 Adobe LM Service - ok
19:21:18.0338 0x1d00 [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
19:21:18.0353 0x1d00 Adobe Version Cue CS2 - ok
19:21:18.0353 0x1d00 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:21:18.0353 0x1d00 AdobeARMservice - ok
19:21:18.0384 0x1d00 [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:18.0384 0x1d00 AdobeFlashPlayerUpdateSvc - ok
19:21:18.0400 0x1d00 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:21:18.0416 0x1d00 adp94xx - ok
19:21:18.0416 0x1d00 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:21:18.0431 0x1d00 adpahci - ok
19:21:18.0431 0x1d00 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:21:18.0447 0x1d00 adpu320 - ok
19:21:18.0447 0x1d00 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:21:18.0447 0x1d00 AeLookupSvc - ok
19:21:18.0462 0x1d00 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:21:18.0462 0x1d00 AERTFilters - ok
19:21:18.0478 0x1d00 [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
19:21:18.0478 0x1d00 afcdp - ok
19:21:18.0556 0x1d00 [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
19:21:18.0618 0x1d00 afcdpsrv - ok
19:21:18.0634 0x1d00 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:21:18.0650 0x1d00 AFD - ok
19:21:18.0650 0x1d00 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:21:18.0665 0x1d00 agp440 - ok
19:21:18.0665 0x1d00 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:21:18.0665 0x1d00 ALG - ok
19:21:18.0665 0x1d00 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:21:18.0665 0x1d00 aliide - ok
19:21:18.0681 0x1d00 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:21:18.0681 0x1d00 amdide - ok
19:21:18.0681 0x1d00 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:21:18.0681 0x1d00 AmdK8 - ok
19:21:18.0681 0x1d00 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:21:18.0681 0x1d00 AmdPPM - ok
19:21:18.0696 0x1d00 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:21:18.0696 0x1d00 amdsata - ok
19:21:18.0696 0x1d00 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:21:18.0712 0x1d00 amdsbs - ok
19:21:18.0712 0x1d00 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:21:18.0712 0x1d00 amdxata - ok
19:21:18.0728 0x1d00 [ 6690E42CED5D067233ABAD42DA141213, 7FECA42624513E6C3216E91F708E97101CCFC252F925A3707EA8560D8059CBE3 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:21:18.0728 0x1d00 ApfiltrService - ok
19:21:18.0743 0x1d00 [ B84DDCCB03A9CEDC1E90A88EDA5306DB, 1E51A7336C7E3F6402ED90AB0B3E98FD3827E2DC51B133E7F8BB37140B315192 ] AppID C:\Windows\system32\drivers\appid.sys
19:21:18.0743 0x1d00 AppID - ok
19:21:18.0743 0x1d00 [ 02B60F8FA4BAB8DC3B14782A7E60564B, D7EB27CB202573734D7A4EB4667B9BCEC1598AA9EBD154F2C9266AF230F51A52 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:21:18.0743 0x1d00 AppIDSvc - ok
19:21:18.0743 0x1d00 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
19:21:18.0759 0x1d00 Appinfo - ok
19:21:18.0759 0x1d00 [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:18.0759 0x1d00 Apple Mobile Device Service - ok
19:21:18.0774 0x1d00 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
19:21:18.0774 0x1d00 AppMgmt - ok
19:21:18.0774 0x1d00 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:21:18.0774 0x1d00 arc - ok
19:21:18.0790 0x1d00 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:21:18.0790 0x1d00 arcsas - ok
19:21:18.0806 0x1d00 [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:21:18.0806 0x1d00 aspnet_state - ok
19:21:18.0806 0x1d00 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:18.0806 0x1d00 AsyncMac - ok
19:21:18.0821 0x1d00 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:21:18.0821 0x1d00 atapi - ok
19:21:18.0821 0x1d00 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:21:18.0821 0x1d00 AthBTPort - ok
19:21:18.0821 0x1d00 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
19:21:18.0837 0x1d00 Atheros Bt&Wlan Coex Agent - ok
19:21:18.0837 0x1d00 [ 44FB485B94A8332D877F659366CEDBC8, 4CCA7D7FB3E7DEB8977B070C6BBC8315F2DB9FE66ADCB8A6A355A0C138EC6463 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
19:21:18.0837 0x1d00 AtherosSvc - ok
19:21:18.0899 0x1d00 [ 5493ED5D300AFC7A9A0A87FCA08E5381, 654869EB4D295317921BC3855D4FE5D3FE6031DC7655EA1805347DA8E5177FFA ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:21:18.0946 0x1d00 athr - ok
19:21:18.0977 0x1d00 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:18.0993 0x1d00 AudioEndpointBuilder - ok
19:21:19.0008 0x1d00 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:21:19.0024 0x1d00 AudioSrv - ok
19:21:19.0024 0x1d00 [ EB56AB5226BE8B634C084E0853356789, 2BB68E537D72AA9D08A69161B27129BB63D197A4F3F892CD2C19435EB0D2B1D9 ] AVG Antivirus C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
19:21:19.0040 0x1d00 AVG Antivirus - ok
19:21:19.0040 0x1d00 [ E387C5228ACA2AB16690788CF0A40DA2, 80367AEE884A776623A183943E14D5DD90C4ABDCDA9E6948F681D40123DFB57A ] avgbdisk C:\Windows\system32\drivers\avgbdiska.sys
19:21:19.0055 0x1d00 avgbdisk - ok
19:21:19.0227 0x1d00 [ 5A9E72C28F3165D4D087BA3399C8E298, F32933E74E3AC97FA5B3E50FB3054B7F2AA2B3BDBFBB65064F9E467928E2335D ] avgbIDSAgent C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
19:21:19.0352 0x1d00 avgbIDSAgent - ok
19:21:19.0383 0x1d00 [ 99EFE411CD3BBC244D80BF9BDDCD20BD, 6094A5C9AE55B6B74FBCF65A8B60E43072AFE2B4C8E16412EFE7D0276EE0DD25 ] avgbidsdriver C:\Windows\system32\drivers\avgbidsdrivera.sys
19:21:19.0383 0x1d00 avgbidsdriver - ok
19:21:19.0398 0x1d00 [ 185EE4B5477026A7A76FD4AF278274E7, 0E06D8D0C378F9561D1A547BD14F9BD0A2542016BA55FF06D09E959F966ED04B ] avgbidsh C:\Windows\system32\drivers\avgbidsha.sys
19:21:19.0398 0x1d00 avgbidsh - ok
19:21:19.0414 0x1d00 [ F0EF5B8656D02C92074BB96A24351EE7, 81A331061CD31E846473415F2D5165235D022C6AF365A64DFAE9A7C320605B3E ] avgblog C:\Windows\system32\drivers\avgbloga.sys
19:21:19.0414 0x1d00 avgblog - ok
19:21:19.0414 0x1d00 [ 6F580D3E31D83CAC63B06F5BB092583D, 00F95FDC736F8F5401BAD6D047079C87BF6DA105C0257C36C02EC1DF95628DE8 ] avgbuniv C:\Windows\system32\drivers\avgbuniva.sys
19:21:19.0414 0x1d00 avgbuniv - ok
19:21:19.0430 0x1d00 [ 7A3061BD3B5A5E289EC70152D25AED93, D58367406400485DA17BB51A2A7DB09323D78314AE4285B8B327ED644E846EEF ] avgHwid C:\Windows\system32\drivers\avgHwid.sys
19:21:19.0430 0x1d00 avgHwid - ok
19:21:19.0430 0x1d00 [ 9A174F0D8078BE8B58A957B71EA54386, 065865012BB524C35A03A4E9C7E6BAD0869ED73D0C3CB3DA3F8AFE0FAAC2848B ] avgMonFlt C:\Windows\system32\drivers\avgMonFlt.sys
19:21:19.0430 0x1d00 avgMonFlt - ok
19:21:19.0445 0x1d00 [ 9EF290906C72E024D5B6704634D8E945, 40ECB3359B6D2E746FF17131CC086E616B5AC452496A755A2843C4F5B10C3264 ] avgRdr C:\Windows\system32\drivers\avgRdr2.sys
19:21:19.0445 0x1d00 avgRdr - ok
19:21:19.0445 0x1d00 [ DD9399F2556BE15FB7A4CF20FE529A78, 2DE6EE84D8CE2335CB983FE0AFEE60D75738FDA3881D333035F11391FCB3AAA4 ] avgRvrt C:\Windows\system32\drivers\avgRvrt.sys
19:21:19.0445 0x1d00 avgRvrt - ok
19:21:19.0476 0x1d00 [ ABF8F16E2AF6D89CE5CBAE4178A91DA2, E532376782CF79F93002261658CD7326B1B83DD54554750DA8E5016F5E42A9EA ] avgSnx C:\Windows\system32\drivers\avgSnx.sys
19:21:19.0492 0x1d00 avgSnx - ok
19:21:19.0508 0x1d00 [ C67B1C3B5DF55A5CFA5766B8A63AF6C1, B12EB7C577565EBBA95F09F7B88DA473BBCCBFEB20B92C70A88E79F2A53BBD08 ] avgSP C:\Windows\system32\drivers\avgSP.sys
19:21:19.0523 0x1d00 avgSP - ok
19:21:19.0523 0x1d00 [ 301B4E533FE6B3BAB8642BE628BF65A8, 84032EF2F0DD620DE1DF0EC60ACB45ABFFED3CF43F8C947F888BEA17E18C4D9F ] avgStm C:\Windows\system32\drivers\avgStm.sys
19:21:19.0539 0x1d00 avgStm - ok
19:21:19.0570 0x1d00 [ BC1D6B5C68920EAF9FC9B77AC1F12626, 9D8C30C648F752FB230BD1D7193B7049C184697A8F5B19B72A9D73D06EEB28B4 ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
19:21:19.0586 0x1d00 avgsvc - ok
19:21:19.0601 0x1d00 [ 160DDFA2AF51C16EB2580B1F00F5381B, C3D10A9F39CC33495A07164808C2FB423BE0371AB40E88FA3A213CC7D16454D0 ] avgVmm C:\Windows\system32\drivers\avgVmm.sys
19:21:19.0601 0x1d00 avgVmm - ok
19:21:19.0617 0x1d00 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:21:19.0617 0x1d00 AxInstSV - ok
19:21:19.0632 0x1d00 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:21:19.0632 0x1d00 b06bdrv - ok
19:21:19.0648 0x1d00 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:21:19.0648 0x1d00 b57nd60a - ok
19:21:19.0664 0x1d00 [ EFA2CB48C41C7732F7770DABD88176D4, F32BA01E22381F60DF81A1A508064233096ADAA9DCB99C38992A25BF15A1A8D1 ] Backup Service Home-Dienst C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe
19:21:19.0664 0x1d00 Backup Service Home-Dienst - ok
19:21:19.0664 0x1d00 [ 2E552B658273B90251E0441631DE2CA3, EE6D42A9D95E8D53B5DBF9A3F195C63505CCB9C59C63E4BF7014CDC528217723 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:21:19.0664 0x1d00 BcmSqlStartupSvc - ok
19:21:19.0679 0x1d00 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:21:19.0679 0x1d00 BDESVC - ok
19:21:19.0679 0x1d00 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:21:19.0679 0x1d00 Beep - ok
19:21:19.0695 0x1d00 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:21:19.0710 0x1d00 BFE - ok
19:21:19.0742 0x1d00 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:21:19.0757 0x1d00 BITS - ok
19:21:19.0757 0x1d00 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:21:19.0757 0x1d00 blbdrive - ok
19:21:19.0773 0x1d00 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:21:19.0788 0x1d00 Bonjour Service - ok
19:21:19.0788 0x1d00 [ 21181E0CE0117A6432BF1010A554D76C, D19EB796B340CC95E9EEB38077913C5F060936D9E584A6C6378903952FF653CC ] BootRacerServ C:\Program Files (x86)\BootRacer\BootRacerServ.exe
19:21:19.0788 0x1d00 BootRacerServ - ok
19:21:19.0804 0x1d00 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:21:19.0804 0x1d00 bowser - ok
19:21:19.0804 0x1d00 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:21:19.0804 0x1d00 BrFiltLo - ok
19:21:19.0804 0x1d00 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:21:19.0804 0x1d00 BrFiltUp - ok
19:21:19.0820 0x1d00 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:21:19.0820 0x1d00 BridgeMP - ok
19:21:19.0820 0x1d00 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:21:19.0835 0x1d00 Browser - ok
19:21:19.0835 0x1d00 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:21:19.0851 0x1d00 Brserid - ok
19:21:19.0851 0x1d00 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:21:19.0851 0x1d00 BrSerWdm - ok
19:21:19.0851 0x1d00 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:21:19.0851 0x1d00 BrUsbMdm - ok
19:21:19.0851 0x1d00 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:21:19.0866 0x1d00 BrUsbSer - ok
19:21:19.0866 0x1d00 [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:21:19.0882 0x1d00 BTATH_A2DP - ok
19:21:19.0882 0x1d00 [ A9DF22429E8D69ED849B0BBBE16BD327, 853A2F34EDBE62889769B6B75B50A6E57971279EAF3936E03EF46D311B5483C5 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:21:19.0882 0x1d00 BTATH_BUS - ok
19:21:19.0882 0x1d00 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:21:19.0898 0x1d00 BTATH_HCRP - ok
19:21:19.0898 0x1d00 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:21:19.0898 0x1d00 BTATH_LWFLT - ok
19:21:19.0913 0x1d00 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:21:19.0913 0x1d00 BTATH_RCP - ok
19:21:19.0913 0x1d00 [ FF59EE1DDAC776246F43BF434194650F, 1033E459007BBC85623236AC538BBC8B7D5A718F40E501996FE5508B1116B103 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:21:19.0929 0x1d00 BtFilter - ok
19:21:19.0929 0x1d00 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:21:19.0929 0x1d00 BthEnum - ok
19:21:19.0944 0x1d00 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:21:19.0944 0x1d00 BTHMODEM - ok
19:21:19.0944 0x1d00 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:21:19.0944 0x1d00 BthPan - ok
19:21:19.0960 0x1d00 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:21:19.0976 0x1d00 BTHPORT - ok
19:21:19.0976 0x1d00 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:21:19.0976 0x1d00 bthserv - ok
19:21:19.0991 0x1d00 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:21:19.0991 0x1d00 BTHUSB - ok
19:21:19.0991 0x1d00 catchme - ok
19:21:20.0007 0x1d00 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:21:20.0007 0x1d00 cdfs - ok
19:21:20.0007 0x1d00 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:21:20.0007 0x1d00 cdrom - ok
19:21:20.0022 0x1d00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:21:20.0022 0x1d00 CertPropSvc - ok
19:21:20.0022 0x1d00 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:21:20.0022 0x1d00 circlass - ok
19:21:20.0038 0x1d00 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
19:21:20.0038 0x1d00 CLFS - ok
19:21:20.0054 0x1d00 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:20.0054 0x1d00 clr_optimization_v2.0.50727_32 - ok
19:21:20.0054 0x1d00 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:21:20.0069 0x1d00 clr_optimization_v2.0.50727_64 - ok
19:21:20.0069 0x1d00 [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:20.0069 0x1d00 clr_optimization_v4.0.30319_32 - ok
19:21:20.0085 0x1d00 [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:21:20.0085 0x1d00 clr_optimization_v4.0.30319_64 - ok
19:21:20.0085 0x1d00 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:20.0085 0x1d00 CmBatt - ok
19:21:20.0085 0x1d00 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:21:20.0100 0x1d00 cmdide - ok
19:21:20.0100 0x1d00 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
19:21:20.0116 0x1d00 CNG - ok
19:21:20.0116 0x1d00 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:21:20.0116 0x1d00 Compbatt - ok
19:21:20.0132 0x1d00 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:21:20.0132 0x1d00 CompositeBus - ok
19:21:20.0132 0x1d00 COMSysApp - ok
19:21:20.0132 0x1d00 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:21:20.0132 0x1d00 crcdisk - ok
19:21:20.0147 0x1d00 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:21:20.0147 0x1d00 CryptSvc - ok
19:21:20.0163 0x1d00 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
19:21:20.0178 0x1d00 CSC - ok
19:21:20.0194 0x1d00 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
19:21:20.0210 0x1d00 CscService - ok
19:21:20.0210 0x1d00 [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:21:20.0225 0x1d00 CtClsFlt - ok
19:21:20.0241 0x1d00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:21:20.0241 0x1d00 DcomLaunch - ok
19:21:20.0256 0x1d00 [ 3802CBF4BDDE6F99974B27EE1782E5F9, 51562209E16A1C0247D73D7BFC8827AE4A2E57AF11350379A8FBA1EC44E56E54 ] DDDriver C:\Windows\system32\drivers\DDDriver64Dcsa.sys
19:21:20.0256 0x1d00 DDDriver - ok
19:21:20.0256 0x1d00 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:21:20.0272 0x1d00 defragsvc - ok
19:21:20.0319 0x1d00 [ 19C5F4EBA0B9670A923EEDCD97526B3A, 6D02BC69FD8D2099098255C7776E90FD98CAB343473D92238CB5F7DE9B080A89 ] DellDataVault C:\Program Files\Dell\DellDataVault\DellDataVault.exe
19:21:20.0366 0x1d00 DellDataVault - ok
19:21:20.0381 0x1d00 [ 5F57C0E23FB5FC5F3DDE5ACAF5D299D7, 381EB4B54B77CA061AFA484F5BF98B2518D3C7FD54406631C6C7F43E3132C4A3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
19:21:20.0381 0x1d00 DellDataVaultWiz - ok
19:21:20.0397 0x1d00 [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf C:\Windows\system32\drivers\DellProf.sys
19:21:20.0397 0x1d00 DellProf - ok
19:21:20.0397 0x1d00 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:21:20.0397 0x1d00 DfsC - ok
19:21:20.0412 0x1d00 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:21:20.0412 0x1d00 Dhcp - ok
19:21:20.0444 0x1d00 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
19:21:20.0475 0x1d00 DiagTrack - ok
19:21:20.0475 0x1d00 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:21:20.0475 0x1d00 discache - ok
19:21:20.0490 0x1d00 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:21:20.0490 0x1d00 Disk - ok
19:21:20.0490 0x1d00 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:21:20.0490 0x1d00 dmvsc - ok
19:21:20.0506 0x1d00 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:21:20.0506 0x1d00 Dnscache - ok
19:21:20.0522 0x1d00 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:21:20.0522 0x1d00 dot3svc - ok
19:21:20.0522 0x1d00 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:21:20.0537 0x1d00 dot4 - ok
19:21:20.0537 0x1d00 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:21:20.0537 0x1d00 Dot4Print - ok
19:21:20.0537 0x1d00 [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
19:21:20.0537 0x1d00 Dot4Scan - ok
19:21:20.0553 0x1d00 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:21:20.0553 0x1d00 dot4usb - ok
19:21:20.0553 0x1d00 [ C43618154FC0C8480F53B04BA7A2F371, 400FFAF385030DBAC4D8EF6A5A88B1FCA52BE7BE5430069C99E56DED3471E7A6 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
19:21:20.0568 0x1d00 DpHost - ok
19:21:20.0584 0x1d00 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:21:20.0584 0x1d00 DPS - ok
19:21:20.0584 0x1d00 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:21:20.0584 0x1d00 drmkaud - ok
19:21:20.0615 0x1d00 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:21:20.0631 0x1d00 DXGKrnl - ok
19:21:20.0631 0x1d00 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:21:20.0646 0x1d00 EapHost - ok
19:21:20.0709 0x1d00 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:21:20.0771 0x1d00 ebdrv - ok
19:21:20.0787 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] EFS C:\Windows\System32\lsass.exe
19:21:20.0787 0x1d00 EFS - ok
19:21:20.0802 0x1d00 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:21:20.0818 0x1d00 ehRecvr - ok
19:21:20.0818 0x1d00 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:21:20.0818 0x1d00 ehSched - ok
19:21:20.0834 0x1d00 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:21:20.0849 0x1d00 elxstor - ok
19:21:20.0849 0x1d00 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:21:20.0849 0x1d00 ErrDev - ok
19:21:20.0865 0x1d00 [ 309FF80375E789534B31391C062F0C97, 0AF13C1346B45077ABBEDE24FBB8365B73D291B5959690DA2FD1FB5126D76508 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
19:21:20.0865 0x1d00 ESProtectionDriver - ok
19:21:20.0880 0x1d00 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:21:20.0880 0x1d00 EventSystem - ok
19:21:20.0896 0x1d00 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:21:20.0896 0x1d00 exfat - ok
19:21:20.0912 0x1d00 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:21:20.0912 0x1d00 fastfat - ok
19:21:20.0927 0x1d00 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:21:20.0943 0x1d00 Fax - ok
19:21:20.0943 0x1d00 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:21:20.0958 0x1d00 fdc - ok
19:21:20.0958 0x1d00 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:21:20.0958 0x1d00 fdPHost - ok
19:21:20.0958 0x1d00 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:21:20.0958 0x1d00 FDResPub - ok
19:21:20.0974 0x1d00 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:21:20.0974 0x1d00 FileInfo - ok
19:21:20.0974 0x1d00 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:21:20.0974 0x1d00 Filetrace - ok
19:21:20.0990 0x1d00 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:21:21.0005 0x1d00 FLEXnet Licensing Service - ok
19:21:21.0021 0x1d00 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:21:21.0021 0x1d00 flpydisk - ok
19:21:21.0021 0x1d00 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:21:21.0036 0x1d00 FltMgr - ok
19:21:21.0052 0x1d00 [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache C:\Windows\system32\FntCache.dll
19:21:21.0083 0x1d00 FontCache - ok
19:21:21.0083 0x1d00 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:21:21.0083 0x1d00 FontCache3.0.0.0 - ok
19:21:21.0099 0x1d00 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:21:21.0099 0x1d00 FsDepends - ok
19:21:21.0099 0x1d00 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:21:21.0099 0x1d00 Fs_Rec - ok
19:21:21.0114 0x1d00 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:21:21.0114 0x1d00 fvevol - ok
19:21:21.0114 0x1d00 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:21:21.0114 0x1d00 gagp30kx - ok
19:21:21.0130 0x1d00 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:21:21.0130 0x1d00 GEARAspiWDM - ok
19:21:21.0161 0x1d00 [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:21:21.0177 0x1d00 GfExperienceService - ok
19:21:21.0192 0x1d00 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
19:21:21.0208 0x1d00 gpsvc - ok
19:21:21.0224 0x1d00 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:21:21.0224 0x1d00 hcw85cir - ok
19:21:21.0224 0x1d00 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:21.0224 0x1d00 HDAudBus - ok
19:21:21.0239 0x1d00 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:21:21.0239 0x1d00 HidBatt - ok
19:21:21.0239 0x1d00 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:21:21.0239 0x1d00 HidBth - ok
19:21:21.0239 0x1d00 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:21:21.0255 0x1d00 HidIr - ok
19:21:21.0255 0x1d00 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:21:21.0255 0x1d00 hidserv - ok
19:21:21.0255 0x1d00 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:21:21.0255 0x1d00 HidUsb - ok
19:21:21.0270 0x1d00 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:21:21.0270 0x1d00 hkmsvc - ok
19:21:21.0270 0x1d00 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:21:21.0286 0x1d00 HomeGroupListener - ok
19:21:21.0286 0x1d00 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:21:21.0302 0x1d00 HomeGroupProvider - ok
19:21:21.0302 0x1d00 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:21:21.0302 0x1d00 HpSAMD - ok
19:21:21.0317 0x1d00 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:21:21.0333 0x1d00 HTTP - ok
19:21:21.0348 0x1d00 hwdatacard - ok
19:21:21.0348 0x1d00 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:21:21.0348 0x1d00 hwpolicy - ok
19:21:21.0348 0x1d00 hwusbdev - ok
19:21:21.0364 0x1d00 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:21:21.0364 0x1d00 i8042prt - ok
19:21:21.0380 0x1d00 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:21:21.0380 0x1d00 iaStor - ok
19:21:21.0395 0x1d00 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:21:21.0411 0x1d00 iaStorV - ok
19:21:21.0426 0x1d00 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:21:21.0442 0x1d00 idsvc - ok
19:21:21.0458 0x1d00 IEEtwCollectorService - ok
19:21:21.0707 0x1d00 [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:21:21.0941 0x1d00 igfx - ok
19:21:21.0957 0x1d00 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:21:21.0957 0x1d00 iirsp - ok
19:21:21.0972 0x1d00 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:21:21.0988 0x1d00 IKEEXT - ok
19:21:22.0004 0x1d00 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
19:21:22.0004 0x1d00 Impcd - ok
19:21:22.0066 0x1d00 [ 1B491F385EE96F9D9EE4CB430C8CD29E, 06CA97FC494F3B3FE422F1242856B643EE210959DCB6E8298254306145B688AF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:21:22.0128 0x1d00 IntcAzAudAddService - ok
19:21:22.0128 0x1d00 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:21:22.0128 0x1d00 intelide - ok
19:21:22.0128 0x1d00 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:21:22.0128 0x1d00 intelppm - ok
19:21:22.0144 0x1d00 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:21:22.0144 0x1d00 IPBusEnum - ok
19:21:22.0144 0x1d00 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:22.0160 0x1d00 IpFilterDriver - ok
19:21:22.0160 0x1d00 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:21:22.0175 0x1d00 iphlpsvc - ok
19:21:22.0191 0x1d00 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:21:22.0191 0x1d00 IPMIDRV - ok
19:21:22.0191 0x1d00 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:21:22.0191 0x1d00 IPNAT - ok
19:21:22.0206 0x1d00 [ 97C9EBB84A761D48DC17E0E6B913C164, D195A8410E1FEED1A0EE9C5F5AF6F5FC861284765A38D460D496CE1048501905 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:21:22.0222 0x1d00 iPod Service - ok
19:21:22.0222 0x1d00 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:21:22.0222 0x1d00 IRENUM - ok
19:21:22.0238 0x1d00 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:21:22.0238 0x1d00 isapnp - ok
19:21:22.0238 0x1d00 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:21:22.0253 0x1d00 iScsiPrt - ok
19:21:22.0253 0x1d00 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:22.0253 0x1d00 kbdclass - ok
19:21:22.0253 0x1d00 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:21:22.0269 0x1d00 kbdhid - ok
19:21:22.0269 0x1d00 [ 14959E4D0D8FA7D1F7772D4A746BACBA, 5DB2127CB1A7FDFD0BA6ACCC5CF503A51027958A5BA0F6749935263BFCA718CE ] KDService C:\Program Files\KDService\bin\KDService.exe
19:21:22.0284 0x1d00 KDService - ok
19:21:22.0284 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] KeyIso C:\Windows\system32\lsass.exe
19:21:22.0284 0x1d00 KeyIso - ok
19:21:22.0300 0x1d00 [ 3AAA10BAF3F194F7CD34F4C78F8222EE, 25AE0B764748B13C7F093966E228D506072E270379A5E751F1ED619DEFB40814 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:21:22.0300 0x1d00 KSecDD - ok
19:21:22.0300 0x1d00 [ 7B7C28D4E71E4A4365F2B7528DA619F8, 0A507468C6A49870F794F28FF274643FE8FD238A3A9BE86C8656882F237DE77B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:21:22.0316 0x1d00 KSecPkg - ok
19:21:22.0316 0x1d00 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:21:22.0316 0x1d00 ksthunk - ok
19:21:22.0331 0x1d00 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:21:22.0331 0x1d00 KtmRm - ok
19:21:22.0347 0x1d00 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:21:22.0347 0x1d00 LanmanServer - ok
19:21:22.0362 0x1d00 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:22.0362 0x1d00 LanmanWorkstation - ok
19:21:22.0409 0x1d00 [ 9221BD3515C49AED30FA88152BFD7168, CD23280C8A1AE00EEEBFC74D403EDE0BF6CB03DDDC3CB971338A7C9FB76CD7F3 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:21:22.0456 0x1d00 LiveUpdateSvc - ok
19:21:22.0456 0x1d00 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:21:22.0472 0x1d00 lltdio - ok
19:21:22.0472 0x1d00 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:21:22.0487 0x1d00 lltdsvc - ok
19:21:22.0487 0x1d00 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:21:22.0487 0x1d00 lmhosts - ok
19:21:22.0503 0x1d00 [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:21:22.0503 0x1d00 LMS - ok
19:21:22.0518 0x1d00 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:21:22.0518 0x1d00 LSI_FC - ok
19:21:22.0518 0x1d00 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:21:22.0518 0x1d00 LSI_SAS - ok
19:21:22.0534 0x1d00 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:21:22.0534 0x1d00 LSI_SAS2 - ok
19:21:22.0534 0x1d00 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:21:22.0534 0x1d00 LSI_SCSI - ok
19:21:22.0550 0x1d00 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:21:22.0550 0x1d00 luafv - ok
19:21:22.0550 0x1d00 [ 94350777ED760B67A4975DD5E4676FF2, EC9401106C6DCF71A444FE64F57AB17ED88A1EC0C59A9F1BF95FE7276C1094D7 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
19:21:22.0550 0x1d00 MbaeSvc - ok
19:21:22.0565 0x1d00 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:21:22.0565 0x1d00 MBAMSwissArmy - ok
19:21:22.0581 0x1d00 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:21:22.0581 0x1d00 Mcx2Svc - ok
19:21:22.0581 0x1d00 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:21:22.0581 0x1d00 megasas - ok
19:21:22.0596 0x1d00 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:21:22.0596 0x1d00 MegaSR - ok
19:21:22.0612 0x1d00 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:21:22.0612 0x1d00 MEIx64 - ok
19:21:22.0612 0x1d00 Microsoft SharePoint Workspace Audit Service - ok
19:21:22.0612 0x1d00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:21:22.0628 0x1d00 MMCSS - ok
19:21:22.0628 0x1d00 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:21:22.0628 0x1d00 Modem - ok
19:21:22.0628 0x1d00 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:21:22.0628 0x1d00 monitor - ok
19:21:22.0643 0x1d00 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:21:22.0643 0x1d00 mouclass - ok
19:21:22.0643 0x1d00 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:21:22.0643 0x1d00 mouhid - ok
19:21:22.0643 0x1d00 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:21:22.0659 0x1d00 mountmgr - ok
19:21:22.0659 0x1d00 [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:21:22.0659 0x1d00 MozillaMaintenance - ok
19:21:22.0674 0x1d00 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:21:22.0674 0x1d00 mpio - ok
19:21:22.0674 0x1d00 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:21:22.0690 0x1d00 mpsdrv - ok
19:21:22.0706 0x1d00 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:21:22.0721 0x1d00 MpsSvc - ok
19:21:22.0737 0x1d00 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:21:22.0737 0x1d00 MRxDAV - ok
19:21:22.0737 0x1d00 [ 819426D736BCBD31CC7CA27221954E04, 0C4AADEFE282D89EA4A523BDA7B6BB948247F50253D7D0B90C8FC46C4DEEF835 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:22.0737 0x1d00 mrxsmb - ok
19:21:22.0752 0x1d00 [ 85CB449B319AF69A3538BB1B97EEA2E5, DB75D56A7E631F57D31957105422811C738E96E5B84480C3346B827ACF280E12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:22.0752 0x1d00 mrxsmb10 - ok
19:21:22.0768 0x1d00 [ C0B2DC34587FE163997055AA38EB883A, A0BFD0CF873CCEF266606ADE1A4DA69DF757A67D8AD28330272AFEABD7F481D5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:22.0768 0x1d00 mrxsmb20 - ok
19:21:22.0768 0x1d00 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:21:22.0768 0x1d00 msahci - ok
19:21:22.0784 0x1d00 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:21:22.0784 0x1d00 msdsm - ok
19:21:22.0784 0x1d00 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:21:22.0799 0x1d00 MSDTC - ok
19:21:22.0799 0x1d00 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:21:22.0799 0x1d00 Msfs - ok
19:21:22.0815 0x1d00 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:21:22.0815 0x1d00 mshidkmdf - ok
19:21:22.0815 0x1d00 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:21:22.0815 0x1d00 msisadrv - ok
19:21:22.0815 0x1d00 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:21:22.0830 0x1d00 MSiSCSI - ok
19:21:22.0830 0x1d00 msiserver - ok
19:21:22.0830 0x1d00 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:21:22.0830 0x1d00 MSKSSRV - ok
19:21:22.0830 0x1d00 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:22.0846 0x1d00 MSPCLOCK - ok
19:21:22.0846 0x1d00 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:21:22.0846 0x1d00 MSPQM - ok
19:21:22.0862 0x1d00 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:21:22.0862 0x1d00 MsRPC - ok
19:21:22.0862 0x1d00 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:22.0862 0x1d00 mssmbios - ok
19:21:22.0877 0x1d00 MSSQL$MSSMLBIZ - ok
19:21:22.0877 0x1d00 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:21:22.0877 0x1d00 MSSQLServerADHelper100 - ok
19:21:22.0893 0x1d00 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:21:22.0893 0x1d00 MSTEE - ok
19:21:22.0893 0x1d00 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:21:22.0893 0x1d00 MTConfig - ok
19:21:22.0893 0x1d00 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:21:22.0893 0x1d00 Mup - ok
19:21:22.0908 0x1d00 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:21:22.0924 0x1d00 napagent - ok
19:21:22.0940 0x1d00 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:21:22.0940 0x1d00 NativeWifiP - ok
19:21:22.0955 0x1d00 [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:21:22.0971 0x1d00 NAUpdate - ok
19:21:23.0002 0x1d00 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:21:23.0018 0x1d00 NDIS - ok
19:21:23.0018 0x1d00 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:21:23.0018 0x1d00 NdisCap - ok
19:21:23.0018 0x1d00 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:23.0033 0x1d00 NdisTapi - ok
19:21:23.0033 0x1d00 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:23.0033 0x1d00 Ndisuio - ok
19:21:23.0033 0x1d00 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:23.0049 0x1d00 NdisWan - ok
19:21:23.0049 0x1d00 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:21:23.0049 0x1d00 NDProxy - ok
19:21:23.0049 0x1d00 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:21:23.0049 0x1d00 NetBIOS - ok
19:21:23.0064 0x1d00 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:21:23.0064 0x1d00 NetBT - ok
19:21:23.0080 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] Netlogon C:\Windows\system32\lsass.exe
19:21:23.0080 0x1d00 Netlogon - ok
19:21:23.0080 0x1d00 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:21:23.0096 0x1d00 Netman - ok
19:21:23.0111 0x1d00 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:23.0111 0x1d00 NetMsmqActivator - ok
19:21:23.0127 0x1d00 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:23.0127 0x1d00 NetPipeActivator - ok
19:21:23.0142 0x1d00 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:21:23.0142 0x1d00 netprofm - ok
19:21:23.0158 0x1d00 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:23.0158 0x1d00 NetTcpActivator - ok
19:21:23.0158 0x1d00 [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:21:23.0174 0x1d00 NetTcpPortSharing - ok
19:21:23.0174 0x1d00 [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
19:21:23.0174 0x1d00 netvsc - ok
19:21:23.0189 0x1d00 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:21:23.0189 0x1d00 nfrd960 - ok
19:21:23.0189 0x1d00 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:21:23.0205 0x1d00 NlaSvc - ok
19:21:23.0205 0x1d00 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:21:23.0205 0x1d00 Npfs - ok
19:21:23.0220 0x1d00 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:21:23.0220 0x1d00 nsi - ok
19:21:23.0220 0x1d00 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:21:23.0220 0x1d00 nsiproxy - ok
19:21:23.0267 0x1d00 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:21:23.0298 0x1d00 Ntfs - ok
19:21:23.0298 0x1d00 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:21:23.0298 0x1d00 Null - ok
19:21:23.0298 0x1d00 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
19:21:23.0314 0x1d00 nusb3hub - ok
19:21:23.0314 0x1d00 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:21:23.0314 0x1d00 nusb3xhc - ok
19:21:23.0330 0x1d00 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:21:23.0330 0x1d00 NVHDA - ok
19:21:23.0345 0x1d00 [ 1348CB0F39D14E3A89C19E7AF6D276ED, 25579FAE5407FBE0494B0F44DA8B1B14FB13BA051CB1BFABE6673AECF4BEE6DB ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
19:21:23.0345 0x1d00 nvkflt - ok
19:21:23.0579 0x1d00 [ 6DDB922F08C17C342F1FB868D7EB22CD, A62E476FD377EA9974122DC7C426735B6BE5CECCD0D3DA22502DF7CBB208B49E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:21:23.0782 0x1d00 nvlddmkm - ok
19:21:23.0844 0x1d00 [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:21:23.0876 0x1d00 NvNetworkService - ok
19:21:23.0876 0x1d00 [ CC0F5EE56A816A417C223BE5BEA2A82D, F6A8CF3C5B6E103F92FA33669AF23E8136C5DD3A2B1B140A8C60D431E1DFF511 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
19:21:23.0876 0x1d00 nvpciflt - ok
19:21:23.0891 0x1d00 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:21:23.0891 0x1d00 nvraid - ok
19:21:23.0891 0x1d00 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:21:23.0907 0x1d00 nvstor - ok
19:21:23.0907 0x1d00 [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:21:23.0907 0x1d00 NvStreamKms - ok
19:21:24.0110 0x1d00 [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:21:24.0250 0x1d00 NvStreamNetworkSvc - ok
19:21:24.0390 0x1d00 [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:21:24.0500 0x1d00 NvStreamSvc - ok
19:21:24.0531 0x1d00 [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] NVSvc C:\Windows\system32\nvvsvc.exe
19:21:24.0546 0x1d00 NVSvc - ok
19:21:24.0562 0x1d00 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:21:24.0562 0x1d00 nvvad_WaveExtensible - ok
19:21:24.0562 0x1d00 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:21:24.0562 0x1d00 nv_agp - ok
19:21:24.0578 0x1d00 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:21:24.0578 0x1d00 ohci1394 - ok
19:21:24.0578 0x1d00 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:24.0593 0x1d00 ose - ok
19:21:24.0687 0x1d00 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:21:24.0765 0x1d00 osppsvc - ok
19:21:24.0780 0x1d00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:21:24.0796 0x1d00 p2pimsvc - ok
19:21:24.0812 0x1d00 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:21:24.0812 0x1d00 p2psvc - ok
19:21:24.0827 0x1d00 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:21:24.0827 0x1d00 Parport - ok
19:21:24.0827 0x1d00 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:21:24.0827 0x1d00 partmgr - ok
19:21:24.0843 0x1d00 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
19:21:24.0843 0x1d00 PcaSvc - ok
19:21:24.0858 0x1d00 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:21:24.0858 0x1d00 pci - ok
19:21:24.0858 0x1d00 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:21:24.0858 0x1d00 pciide - ok
19:21:24.0874 0x1d00 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:21:24.0874 0x1d00 pcmcia - ok
19:21:24.0874 0x1d00 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:21:24.0874 0x1d00 pcw - ok
19:21:24.0905 0x1d00 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:21:24.0905 0x1d00 PEAUTH - ok
19:21:24.0952 0x1d00 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:21:24.0968 0x1d00 PeerDistSvc - ok
19:21:24.0999 0x1d00 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:21:24.0999 0x1d00 PerfHost - ok
19:21:25.0030 0x1d00 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:21:25.0061 0x1d00 pla - ok
19:21:25.0077 0x1d00 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:21:25.0092 0x1d00 PlugPlay - ok
19:21:25.0092 0x1d00 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:21:25.0092 0x1d00 PNRPAutoReg - ok
19:21:25.0108 0x1d00 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:21:25.0108 0x1d00 PNRPsvc - ok
19:21:25.0124 0x1d00 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:21:25.0139 0x1d00 PolicyAgent - ok
19:21:25.0139 0x1d00 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:21:25.0155 0x1d00 Power - ok
19:21:25.0155 0x1d00 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:21:25.0155 0x1d00 PptpMiniport - ok
19:21:25.0170 0x1d00 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:21:25.0170 0x1d00 Processor - ok
19:21:25.0170 0x1d00 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:21:25.0186 0x1d00 ProfSvc - ok
19:21:25.0186 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:25.0186 0x1d00 ProtectedStorage - ok
19:21:25.0186 0x1d00 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:21:25.0202 0x1d00 Psched - ok
19:21:25.0202 0x1d00 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:21:25.0202 0x1d00 PxHlpa64 - ok
19:21:25.0233 0x1d00 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:21:25.0264 0x1d00 ql2300 - ok
19:21:25.0280 0x1d00 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:21:25.0280 0x1d00 ql40xx - ok
19:21:25.0280 0x1d00 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:21:25.0295 0x1d00 QWAVE - ok
19:21:25.0295 0x1d00 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:21:25.0295 0x1d00 QWAVEdrv - ok
19:21:25.0389 0x1d00 [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
19:21:25.0467 0x1d00 Radio.fx - ok
19:21:25.0482 0x1d00 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:21:25.0482 0x1d00 RapiMgr - ok
19:21:25.0482 0x1d00 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:21:25.0482 0x1d00 RasAcd - ok
19:21:25.0498 0x1d00 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:21:25.0498 0x1d00 RasAgileVpn - ok
19:21:25.0498 0x1d00 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:21:25.0498 0x1d00 RasAuto - ok
19:21:25.0514 0x1d00 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:25.0514 0x1d00 Rasl2tp - ok
19:21:25.0529 0x1d00 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:21:25.0529 0x1d00 RasMan - ok
19:21:25.0545 0x1d00 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:25.0545 0x1d00 RasPppoe - ok
19:21:25.0545 0x1d00 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:21:25.0545 0x1d00 RasSstp - ok
19:21:25.0560 0x1d00 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:21:25.0560 0x1d00 rdbss - ok
19:21:25.0576 0x1d00 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:21:25.0576 0x1d00 rdpbus - ok
19:21:25.0576 0x1d00 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:25.0576 0x1d00 RDPCDD - ok
19:21:25.0592 0x1d00 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:21:25.0592 0x1d00 RDPDR - ok
19:21:25.0592 0x1d00 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:21:25.0592 0x1d00 RDPENCDD - ok
19:21:25.0592 0x1d00 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:21:25.0592 0x1d00 RDPREFMP - ok
19:21:25.0607 0x1d00 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:21:25.0607 0x1d00 RdpVideoMiniport - ok
19:21:25.0623 0x1d00 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:21:25.0623 0x1d00 RDPWD - ok
19:21:25.0623 0x1d00 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:21:25.0638 0x1d00 rdyboost - ok
19:21:25.0638 0x1d00 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:21:25.0638 0x1d00 RemoteAccess - ok
19:21:25.0654 0x1d00 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:21:25.0654 0x1d00 RemoteRegistry - ok
19:21:25.0670 0x1d00 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:21:25.0670 0x1d00 RFCOMM - ok
19:21:25.0670 0x1d00 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:21:25.0670 0x1d00 RpcEptMapper - ok
19:21:25.0685 0x1d00 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:21:25.0685 0x1d00 RpcLocator - ok
19:21:25.0701 0x1d00 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:21:25.0701 0x1d00 RpcSs - ok
19:21:25.0716 0x1d00 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:21:25.0716 0x1d00 rspndr - ok
19:21:25.0732 0x1d00 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:21:25.0732 0x1d00 RSUSBSTOR - ok
19:21:25.0748 0x1d00 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:21:25.0763 0x1d00 RTL8167 - ok
19:21:25.0763 0x1d00 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:21:25.0763 0x1d00 s3cap - ok
19:21:25.0763 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] SamSs C:\Windows\system32\lsass.exe
19:21:25.0763 0x1d00 SamSs - ok
19:21:25.0779 0x1d00 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:21:25.0779 0x1d00 sbp2port - ok
19:21:25.0779 0x1d00 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:21:25.0794 0x1d00 SCardSvr - ok
19:21:25.0794 0x1d00 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:21:25.0794 0x1d00 scfilter - ok
19:21:25.0826 0x1d00 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:21:25.0841 0x1d00 Schedule - ok
19:21:25.0857 0x1d00 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:21:25.0857 0x1d00 SCPolicySvc - ok
19:21:25.0857 0x1d00 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:21:25.0872 0x1d00 SDRSVC - ok
19:21:25.0872 0x1d00 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:21:25.0872 0x1d00 secdrv - ok
19:21:25.0872 0x1d00 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
19:21:25.0888 0x1d00 seclogon - ok
19:21:25.0888 0x1d00 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:21:25.0904 0x1d00 SENS - ok
19:21:25.0919 0x1d00 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:21:25.0919 0x1d00 SensrSvc - ok
19:21:25.0919 0x1d00 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:21:25.0919 0x1d00 Serenum - ok
19:21:25.0935 0x1d00 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
19:21:25.0935 0x1d00 Serial - ok
19:21:25.0935 0x1d00 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:21:25.0935 0x1d00 sermouse - ok
19:21:25.0950 0x1d00 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:21:25.0966 0x1d00 SessionEnv - ok
19:21:25.0966 0x1d00 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:21:25.0966 0x1d00 sffdisk - ok
19:21:25.0966 0x1d00 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:21:25.0966 0x1d00 sffp_mmc - ok
19:21:25.0966 0x1d00 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:21:25.0966 0x1d00 sffp_sd - ok
19:21:25.0982 0x1d00 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:21:25.0982 0x1d00 sfloppy - ok
19:21:25.0982 0x1d00 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:21:25.0997 0x1d00 SharedAccess - ok
19:21:26.0013 0x1d00 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:26.0013 0x1d00 ShellHWDetection - ok
19:21:26.0028 0x1d00 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:21:26.0028 0x1d00 SiSRaid2 - ok
19:21:26.0028 0x1d00 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:21:26.0028 0x1d00 SiSRaid4 - ok
19:21:26.0044 0x1d00 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:21:26.0044 0x1d00 Smb - ok
19:21:26.0060 0x1d00 [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
19:21:26.0060 0x1d00 snapman - ok
19:21:26.0060 0x1d00 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:21:26.0075 0x1d00 SNMPTRAP - ok
19:21:26.0075 0x1d00 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:21:26.0075 0x1d00 spldr - ok
19:21:26.0091 0x1d00 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:21:26.0106 0x1d00 Spooler - ok
19:21:26.0169 0x1d00 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:21:26.0247 0x1d00 sppsvc - ok
19:21:26.0247 0x1d00 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:21:26.0262 0x1d00 sppuinotify - ok
19:21:26.0262 0x1d00 [ 8211A6F40B5EA8BF21C41F34C2895A6C, F394A78F80B0D7DA043AF39E99B2C16EA0CBF4AD4BFD61CFBA5ED08FB25E11C4 ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
19:21:26.0278 0x1d00 SQLAgent$MSSMLBIZ - ok
19:21:26.0278 0x1d00 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:21:26.0294 0x1d00 SQLBrowser - ok
19:21:26.0294 0x1d00 [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:21:26.0309 0x1d00 SQLWriter - ok
19:21:26.0309 0x1d00 [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:21:26.0325 0x1d00 srv - ok
19:21:26.0340 0x1d00 [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:21:26.0340 0x1d00 srv2 - ok
19:21:26.0356 0x1d00 [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:21:26.0356 0x1d00 srvnet - ok
19:21:26.0372 0x1d00 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:21:26.0372 0x1d00 SSDPSRV - ok
19:21:26.0372 0x1d00 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:21:26.0387 0x1d00 SstpSvc - ok
19:21:26.0387 0x1d00 [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
19:21:26.0387 0x1d00 stdcfltn - ok
19:21:26.0387 0x1d00 [ AE0F3FEC1A905293874657E584F647E1, D124640EDBFD37B904DFAD867CD0922AFF085B380115CD57C8EE01B72C1E2DA5 ] stdriver C:\Windows\system32\DRIVERS\stdriverx64.sys
19:21:26.0403 0x1d00 stdriver - ok
19:21:26.0403 0x1d00 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:21:26.0403 0x1d00 stexstor - ok
19:21:26.0403 0x1d00 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:21:26.0403 0x1d00 StillCam - ok
19:21:26.0418 0x1d00 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:21:26.0434 0x1d00 stisvc - ok
19:21:26.0434 0x1d00 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
19:21:26.0450 0x1d00 StorSvc - ok
19:21:26.0450 0x1d00 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:21:26.0450 0x1d00 storvsc - ok
19:21:26.0450 0x1d00 [ 4BBD324372664F7EC73E93553A92CD2C, 43DE2A7C3A8B64535E104E4FB8AB32AD93EFC10F2EAE3BF287A06A89C5998124 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
19:21:26.0450 0x1d00 SupportAssistAgent - ok
19:21:26.0465 0x1d00 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:21:26.0465 0x1d00 swenum - ok
19:21:26.0481 0x1d00 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:21:26.0481 0x1d00 swprv - ok
19:21:26.0496 0x1d00 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
19:21:26.0496 0x1d00 SynthVid - ok
19:21:26.0528 0x1d00 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:21:26.0559 0x1d00 SysMain - ok
19:21:26.0574 0x1d00 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:21:26.0574 0x1d00 TabletInputService - ok
19:21:26.0590 0x1d00 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:21:26.0590 0x1d00 TapiSrv - ok
19:21:26.0606 0x1d00 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:21:26.0606 0x1d00 TBS - ok
19:21:26.0652 0x1d00 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:21:26.0684 0x1d00 Tcpip - ok
19:21:26.0730 0x1d00 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:21:26.0762 0x1d00 TCPIP6 - ok
19:21:26.0777 0x1d00 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:21:26.0777 0x1d00 tcpipreg - ok
19:21:26.0777 0x1d00 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:21:26.0777 0x1d00 TDPIPE - ok
19:21:26.0808 0x1d00 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
19:21:26.0840 0x1d00 tdrpman273 - ok
19:21:26.0840 0x1d00 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:21:26.0840 0x1d00 TDTCP - ok
19:21:26.0840 0x1d00 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:21:26.0855 0x1d00 tdx - ok
19:21:26.0918 0x1d00 [ 641500967E5E87CF026DF0193AB84EA7, D69F231449DF14973BD5299736EA1600595257AA02AFEAF00034AD0F0DDC1BE2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:21:26.0964 0x1d00 TeamViewer7 - ok
19:21:26.0980 0x1d00 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:21:26.0980 0x1d00 TermDD - ok
19:21:26.0996 0x1d00 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:21:27.0011 0x1d00 TermService - ok
19:21:27.0011 0x1d00 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:21:27.0011 0x1d00 Themes - ok
19:21:27.0027 0x1d00 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:21:27.0027 0x1d00 THREADORDER - ok
19:21:27.0058 0x1d00 [ 2C1CAF5563548A15515EAB07D2A069C6, 863405BAC725C7DC6CC86613365A099A2370781018996DD3E74981565AD0DDF5 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
19:21:27.0074 0x1d00 timounter - ok
19:21:27.0074 0x1d00 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:21:27.0089 0x1d00 TrkWks - ok
19:21:27.0089 0x1d00 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:21:27.0089 0x1d00 TrustedInstaller - ok
19:21:27.0105 0x1d00 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:27.0105 0x1d00 tssecsrv - ok
19:21:27.0105 0x1d00 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:21:27.0105 0x1d00 TsUsbFlt - ok
19:21:27.0105 0x1d00 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:21:27.0120 0x1d00 TsUsbGD - ok
19:21:27.0120 0x1d00 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:21:27.0120 0x1d00 tunnel - ok
19:21:27.0120 0x1d00 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:21:27.0136 0x1d00 TurboB - ok
19:21:27.0136 0x1d00 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:21:27.0136 0x1d00 TurboBoost - ok
19:21:27.0152 0x1d00 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:21:27.0152 0x1d00 uagp35 - ok
19:21:27.0152 0x1d00 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:21:27.0167 0x1d00 udfs - ok
19:21:27.0167 0x1d00 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:21:27.0167 0x1d00 UI0Detect - ok
19:21:27.0183 0x1d00 [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\Windows\system32\DRIVERS\UimBus.sys
19:21:27.0183 0x1d00 UimBus - ok
19:21:27.0183 0x1d00 [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\Windows\system32\DRIVERS\uim_devim.sys
19:21:27.0198 0x1d00 Uim_DEVIM - ok
19:21:27.0214 0x1d00 [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\Windows\system32\DRIVERS\uim_im.sys
19:21:27.0230 0x1d00 Uim_IM - ok
19:21:27.0230 0x1d00 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:21:27.0230 0x1d00 uliagpkx - ok
19:21:27.0230 0x1d00 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:21:27.0245 0x1d00 umbus - ok
19:21:27.0245 0x1d00 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:21:27.0245 0x1d00 UmPass - ok
19:21:27.0245 0x1d00 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:21:27.0261 0x1d00 UmRdpService - ok
19:21:27.0323 0x1d00 [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:21:27.0370 0x1d00 UNS - ok
19:21:27.0386 0x1d00 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:21:27.0386 0x1d00 upnphost - ok
19:21:27.0401 0x1d00 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:21:27.0401 0x1d00 USBAAPL64 - ok
19:21:27.0401 0x1d00 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:21:27.0401 0x1d00 usbccgp - ok
19:21:27.0417 0x1d00 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:21:27.0417 0x1d00 usbcir - ok
19:21:27.0417 0x1d00 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:21:27.0417 0x1d00 usbehci - ok
19:21:27.0432 0x1d00 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:21:27.0432 0x1d00 usbhub - ok
19:21:27.0448 0x1d00 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:21:27.0448 0x1d00 usbohci - ok
19:21:27.0448 0x1d00 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:21:27.0448 0x1d00 usbprint - ok
19:21:27.0448 0x1d00 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:27.0464 0x1d00 USBSTOR - ok
19:21:27.0464 0x1d00 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:21:27.0464 0x1d00 usbuhci - ok
19:21:27.0479 0x1d00 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:21:27.0479 0x1d00 usbvideo - ok
19:21:27.0479 0x1d00 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:21:27.0479 0x1d00 usb_rndisx - ok
19:21:27.0479 0x1d00 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:21:27.0495 0x1d00 UxSms - ok
19:21:27.0495 0x1d00 [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] VaultSvc C:\Windows\system32\lsass.exe
19:21:27.0495 0x1d00 VaultSvc - ok
19:21:27.0557 0x1d00 [ 20BF96C13DB4BA085D98F4700F3B05FE, B239CB072E7ADB784D094B439AF5390D370F799D2DF4CB4AB781AE00A6810BBC ] vcsFPService C:\Windows\system32\vcsFPService.exe
19:21:27.0635 0x1d00 vcsFPService - ok
19:21:27.0635 0x1d00 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:21:27.0635 0x1d00 vdrvroot - ok
19:21:27.0651 0x1d00 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:21:27.0666 0x1d00 vds - ok
19:21:27.0666 0x1d00 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:27.0666 0x1d00 vga - ok
19:21:27.0682 0x1d00 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:21:27.0682 0x1d00 VgaSave - ok
19:21:27.0682 0x1d00 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:21:27.0698 0x1d00 vhdmp - ok
19:21:27.0698 0x1d00 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:21:27.0698 0x1d00 viaide - ok
19:21:27.0698 0x1d00 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:21:27.0698 0x1d00 VMBusHID - ok
19:21:27.0713 0x1d00 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:21:27.0713 0x1d00 volmgr - ok
19:21:27.0713 0x1d00 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:21:27.0729 0x1d00 volmgrx - ok
19:21:27.0744 0x1d00 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:21:27.0744 0x1d00 volsnap - ok
19:21:27.0744 0x1d00 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:21:27.0760 0x1d00 vsmraid - ok
19:21:27.0791 0x1d00 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:21:27.0822 0x1d00 VSS - ok
19:21:27.0838 0x1d00 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:21:27.0838 0x1d00 vwifibus - ok
19:21:27.0838 0x1d00 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:21:27.0838 0x1d00 vwififlt - ok
19:21:27.0838 0x1d00 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:21:27.0838 0x1d00 vwifimp - ok
19:21:27.0854 0x1d00 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:21:27.0869 0x1d00 W32Time - ok
19:21:27.0869 0x1d00 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:21:27.0869 0x1d00 WacomPen - ok
19:21:27.0885 0x1d00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:21:27.0885 0x1d00 WANARP - ok
19:21:27.0885 0x1d00 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:21:27.0885 0x1d00 Wanarpv6 - ok
19:21:27.0932 0x1d00 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:21:27.0963 0x1d00 wbengine - ok
19:21:27.0963 0x1d00 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:21:27.0978 0x1d00 WbioSrvc - ok
19:21:27.0994 0x1d00 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:21:27.0994 0x1d00 WcesComm - ok
19:21:28.0010 0x1d00 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:21:28.0010 0x1d00 wcncsvc - ok
19:21:28.0025 0x1d00 [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:28.0025 0x1d00 WcsPlugInService - ok
19:21:28.0025 0x1d00 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:21:28.0025 0x1d00 Wd - ok
19:21:28.0056 0x1d00 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:21:28.0072 0x1d00 Wdf01000 - ok
19:21:28.0072 0x1d00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:21:28.0072 0x1d00 WdiServiceHost - ok
19:21:28.0088 0x1d00 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:21:28.0088 0x1d00 WdiSystemHost - ok
19:21:28.0103 0x1d00 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
19:21:28.0103 0x1d00 WebClient - ok
19:21:28.0119 0x1d00 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:21:28.0119 0x1d00 Wecsvc - ok
19:21:28.0134 0x1d00 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:21:28.0134 0x1d00 wercplsupport - ok
19:21:28.0134 0x1d00 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:21:28.0150 0x1d00 WerSvc - ok
19:21:28.0150 0x1d00 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:28.0150 0x1d00 WfpLwf - ok
19:21:28.0150 0x1d00 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:21:28.0150 0x1d00 WIMMount - ok
19:21:28.0150 0x1d00 WinDefend - ok
19:21:28.0166 0x1d00 WinHttpAutoProxySvc - ok
19:21:28.0181 0x1d00 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:21:28.0181 0x1d00 Winmgmt - ok
19:21:28.0228 0x1d00 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
19:21:28.0275 0x1d00 WinRM - ok
19:21:28.0275 0x1d00 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUsb.sys
19:21:28.0275 0x1d00 WinUSB - ok
19:21:28.0306 0x1d00 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:21:28.0322 0x1d00 Wlansvc - ok
19:21:28.0322 0x1d00 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:21:28.0322 0x1d00 wlcrasvc - ok
19:21:28.0384 0x1d00 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:21:28.0431 0x1d00 wlidsvc - ok
19:21:28.0431 0x1d00 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:21:28.0431 0x1d00 WmiAcpi - ok
19:21:28.0446 0x1d00 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:21:28.0446 0x1d00 wmiApSrv - ok
19:21:28.0446 0x1d00 WMPNetworkSvc - ok
19:21:28.0446 0x1d00 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:21:28.0462 0x1d00 WPCSvc - ok
19:21:28.0462 0x1d00 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:21:28.0462 0x1d00 WPDBusEnum - ok
19:21:28.0478 0x1d00 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:21:28.0478 0x1d00 ws2ifsl - ok
19:21:28.0478 0x1d00 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:21:28.0493 0x1d00 wscsvc - ok
19:21:28.0493 0x1d00 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:21:28.0493 0x1d00 WSDPrintDevice - ok
19:21:28.0493 0x1d00 WSearch - ok
19:21:28.0556 0x1d00 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:21:28.0602 0x1d00 wuauserv - ok
19:21:28.0618 0x1d00 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:21:28.0618 0x1d00 WudfPf - ok
19:21:28.0618 0x1d00 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:28.0634 0x1d00 WUDFRd - ok
19:21:28.0634 0x1d00 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:21:28.0634 0x1d00 wudfsvc - ok
19:21:28.0649 0x1d00 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:21:28.0649 0x1d00 WwanSvc - ok
19:21:28.0665 0x1d00 ================ Scan global
|
|
18.03.2017, 19:36
| #6 |
| | IObit wird als Malware erkannt?Code:
ATTFilter ===============================
19:21:28.0680 0x1d00 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:21:28.0680 0x1d00 [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
19:21:28.0696 0x1d00 [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
19:21:28.0696 0x1d00 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:21:28.0712 0x1d00 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:21:28.0727 0x1d00 [ Global ] - ok
19:21:28.0727 0x1d00 ================ Scan MBR ==================================
19:21:28.0727 0x1d00 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:21:28.0774 0x1d00 \Device\Harddisk0\DR0 - ok
19:21:28.0774 0x1d00 ================ Scan VBR ==================================
19:21:28.0774 0x1d00 [ B94B37A094EE2874E07B2CE82C94E103 ] \Device\Harddisk0\DR0\Partition1
19:21:28.0774 0x1d00 \Device\Harddisk0\DR0\Partition1 - ok
19:21:28.0774 0x1d00 [ 9B3DCCCDC2E5FF5F97FD388B3DB17C8A ] \Device\Harddisk0\DR0\Partition2
19:21:28.0790 0x1d00 \Device\Harddisk0\DR0\Partition2 - ok
19:21:28.0790 0x1d00 ================ Scan generic autorun ======================
19:21:28.0805 0x1d00 [ E8AE4ACB2CD8820148E1D9C07E48E652, 90BD819C1BEFDDE862919727296506BC9492169B2BE2A4DDC0A6CD037559DA9E ] C:\Windows\system32\igfxtray.exe
19:21:28.0821 0x1d00 IgfxTray - ok
19:21:28.0821 0x1d00 [ 3858ECC97EAC5C3EBB7104E3A08E6C2C, CE8A897748DFDBA043D4244B18A6767D9834684ECDE425C0686659293DD59F06 ] C:\Windows\system32\igfxpers.exe
19:21:28.0836 0x1d00 Persistence - ok
19:21:28.0852 0x1d00 [ 527BA8F96712AB5535A84B3AE15E66E3, 87A7B7C17429804BBFAD920B5B41D4C023B4AAEC1622C7B5353A5F51AA014640 ] C:\Program Files\DellTPad\Apoint.exe
19:21:28.0868 0x1d00 Apoint - ok
19:21:28.0883 0x1d00 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdcBase.exe
19:21:28.0899 0x1d00 Windows Mobile-based device management - ok
19:21:28.0946 0x1d00 [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:21:29.0008 0x1d00 NvBackend - ok
19:21:29.0008 0x1d00 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:21:29.0008 0x1d00 ShadowPlay - ok
19:21:29.0024 0x1d00 [ 64D89BDA981ECD2BC9B547E4210CA6E0, 403F685FBC8A71896F550476C3E3CAAC0D593F7CF25D4A2F61ED62D576E62F12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:21:29.0024 0x1d00 iTunesHelper - ok
19:21:29.0024 0x1d00 [ 6DD303C8AA2EB21C0776579DC4D5773E, A9DA97E7271B9B608DB19FF97662CDF8CAF63C9399C12F62B469F3A1BDBEBBF2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
19:21:29.0039 0x1d00 AvgUi - ok
19:21:29.0070 0x1d00 [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
19:21:29.0102 0x1d00 RfxSrvTray - ok
19:21:29.0117 0x1d00 Waiting for KSN requests completion. In queue: 174
19:21:30.0162 0x1d00 AV detected via SS2: AVG Antivirus, C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe ( 17.2.3419.0 ), 0x41000 ( enabled : updated )
19:21:30.0178 0x1d00 Win FW state via NFP2: enabled ( trusted )
19:21:30.0365 0x1d00 ============================================================
19:21:30.0365 0x1d00 Scan finished
19:21:30.0365 0x1d00 ============================================================
19:21:30.0381 0x09e8 Detected object count: 0
19:21:30.0381 0x09e8 Actual detected object count: 0
19:23:16.0348 0x189c ============================================================
19:23:16.0348 0x189c Scan started
19:23:16.0348 0x189c Mode: Manual; SigCheck; TDLFS;
19:23:16.0348 0x189c ============================================================
19:23:16.0348 0x189c KSN ping started
19:23:16.0441 0x189c KSN ping finished: true
19:23:16.0566 0x189c ================ Scan system memory ========================
19:23:16.0566 0x189c System memory - ok
19:23:16.0566 0x189c ================ Scan services =============================
19:23:16.0613 0x189c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:23:16.0691 0x189c 1394ohci - ok
19:23:16.0707 0x189c [ AEDB94A49236F5FF060C90E09E70281F, 111ADF5A4B19A31A86DD9D62F06C065B983A11E3286BA973D0080FBB38D2E514 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
19:23:16.0738 0x189c Acceler - ok
19:23:16.0738 0x189c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:23:16.0785 0x189c ACPI - ok
19:23:16.0785 0x189c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:23:16.0816 0x189c AcpiPmi - ok
19:23:16.0847 0x189c [ 2C92197076820FC13BC1D3A93DAB76FC, 5775E3EC0E0E371216FAE527F8363ECFCF600816F3DAFB5CA545BB915E327D66 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
19:23:16.0878 0x189c AcrSch2Svc - ok
19:23:16.0878 0x189c [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:23:16.0894 0x189c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:23:16.0894 0x189c Detect skipped due to KSN trusted
19:23:16.0894 0x189c Adobe LM Service - ok
19:23:16.0894 0x189c [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
19:23:16.0909 0x189c Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
19:23:16.0909 0x189c Detect skipped due to KSN trusted
19:23:16.0909 0x189c Adobe Version Cue CS2 - ok
19:23:16.0909 0x189c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:23:16.0925 0x189c AdobeARMservice - ok
19:23:16.0941 0x189c [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:23:16.0956 0x189c AdobeFlashPlayerUpdateSvc - ok
19:23:16.0972 0x189c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:23:17.0019 0x189c adp94xx - ok
19:23:17.0034 0x189c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:23:17.0065 0x189c adpahci - ok
19:23:17.0065 0x189c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:23:17.0097 0x189c adpu320 - ok
19:23:17.0112 0x189c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:23:17.0128 0x189c AeLookupSvc - ok
19:23:17.0128 0x189c [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:23:17.0143 0x189c AERTFilters - ok
19:23:17.0143 0x189c [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
19:23:17.0190 0x189c afcdp - ok
19:23:17.0253 0x189c [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
19:23:17.0331 0x189c afcdpsrv - ok
19:23:17.0346 0x189c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:23:17.0393 0x189c AFD - ok
19:23:17.0393 0x189c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:23:17.0424 0x189c agp440 - ok
19:23:17.0424 0x189c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:23:17.0440 0x189c ALG - ok
19:23:17.0455 0x189c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:23:17.0471 0x189c aliide - ok
19:23:17.0471 0x189c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:23:17.0502 0x189c amdide - ok
19:23:17.0502 0x189c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:23:17.0533 0x189c AmdK8 - ok
19:23:17.0533 0x189c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:23:17.0565 0x189c AmdPPM - ok
19:23:17.0580 0x189c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:23:17.0596 0x189c amdsata - ok
19:23:17.0611 0x189c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:23:17.0643 0x189c amdsbs - ok
19:23:17.0643 0x189c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:23:17.0674 0x189c amdxata - ok
19:23:17.0674 0x189c [ 6690E42CED5D067233ABAD42DA141213, 7FECA42624513E6C3216E91F708E97101CCFC252F925A3707EA8560D8059CBE3 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:23:17.0705 0x189c ApfiltrService - ok
19:23:17.0705 0x189c [ B84DDCCB03A9CEDC1E90A88EDA5306DB, 1E51A7336C7E3F6402ED90AB0B3E98FD3827E2DC51B133E7F8BB37140B315192 ] AppID C:\Windows\system32\drivers\appid.sys
19:23:17.0721 0x189c AppID - ok
19:23:17.0736 0x189c [ 02B60F8FA4BAB8DC3B14782A7E60564B, D7EB27CB202573734D7A4EB4667B9BCEC1598AA9EBD154F2C9266AF230F51A52 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:23:17.0752 0x189c AppIDSvc - ok
19:23:17.0752 0x189c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
19:23:17.0767 0x189c Appinfo - ok
19:23:17.0767 0x189c [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:23:17.0783 0x189c Apple Mobile Device Service - ok
19:23:17.0799 0x189c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
19:23:17.0814 0x189c AppMgmt - ok
19:23:17.0814 0x189c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:23:17.0845 0x189c arc - ok
19:23:17.0845 0x189c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:23:17.0877 0x189c arcsas - ok
19:23:17.0892 0x189c [ 08FC11F6416923BBC614C28B4180E9A7, C829380F10E3EE92A38F2D59ED0D5B1D27B577021307E0C2C23EC901D0479006 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:23:17.0908 0x189c aspnet_state - ok
19:23:17.0908 0x189c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:23:17.0955 0x189c AsyncMac - ok
19:23:17.0955 0x189c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:23:17.0986 0x189c atapi - ok
19:23:17.0986 0x189c [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:23:18.0017 0x189c AthBTPort - ok
19:23:18.0017 0x189c [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
19:23:18.0033 0x189c Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:23:18.0033 0x189c Detect skipped due to KSN trusted
19:23:18.0033 0x189c Atheros Bt&Wlan Coex Agent - ok
19:23:18.0033 0x189c [ 44FB485B94A8332D877F659366CEDBC8, 4CCA7D7FB3E7DEB8977B070C6BBC8315F2DB9FE66ADCB8A6A355A0C138EC6463 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
19:23:18.0048 0x189c AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:23:18.0048 0x189c Detect skipped due to KSN trusted
19:23:18.0048 0x189c AtherosSvc - ok
19:23:18.0111 0x189c [ 5493ED5D300AFC7A9A0A87FCA08E5381, 654869EB4D295317921BC3855D4FE5D3FE6031DC7655EA1805347DA8E5177FFA ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:23:18.0235 0x189c athr - ok
19:23:18.0251 0x189c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:23:18.0282 0x189c AudioEndpointBuilder - ok
19:23:18.0298 0x189c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:23:18.0329 0x189c AudioSrv - ok
19:23:18.0345 0x189c [ EB56AB5226BE8B634C084E0853356789, 2BB68E537D72AA9D08A69161B27129BB63D197A4F3F892CD2C19435EB0D2B1D9 ] AVG Antivirus C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
19:23:18.0360 0x189c AVG Antivirus - ok
19:23:18.0360 0x189c [ E387C5228ACA2AB16690788CF0A40DA2, 80367AEE884A776623A183943E14D5DD90C4ABDCDA9E6948F681D40123DFB57A ] avgbdisk C:\Windows\system32\drivers\avgbdiska.sys
19:23:18.0391 0x189c avgbdisk - ok
19:23:18.0563 0x189c [ 5A9E72C28F3165D4D087BA3399C8E298, F32933E74E3AC97FA5B3E50FB3054B7F2AA2B3BDBFBB65064F9E467928E2335D ] avgbIDSAgent C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
19:23:18.0735 0x189c avgbIDSAgent - ok
19:23:18.0750 0x189c [ 99EFE411CD3BBC244D80BF9BDDCD20BD, 6094A5C9AE55B6B74FBCF65A8B60E43072AFE2B4C8E16412EFE7D0276EE0DD25 ] avgbidsdriver C:\Windows\system32\drivers\avgbidsdrivera.sys
19:23:18.0781 0x189c avgbidsdriver - ok
19:23:18.0797 0x189c [ 185EE4B5477026A7A76FD4AF278274E7, 0E06D8D0C378F9561D1A547BD14F9BD0A2542016BA55FF06D09E959F966ED04B ] avgbidsh C:\Windows\system32\drivers\avgbidsha.sys
19:23:18.0813 0x189c avgbidsh - ok
19:23:18.0828 0x189c [ F0EF5B8656D02C92074BB96A24351EE7, 81A331061CD31E846473415F2D5165235D022C6AF365A64DFAE9A7C320605B3E ] avgblog C:\Windows\system32\drivers\avgbloga.sys
19:23:18.0859 0x189c avgblog - ok
19:23:18.0859 0x189c [ 6F580D3E31D83CAC63B06F5BB092583D, 00F95FDC736F8F5401BAD6D047079C87BF6DA105C0257C36C02EC1DF95628DE8 ] avgbuniv C:\Windows\system32\drivers\avgbuniva.sys
19:23:18.0891 0x189c avgbuniv - ok
19:23:18.0891 0x189c [ 7A3061BD3B5A5E289EC70152D25AED93, D58367406400485DA17BB51A2A7DB09323D78314AE4285B8B327ED644E846EEF ] avgHwid C:\Windows\system32\drivers\avgHwid.sys
19:23:18.0922 0x189c avgHwid - ok
19:23:18.0922 0x189c [ 9A174F0D8078BE8B58A957B71EA54386, 065865012BB524C35A03A4E9C7E6BAD0869ED73D0C3CB3DA3F8AFE0FAAC2848B ] avgMonFlt C:\Windows\system32\drivers\avgMonFlt.sys
19:23:18.0953 0x189c avgMonFlt - ok
19:23:18.0953 0x189c [ 9EF290906C72E024D5B6704634D8E945, 40ECB3359B6D2E746FF17131CC086E616B5AC452496A755A2843C4F5B10C3264 ] avgRdr C:\Windows\system32\drivers\avgRdr2.sys
19:23:18.0984 0x189c avgRdr - ok
19:23:19.0000 0x189c [ DD9399F2556BE15FB7A4CF20FE529A78, 2DE6EE84D8CE2335CB983FE0AFEE60D75738FDA3881D333035F11391FCB3AAA4 ] avgRvrt C:\Windows\system32\drivers\avgRvrt.sys
19:23:19.0015 0x189c avgRvrt - ok
19:23:19.0047 0x189c [ ABF8F16E2AF6D89CE5CBAE4178A91DA2, E532376782CF79F93002261658CD7326B1B83DD54554750DA8E5016F5E42A9EA ] avgSnx C:\Windows\system32\drivers\avgSnx.sys
19:23:19.0109 0x189c avgSnx - ok
19:23:19.0125 0x189c [ C67B1C3B5DF55A5CFA5766B8A63AF6C1, B12EB7C577565EBBA95F09F7B88DA473BBCCBFEB20B92C70A88E79F2A53BBD08 ] avgSP C:\Windows\system32\drivers\avgSP.sys
19:23:19.0187 0x189c avgSP - ok
19:23:19.0187 0x189c [ 301B4E533FE6B3BAB8642BE628BF65A8, 84032EF2F0DD620DE1DF0EC60ACB45ABFFED3CF43F8C947F888BEA17E18C4D9F ] avgStm C:\Windows\system32\drivers\avgStm.sys
19:23:19.0203 0x189c avgStm - ok
19:23:19.0234 0x189c [ BC1D6B5C68920EAF9FC9B77AC1F12626, 9D8C30C648F752FB230BD1D7193B7049C184697A8F5B19B72A9D73D06EEB28B4 ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
19:23:19.0281 0x189c avgsvc - ok
19:23:19.0296 0x189c [ 160DDFA2AF51C16EB2580B1F00F5381B, C3D10A9F39CC33495A07164808C2FB423BE0371AB40E88FA3A213CC7D16454D0 ] avgVmm C:\Windows\system32\drivers\avgVmm.sys
19:23:19.0327 0x189c avgVmm - ok
19:23:19.0327 0x189c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:23:19.0359 0x189c AxInstSV - ok
19:23:19.0374 0x189c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:23:19.0421 0x189c b06bdrv - ok
19:23:19.0421 0x189c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:23:19.0468 0x189c b57nd60a - ok
19:23:19.0468 0x189c [ EFA2CB48C41C7732F7770DABD88176D4, F32BA01E22381F60DF81A1A508064233096ADAA9DCB99C38992A25BF15A1A8D1 ] Backup Service Home-Dienst C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe
19:23:19.0468 0x189c Backup Service Home-Dienst - detected UnsignedFile.Multi.Generic ( 1 )
19:23:19.0468 0x189c Detect skipped due to KSN trusted
19:23:19.0468 0x189c Backup Service Home-Dienst - ok
19:23:19.0483 0x189c [ 2E552B658273B90251E0441631DE2CA3, EE6D42A9D95E8D53B5DBF9A3F195C63505CCB9C59C63E4BF7014CDC528217723 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:23:19.0483 0x189c BcmSqlStartupSvc - ok
19:23:19.0499 0x189c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:23:19.0515 0x189c BDESVC - ok
19:23:19.0515 0x189c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:23:19.0561 0x189c Beep - ok
19:23:19.0577 0x189c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:23:19.0608 0x189c BFE - ok
19:23:19.0639 0x189c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:23:19.0686 0x189c BITS - ok
19:23:19.0702 0x189c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:23:19.0717 0x189c blbdrive - ok
19:23:19.0733 0x189c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:23:19.0749 0x189c Bonjour Service - ok
19:23:19.0764 0x189c [ 21181E0CE0117A6432BF1010A554D76C, D19EB796B340CC95E9EEB38077913C5F060936D9E584A6C6378903952FF653CC ] BootRacerServ C:\Program Files (x86)\BootRacer\BootRacerServ.exe
19:23:19.0764 0x189c BootRacerServ - ok
19:23:19.0780 0x189c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:23:19.0811 0x189c bowser - ok
19:23:19.0811 0x189c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:23:19.0842 0x189c BrFiltLo - ok
19:23:19.0842 0x189c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:23:19.0858 0x189c BrFiltUp - ok
19:23:19.0873 0x189c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:23:19.0920 0x189c BridgeMP - ok
19:23:19.0920 0x189c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:23:19.0936 0x189c Browser - ok
19:23:19.0951 0x189c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:23:19.0998 0x189c Brserid - ok
19:23:19.0998 0x189c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:23:20.0029 0x189c BrSerWdm - ok
19:23:20.0029 0x189c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:23:20.0061 0x189c BrUsbMdm - ok
19:23:20.0061 0x189c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:23:20.0092 0x189c BrUsbSer - ok
19:23:20.0092 0x189c [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:23:20.0139 0x189c BTATH_A2DP - ok
19:23:20.0139 0x189c [ A9DF22429E8D69ED849B0BBBE16BD327, 853A2F34EDBE62889769B6B75B50A6E57971279EAF3936E03EF46D311B5483C5 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:23:20.0170 0x189c BTATH_BUS - ok
19:23:20.0170 0x189c [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:23:20.0201 0x189c BTATH_HCRP - ok
19:23:20.0217 0x189c [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:23:20.0248 0x189c BTATH_LWFLT - ok
19:23:20.0248 0x189c [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:23:20.0279 0x189c BTATH_RCP - ok
19:23:20.0295 0x189c [ FF59EE1DDAC776246F43BF434194650F, 1033E459007BBC85623236AC538BBC8B7D5A718F40E501996FE5508B1116B103 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:23:20.0326 0x189c BtFilter - ok
19:23:20.0341 0x189c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:23:20.0373 0x189c BthEnum - ok
19:23:20.0373 0x189c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:23:20.0404 0x189c BTHMODEM - ok
19:23:20.0404 0x189c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:23:20.0435 0x189c BthPan - ok
19:23:20.0451 0x189c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:23:20.0497 0x189c BTHPORT - ok
19:23:20.0497 0x189c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:23:20.0529 0x189c bthserv - ok
19:23:20.0544 0x189c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:23:20.0560 0x189c BTHUSB - ok
19:23:20.0575 0x189c catchme - ok
19:23:20.0575 0x189c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:23:20.0622 0x189c cdfs - ok
19:23:20.0622 0x189c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:23:20.0653 0x189c cdrom - ok
19:23:20.0669 0x189c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:23:20.0700 0x189c CertPropSvc - ok
19:23:20.0700 0x189c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:23:20.0731 0x189c circlass - ok
19:23:20.0731 0x189c [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
19:23:20.0778 0x189c CLFS - ok
19:23:20.0794 0x189c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:23:20.0809 0x189c clr_optimization_v2.0.50727_32 - ok
19:23:20.0809 0x189c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:23:20.0825 0x189c clr_optimization_v2.0.50727_64 - ok
19:23:20.0825 0x189c [ 40554ADA608F31A73BC002041BFBCED4, 8A4FB3B824EC49392A206BF14381AAE389C0E683B4ED0E89F5362746222E1FBA ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:23:20.0841 0x189c clr_optimization_v4.0.30319_32 - ok
19:23:20.0856 0x189c [ 7CD17E6A27D64F672DEA52E9D144B08E, 566CB07531BEBFB704E2BE2D33F49B5D9F962D7931B2BABC1BA2F4015C651CBE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:23:20.0872 0x189c clr_optimization_v4.0.30319_64 - ok
19:23:20.0872 0x189c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:23:20.0903 0x189c CmBatt - ok
19:23:20.0903 0x189c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:23:20.0934 0x189c cmdide - ok
19:23:20.0934 0x189c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
19:23:20.0981 0x189c CNG - ok
19:23:20.0997 0x189c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:23:21.0012 0x189c Compbatt - ok
19:23:21.0012 0x189c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:23:21.0043 0x189c CompositeBus - ok
19:23:21.0043 0x189c COMSysApp - ok
19:23:21.0059 0x189c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:23:21.0075 0x189c crcdisk - ok
19:23:21.0090 0x189c [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:23:21.0106 0x189c CryptSvc - ok
19:23:21.0121 0x189c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
19:23:21.0168 0x189c CSC - ok
19:23:21.0184 0x189c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
19:23:21.0215 0x189c CscService - ok
19:23:21.0231 0x189c [ BC3D4F90978CD7C8EABD1BAF3BF7873A, 5978139650FC51BE0CAB12061702C7BC7BEDF6E7C3A047FF0A6328AA674E4226 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:23:21.0262 0x189c CtClsFlt - ok
19:23:21.0277 0x189c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:23:21.0309 0x189c DcomLaunch - ok
19:23:21.0324 0x189c [ 3802CBF4BDDE6F99974B27EE1782E5F9, 51562209E16A1C0247D73D7BFC8827AE4A2E57AF11350379A8FBA1EC44E56E54 ] DDDriver C:\Windows\system32\drivers\DDDriver64Dcsa.sys
19:23:21.0340 0x189c DDDriver - ok
19:23:21.0355 0x189c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:23:21.0387 0x189c defragsvc - ok
19:23:21.0449 0x189c [ 19C5F4EBA0B9670A923EEDCD97526B3A, 6D02BC69FD8D2099098255C7776E90FD98CAB343473D92238CB5F7DE9B080A89 ] DellDataVault C:\Program Files\Dell\DellDataVault\DellDataVault.exe
19:23:21.0543 0x189c DellDataVault - ok
19:23:21.0558 0x189c [ 5F57C0E23FB5FC5F3DDE5ACAF5D299D7, 381EB4B54B77CA061AFA484F5BF98B2518D3C7FD54406631C6C7F43E3132C4A3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
19:23:21.0574 0x189c DellDataVaultWiz - ok
19:23:21.0574 0x189c [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf C:\Windows\system32\drivers\DellProf.sys
19:23:21.0605 0x189c DellProf - ok
19:23:21.0605 0x189c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:23:21.0636 0x189c DfsC - ok
19:23:21.0652 0x189c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:23:21.0667 0x189c Dhcp - ok
19:23:21.0699 0x189c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
19:23:21.0745 0x189c DiagTrack - ok
19:23:21.0761 0x189c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:23:21.0792 0x189c discache - ok
19:23:21.0808 0x189c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:23:21.0839 0x189c Disk - ok
19:23:21.0839 0x189c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:23:21.0870 0x189c dmvsc - ok
19:23:21.0870 0x189c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:23:21.0886 0x189c Dnscache - ok
19:23:21.0901 0x189c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:23:21.0933 0x189c dot3svc - ok
19:23:21.0948 0x189c [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:23:21.0979 0x189c dot4 - ok
19:23:21.0979 0x189c [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:23:22.0011 0x189c Dot4Print - ok
19:23:22.0011 0x189c [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
19:23:22.0042 0x189c Dot4Scan - ok
19:23:22.0042 0x189c [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:23:22.0073 0x189c dot4usb - ok
19:23:22.0089 0x189c [ C43618154FC0C8480F53B04BA7A2F371, 400FFAF385030DBAC4D8EF6A5A88B1FCA52BE7BE5430069C99E56DED3471E7A6 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
19:23:22.0104 0x189c DpHost - ok
19:23:22.0120 0x189c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:23:22.0151 0x189c DPS - ok
19:23:22.0151 0x189c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:23:22.0182 0x189c drmkaud - ok
19:23:22.0213 0x189c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:23:22.0276 0x189c DXGKrnl - ok
19:23:22.0291 0x189c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:23:22.0323 0x189c EapHost - ok
19:23:22.0401 0x189c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:23:22.0494 0x189c ebdrv - ok
19:23:22.0510 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] EFS C:\Windows\System32\lsass.exe
19:23:22.0525 0x189c EFS - ok
19:23:22.0541 0x189c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:23:22.0588 0x189c ehRecvr - ok
19:23:22.0588 0x189c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:23:22.0603 0x189c ehSched - ok
19:23:22.0619 0x189c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:23:22.0666 0x189c elxstor - ok
19:23:22.0666 0x189c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:23:22.0697 0x189c ErrDev - ok
19:23:22.0697 0x189c [ 309FF80375E789534B31391C062F0C97, 0AF13C1346B45077ABBEDE24FBB8365B73D291B5959690DA2FD1FB5126D76508 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
19:23:22.0744 0x189c ESProtectionDriver - ok
19:23:22.0759 0x189c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:23:22.0791 0x189c EventSystem - ok
19:23:22.0806 0x189c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:23:22.0853 0x189c exfat - ok
19:23:22.0869 0x189c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:23:22.0915 0x189c fastfat - ok
19:23:22.0931 0x189c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:23:22.0962 0x189c Fax - ok
19:23:22.0962 0x189c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:23:22.0993 0x189c fdc - ok
19:23:22.0993 0x189c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:23:23.0025 0x189c fdPHost - ok
19:23:23.0040 0x189c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:23:23.0071 0x189c FDResPub - ok
19:23:23.0071 0x189c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:23:23.0103 0x189c FileInfo - ok
19:23:23.0103 0x189c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:23:23.0149 0x189c Filetrace - ok
19:23:23.0165 0x189c [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:23:23.0196 0x189c FLEXnet Licensing Service - ok
19:23:23.0196 0x189c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:23:23.0227 0x189c flpydisk - ok
19:23:23.0227 0x189c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:23:23.0259 0x189c FltMgr - ok
19:23:23.0290 0x189c [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache C:\Windows\system32\FntCache.dll
19:23:23.0337 0x189c FontCache - ok
19:23:23.0337 0x189c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:23:23.0352 0x189c FontCache3.0.0.0 - ok
19:23:23.0352 0x189c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:23:23.0383 0x189c FsDepends - ok
19:23:23.0383 0x189c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:23:23.0399 0x189c Fs_Rec - ok
19:23:23.0415 0x189c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:23:23.0446 0x189c fvevol - ok
19:23:23.0461 0x189c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:23:23.0477 0x189c gagp30kx - ok
19:23:23.0493 0x189c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:23:23.0508 0x189c GEARAspiWDM - ok
19:23:23.0539 0x189c [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:23:23.0571 0x189c GfExperienceService - ok
19:23:23.0602 0x189c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
19:23:23.0633 0x189c gpsvc - ok
19:23:23.0633 0x189c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:23:23.0664 0x189c hcw85cir - ok
19:23:23.0664 0x189c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:23:23.0695 0x189c HDAudBus - ok
19:23:23.0711 0x189c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:23:23.0727 0x189c HidBatt - ok
19:23:23.0742 0x189c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:23:23.0773 0x189c HidBth - ok
19:23:23.0773 0x189c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:23:23.0805 0x189c HidIr - ok
19:23:23.0805 0x189c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:23:23.0836 0x189c hidserv - ok
19:23:23.0851 0x189c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:23:23.0867 0x189c HidUsb - ok
19:23:23.0883 0x189c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:23:23.0914 0x189c hkmsvc - ok
19:23:23.0914 0x189c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:23:23.0945 0x189c HomeGroupListener - ok
19:23:23.0945 0x189c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:23:23.0961 0x189c HomeGroupProvider - ok
19:23:23.0976 0x189c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:23:23.0992 0x189c HpSAMD - ok
19:23:24.0023 0x189c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:23:24.0070 0x189c HTTP - ok
19:23:24.0085 0x189c hwdatacard - ok
19:23:24.0085 0x189c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:23:24.0101 0x189c hwpolicy - ok
19:23:24.0101 0x189c hwusbdev - ok
19:23:24.0117 0x189c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:23:24.0148 0x189c i8042prt - ok
19:23:24.0163 0x189c [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:23:24.0195 0x189c iaStor - ok
19:23:24.0210 0x189c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:23:24.0257 0x189c iaStorV - ok
19:23:24.0273 0x189c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:23:24.0304 0x189c idsvc - ok
19:23:24.0304 0x189c IEEtwCollectorService - ok
19:23:24.0553 0x189c [ 0BD58366C86EF9DDC4F61AFED0CADA99, 2C4ADD577872DF0E9DE7664FA4293B8E335E18055E346B5BF644544840E420EF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:23:24.0865 0x189c igfx - ok
19:23:24.0881 0x189c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:23:24.0897 0x189c iirsp - ok
19:23:24.0928 0x189c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:23:24.0959 0x189c IKEEXT - ok
19:23:24.0975 0x189c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys
19:23:24.0990 0x189c Impcd - ok
19:23:25.0053 0x189c [ 1B491F385EE96F9D9EE4CB430C8CD29E, 06CA97FC494F3B3FE422F1242856B643EE210959DCB6E8298254306145B688AF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:23:25.0131 0x189c IntcAzAudAddService - ok
19:23:25.0131 0x189c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:23:25.0162 0x189c intelide - ok
19:23:25.0162 0x189c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:23:25.0193 0x189c intelppm - ok
19:23:25.0193 0x189c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:23:25.0240 0x189c IPBusEnum - ok
19:23:25.0240 0x189c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:23:25.0287 0x189c IpFilterDriver - ok
19:23:25.0302 0x189c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:23:25.0333 0x189c iphlpsvc - ok
19:23:25.0333 0x189c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:23:25.0365 0x189c IPMIDRV - ok
19:23:25.0365 0x189c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:23:25.0411 0x189c IPNAT - ok
19:23:25.0427 0x189c [ 97C9EBB84A761D48DC17E0E6B913C164, D195A8410E1FEED1A0EE9C5F5AF6F5FC861284765A38D460D496CE1048501905 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:23:25.0458 0x189c iPod Service - ok
19:23:25.0458 0x189c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:23:25.0489 0x189c IRENUM - ok
19:23:25.0489 0x189c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:23:25.0521 0x189c isapnp - ok
19:23:25.0521 0x189c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:23:25.0567 0x189c iScsiPrt - ok
19:23:25.0567 0x189c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:23:25.0599 0x189c kbdclass - ok
19:23:25.0599 0x189c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:23:25.0630 0x189c kbdhid - ok
19:23:25.0630 0x189c [ 14959E4D0D8FA7D1F7772D4A746BACBA, 5DB2127CB1A7FDFD0BA6ACCC5CF503A51027958A5BA0F6749935263BFCA718CE ] KDService C:\Program Files\KDService\bin\KDService.exe
19:23:25.0661 0x189c KDService - detected UnsignedFile.Multi.Generic ( 1 )
19:23:25.0708 0x189c KDService ( UnsignedFile.Multi.Generic ) - warning
19:23:25.0817 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] KeyIso C:\Windows\system32\lsass.exe
19:23:25.0848 0x189c KeyIso - ok
19:23:25.0864 0x189c [ 3AAA10BAF3F194F7CD34F4C78F8222EE, 25AE0B764748B13C7F093966E228D506072E270379A5E751F1ED619DEFB40814 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:23:25.0879 0x189c KSecDD - ok
19:23:25.0879 0x189c [ 7B7C28D4E71E4A4365F2B7528DA619F8, 0A507468C6A49870F794F28FF274643FE8FD238A3A9BE86C8656882F237DE77B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:23:25.0911 0x189c KSecPkg - ok
19:23:25.0911 0x189c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:23:25.0957 0x189c ksthunk - ok
19:23:25.0973 0x189c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:23:26.0004 0x189c KtmRm - ok
19:23:26.0020 0x189c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:23:26.0051 0x189c LanmanServer - ok
19:23:26.0067 0x189c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:23:26.0098 0x189c LanmanWorkstation - ok
19:23:26.0160 0x189c [ 9221BD3515C49AED30FA88152BFD7168, CD23280C8A1AE00EEEBFC74D403EDE0BF6CB03DDDC3CB971338A7C9FB76CD7F3 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
19:23:26.0207 0x189c LiveUpdateSvc - ok
19:23:26.0223 0x189c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:23:26.0269 0x189c lltdio - ok
19:23:26.0269 0x189c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:23:26.0316 0x189c lltdsvc - ok
19:23:26.0316 0x189c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:23:26.0347 0x189c lmhosts - ok
19:23:26.0363 0x189c [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:23:26.0379 0x189c LMS - ok
19:23:26.0379 0x189c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:23:26.0410 0x189c LSI_FC - ok
19:23:26.0410 0x189c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:23:26.0441 0x189c LSI_SAS - ok
19:23:26.0441 0x189c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:23:26.0472 0x189c LSI_SAS2 - ok
19:23:26.0472 0x189c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:23:26.0503 0x189c LSI_SCSI - ok
19:23:26.0519 0x189c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:23:26.0566 0x189c luafv - ok
19:23:26.0566 0x189c [ 94350777ED760B67A4975DD5E4676FF2, EC9401106C6DCF71A444FE64F57AB17ED88A1EC0C59A9F1BF95FE7276C1094D7 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
19:23:26.0581 0x189c MbaeSvc - ok
19:23:26.0597 0x189c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:23:26.0628 0x189c MBAMSwissArmy - ok
19:23:26.0628 0x189c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:23:26.0644 0x189c Mcx2Svc - ok
19:23:26.0659 0x189c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:23:26.0675 0x189c megasas - ok
19:23:26.0691 0x189c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:23:26.0722 0x189c MegaSR - ok
19:23:26.0722 0x189c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:23:26.0753 0x189c MEIx64 - ok
19:23:26.0753 0x189c Microsoft SharePoint Workspace Audit Service - ok
19:23:26.0753 0x189c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:23:26.0800 0x189c MMCSS - ok
19:23:26.0800 0x189c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:23:26.0847 0x189c Modem - ok
19:23:26.0847 0x189c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:23:26.0878 0x189c monitor - ok
19:23:26.0878 0x189c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:23:26.0909 0x189c mouclass - ok
19:23:26.0909 0x189c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:23:26.0940 0x189c mouhid - ok
19:23:26.0940 0x189c [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:23:26.0971 0x189c mountmgr - ok
19:23:26.0971 0x189c [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:23:26.0987 0x189c MozillaMaintenance - ok
19:23:27.0003 0x189c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:23:27.0034 0x189c mpio - ok
19:23:27.0034 0x189c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:23:27.0081 0x189c mpsdrv - ok
19:23:27.0112 0x189c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:23:27.0159 0x189c MpsSvc - ok
19:23:27.0159 0x189c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:23:27.0190 0x189c MRxDAV - ok
19:23:27.0205 0x189c [ 819426D736BCBD31CC7CA27221954E04, 0C4AADEFE282D89EA4A523BDA7B6BB948247F50253D7D0B90C8FC46C4DEEF835 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:23:27.0237 0x189c mrxsmb - ok
19:23:27.0237 0x189c [ 85CB449B319AF69A3538BB1B97EEA2E5, DB75D56A7E631F57D31957105422811C738E96E5B84480C3346B827ACF280E12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:23:27.0283 0x189c mrxsmb10 - ok
19:23:27.0283 0x189c [ C0B2DC34587FE163997055AA38EB883A, A0BFD0CF873CCEF266606ADE1A4DA69DF757A67D8AD28330272AFEABD7F481D5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:23:27.0315 0x189c mrxsmb20 - ok
19:23:27.0315 0x189c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:23:27.0346 0x189c msahci - ok
19:23:27.0346 0x189c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:23:27.0377 0x189c msdsm - ok
19:23:27.0377 0x189c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:23:27.0408 0x189c MSDTC - ok
19:23:27.0408 0x189c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:23:27.0455 0x189c Msfs - ok
19:23:27.0455 0x189c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:23:27.0502 0x189c mshidkmdf - ok
19:23:27.0502 0x189c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:23:27.0533 0x189c msisadrv - ok
19:23:27.0533 0x189c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:23:27.0580 0x189c MSiSCSI - ok
19:23:27.0580 0x189c msiserver - ok
19:23:27.0580 0x189c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:23:27.0627 0x189c MSKSSRV - ok
19:23:27.0627 0x189c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:23:27.0673 0x189c MSPCLOCK - ok
19:23:27.0673 0x189c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:23:27.0720 0x189c MSPQM - ok
19:23:27.0736 0x189c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:23:27.0767 0x189c MsRPC - ok
19:23:27.0767 0x189c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:23:27.0798 0x189c mssmbios - ok
19:23:27.0798 0x189c MSSQL$MSSMLBIZ - ok
19:23:27.0798 0x189c [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:23:27.0814 0x189c MSSQLServerADHelper100 - ok
19:23:27.0814 0x189c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:23:27.0861 0x189c MSTEE - ok
19:23:27.0861 0x189c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:23:27.0892 0x189c MTConfig - ok
19:23:27.0892 0x189c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:23:27.0923 0x189c Mup - ok
19:23:27.0939 0x189c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:23:27.0985 0x189c napagent - ok
19:23:27.0985 0x189c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:23:28.0032 0x189c NativeWifiP - ok
19:23:28.0048 0x189c [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:23:28.0079 0x189c NAUpdate - ok
19:23:28.0110 0x189c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:23:28.0173 0x189c NDIS - ok
19:23:28.0173 0x189c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:23:28.0219 0x189c NdisCap - ok
19:23:28.0219 0x189c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:23:28.0266 0x189c NdisTapi - ok
19:23:28.0266 0x189c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:23:28.0313 0x189c Ndisuio - ok
19:23:28.0329 0x189c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:23:28.0375 0x189c NdisWan - ok
19:23:28.0375 0x189c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:23:28.0422 0x189c NDProxy - ok
19:23:28.0422 0x189c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:23:28.0469 0x189c NetBIOS - ok
19:23:28.0485 0x189c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:23:28.0516 0x189c NetBT - ok
19:23:28.0516 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] Netlogon C:\Windows\system32\lsass.exe
19:23:28.0547 0x189c Netlogon - ok
19:23:28.0547 0x189c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:23:28.0594 0x189c Netman - ok
19:23:28.0594 0x189c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:23:28.0609 0x189c NetMsmqActivator - ok
19:23:28.0625 0x189c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:23:28.0641 0x189c NetPipeActivator - ok
19:23:28.0641 0x189c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:23:28.0687 0x189c netprofm - ok
19:23:28.0703 0x189c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:23:28.0719 0x189c NetTcpActivator - ok
19:23:28.0719 0x189c [ 58EB8F52D1F17AF2F6EF9CCE7838D0F8, 6AAEA7AC36F56C7CED5DE8BA8B46716C3E8D0A418D862F4D3C84AD022659456A ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:23:28.0734 0x189c NetTcpPortSharing - ok
19:23:28.0734 0x189c [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
19:23:28.0765 0x189c netvsc - ok
19:23:28.0781 0x189c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:23:28.0797 0x189c nfrd960 - ok
19:23:28.0812 0x189c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:23:28.0843 0x189c NlaSvc - ok
19:23:28.0843 0x189c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:23:28.0890 0x189c Npfs - ok
19:23:28.0890 0x189c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:23:28.0937 0x189c nsi - ok
19:23:28.0937 0x189c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:23:28.0984 0x189c nsiproxy - ok
19:23:29.0015 0x189c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:23:29.0109 0x189c Ntfs - ok
19:23:29.0124 0x189c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:23:29.0171 0x189c Null - ok
19:23:29.0171 0x189c [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
19:23:29.0202 0x189c nusb3hub - ok
19:23:29.0202 0x189c [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:23:29.0233 0x189c nusb3xhc - ok
19:23:29.0249 0x189c [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:23:29.0265 0x189c NVHDA - ok
19:23:29.0265 0x189c [ 1348CB0F39D14E3A89C19E7AF6D276ED, 25579FAE5407FBE0494B0F44DA8B1B14FB13BA051CB1BFABE6673AECF4BEE6DB ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
19:23:29.0311 0x189c nvkflt - ok
19:23:29.0561 0x189c [ 6DDB922F08C17C342F1FB868D7EB22CD, A62E476FD377EA9974122DC7C426735B6BE5CECCD0D3DA22502DF7CBB208B49E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:23:29.0842 0x189c nvlddmkm - ok
19:23:29.0904 0x189c [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:23:29.0951 0x189c NvNetworkService - ok
19:23:29.0951 0x189c [ CC0F5EE56A816A417C223BE5BEA2A82D, F6A8CF3C5B6E103F92FA33669AF23E8136C5DD3A2B1B140A8C60D431E1DFF511 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
19:23:29.0982 0x189c nvpciflt - ok
19:23:29.0982 0x189c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:23:30.0013 0x189c nvraid - ok
19:23:30.0029 0x189c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:23:30.0060 0x189c nvstor - ok
19:23:30.0060 0x189c [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:23:30.0076 0x189c NvStreamKms - ok
19:23:30.0247 0x189c [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:23:30.0435 0x189c NvStreamNetworkSvc - ok
19:23:30.0575 0x189c [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:23:30.0715 0x189c NvStreamSvc - ok
19:23:30.0747 0x189c [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] NVSvc C:\Windows\system32\nvvsvc.exe
19:23:30.0778 0x189c NVSvc - ok
19:23:30.0793 0x189c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:23:30.0809 0x189c nvvad_WaveExtensible - ok
19:23:30.0825 0x189c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:23:30.0856 0x189c nv_agp - ok
19:23:30.0856 0x189c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:23:30.0887 0x189c ohci1394 - ok
19:23:30.0887 0x189c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:23:30.0903 0x189c ose - ok
19:23:31.0012 0x189c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:23:31.0121 0x189c osppsvc - ok
19:23:31.0137 0x189c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:23:31.0168 0x189c p2pimsvc - ok
19:23:31.0183 0x189c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:23:31.0199 0x189c p2psvc - ok
19:23:31.0215 0x189c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:23:31.0246 0x189c Parport - ok
19:23:31.0261 0x189c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:23:31.0277 0x189c partmgr - ok
19:23:31.0293 0x189c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
19:23:31.0308 0x189c PcaSvc - ok
19:23:31.0324 0x189c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:23:31.0355 0x189c pci - ok
19:23:31.0355 0x189c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:23:31.0386 0x189c pciide - ok
19:23:31.0386 0x189c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:23:31.0417 0x189c pcmcia - ok
19:23:31.0433 0x189c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:23:31.0449 0x189c pcw - ok
19:23:31.0464 0x189c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:23:31.0495 0x189c PEAUTH - ok
19:23:31.0527 0x189c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:23:31.0573 0x189c PeerDistSvc - ok
19:23:31.0605 0x189c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:23:31.0620 0x189c PerfHost - ok
19:23:31.0651 0x189c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:23:31.0714 0x189c pla - ok
19:23:31.0729 0x189c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:23:31.0761 0x189c PlugPlay - ok
19:23:31.0761 0x189c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:23:31.0776 0x189c PNRPAutoReg - ok
19:23:31.0792 0x189c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:23:31.0807 0x189c PNRPsvc - ok
19:23:31.0823 0x189c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:23:31.0854 0x189c PolicyAgent - ok
19:23:31.0854 0x189c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:23:31.0901 0x189c Power - ok
19:23:31.0901 0x189c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:23:31.0948 0x189c PptpMiniport - ok
19:23:31.0963 0x189c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:23:31.0979 0x189c Processor - ok
19:23:31.0995 0x189c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:23:32.0010 0x189c ProfSvc - ok
19:23:32.0026 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:23:32.0041 0x189c ProtectedStorage - ok
19:23:32.0041 0x189c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched
|
|
18.03.2017, 20:45
| #7 |
| | IObit wird als Malware erkannt?Code:
ATTFilter C:\Windows\system32\DRIVERS\pacer.sys
19:23:32.0088 0x189c Psched - ok
19:23:32.0088 0x189c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:23:32.0119 0x189c PxHlpa64 - ok
19:23:32.0151 0x189c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:23:32.0244 0x189c ql2300 - ok
19:23:32.0244 0x189c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:23:32.0275 0x189c ql40xx - ok
19:23:32.0291 0x189c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:23:32.0307 0x189c QWAVE - ok
19:23:32.0322 0x189c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:23:32.0353 0x189c QWAVEdrv - ok
19:23:32.0431 0x189c [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
19:23:32.0525 0x189c Radio.fx - ok
19:23:32.0541 0x189c [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:23:32.0556 0x189c RapiMgr - ok
19:23:32.0556 0x189c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:23:32.0603 0x189c RasAcd - ok
19:23:32.0619 0x189c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:23:32.0665 0x189c RasAgileVpn - ok
19:23:32.0665 0x189c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:23:32.0697 0x189c RasAuto - ok
19:23:32.0712 0x189c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:23:32.0759 0x189c Rasl2tp - ok
19:23:32.0759 0x189c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:23:32.0806 0x189c RasMan - ok
19:23:32.0806 0x189c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:23:32.0853 0x189c RasPppoe - ok
19:23:32.0853 0x189c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:23:32.0899 0x189c RasSstp - ok
19:23:32.0915 0x189c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:23:32.0977 0x189c rdbss - ok
19:23:32.0977 0x189c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:23:33.0009 0x189c rdpbus - ok
19:23:33.0009 0x189c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:23:33.0055 0x189c RDPCDD - ok
19:23:33.0055 0x189c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:23:33.0087 0x189c RDPDR - ok
19:23:33.0087 0x189c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:23:33.0133 0x189c RDPENCDD - ok
19:23:33.0133 0x189c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:23:33.0180 0x189c RDPREFMP - ok
19:23:33.0196 0x189c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:23:33.0211 0x189c RdpVideoMiniport - ok
19:23:33.0227 0x189c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:23:33.0258 0x189c RDPWD - ok
19:23:33.0274 0x189c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:23:33.0305 0x189c rdyboost - ok
19:23:33.0305 0x189c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:23:33.0336 0x189c RemoteAccess - ok
19:23:33.0352 0x189c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:23:33.0383 0x189c RemoteRegistry - ok
19:23:33.0399 0x189c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:23:33.0430 0x189c RFCOMM - ok
19:23:33.0430 0x189c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:23:33.0461 0x189c RpcEptMapper - ok
19:23:33.0461 0x189c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:23:33.0492 0x189c RpcLocator - ok
19:23:33.0492 0x189c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:23:33.0539 0x189c RpcSs - ok
19:23:33.0555 0x189c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:23:33.0586 0x189c rspndr - ok
19:23:33.0601 0x189c [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:23:33.0633 0x189c RSUSBSTOR - ok
19:23:33.0648 0x189c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:23:33.0695 0x189c RTL8167 - ok
19:23:33.0695 0x189c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:23:33.0726 0x189c s3cap - ok
19:23:33.0726 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] SamSs C:\Windows\system32\lsass.exe
19:23:33.0742 0x189c SamSs - ok
19:23:33.0757 0x189c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:23:33.0773 0x189c sbp2port - ok
19:23:33.0789 0x189c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:23:33.0820 0x189c SCardSvr - ok
19:23:33.0820 0x189c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:23:33.0867 0x189c scfilter - ok
19:23:33.0898 0x189c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:23:33.0945 0x189c Schedule - ok
19:23:33.0945 0x189c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:23:33.0976 0x189c SCPolicySvc - ok
19:23:33.0991 0x189c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:23:34.0007 0x189c SDRSVC - ok
19:23:34.0007 0x189c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:23:34.0038 0x189c secdrv - ok
19:23:34.0038 0x189c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
19:23:34.0054 0x189c seclogon - ok
19:23:34.0069 0x189c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:23:34.0101 0x189c SENS - ok
19:23:34.0101 0x189c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:23:34.0132 0x189c SensrSvc - ok
19:23:34.0132 0x189c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:23:34.0147 0x189c Serenum - ok
19:23:34.0163 0x189c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
19:23:34.0194 0x189c Serial - ok
19:23:34.0194 0x189c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:23:34.0225 0x189c sermouse - ok
19:23:34.0225 0x189c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:23:34.0272 0x189c SessionEnv - ok
19:23:34.0272 0x189c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:23:34.0303 0x189c sffdisk - ok
19:23:34.0303 0x189c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:23:34.0335 0x189c sffp_mmc - ok
19:23:34.0335 0x189c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:23:34.0366 0x189c sffp_sd - ok
19:23:34.0366 0x189c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:23:34.0397 0x189c sfloppy - ok
19:23:34.0413 0x189c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:23:34.0444 0x189c SharedAccess - ok
19:23:34.0459 0x189c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:23:34.0506 0x189c ShellHWDetection - ok
19:23:34.0506 0x189c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:23:34.0537 0x189c SiSRaid2 - ok
19:23:34.0537 0x189c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:23:34.0569 0x189c SiSRaid4 - ok
19:23:34.0569 0x189c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:23:34.0615 0x189c Smb - ok
19:23:34.0631 0x189c [ B2C19AE46C5A109679B4FB38058DF05A, 93DD4D356650C51348795653286E6C627FF5F7071F2787DF7C50B75A3120E308 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
19:23:34.0662 0x189c snapman - ok
19:23:34.0662 0x189c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:23:34.0678 0x189c SNMPTRAP - ok
19:23:34.0693 0x189c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:23:34.0709 0x189c spldr - ok
19:23:34.0725 0x189c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:23:34.0756 0x189c Spooler - ok
19:23:34.0834 0x189c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:23:34.0943 0x189c sppsvc - ok
19:23:34.0943 0x189c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:23:34.0990 0x189c sppuinotify - ok
19:23:34.0990 0x189c [ 8211A6F40B5EA8BF21C41F34C2895A6C, F394A78F80B0D7DA043AF39E99B2C16EA0CBF4AD4BFD61CFBA5ED08FB25E11C4 ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
19:23:35.0021 0x189c SQLAgent$MSSMLBIZ - ok
19:23:35.0021 0x189c [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:23:35.0037 0x189c SQLBrowser - ok
19:23:35.0052 0x189c [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:23:35.0068 0x189c SQLWriter - ok
19:23:35.0068 0x189c [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:23:35.0115 0x189c srv - ok
19:23:35.0130 0x189c [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:23:35.0161 0x189c srv2 - ok
19:23:35.0177 0x189c [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:23:35.0208 0x189c srvnet - ok
19:23:35.0208 0x189c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:23:35.0255 0x189c SSDPSRV - ok
19:23:35.0255 0x189c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:23:35.0286 0x189c SstpSvc - ok
19:23:35.0286 0x189c [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
19:23:35.0317 0x189c stdcfltn - ok
19:23:35.0317 0x189c [ AE0F3FEC1A905293874657E584F647E1, D124640EDBFD37B904DFAD867CD0922AFF085B380115CD57C8EE01B72C1E2DA5 ] stdriver C:\Windows\system32\DRIVERS\stdriverx64.sys
19:23:35.0349 0x189c stdriver - ok
19:23:35.0349 0x189c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:23:35.0380 0x189c stexstor - ok
19:23:35.0380 0x189c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:23:35.0411 0x189c StillCam - ok
19:23:35.0427 0x189c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:23:35.0458 0x189c stisvc - ok
19:23:35.0458 0x189c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
19:23:35.0473 0x189c StorSvc - ok
19:23:35.0489 0x189c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:23:35.0505 0x189c storvsc - ok
19:23:35.0505 0x189c [ 4BBD324372664F7EC73E93553A92CD2C, 43DE2A7C3A8B64535E104E4FB8AB32AD93EFC10F2EAE3BF287A06A89C5998124 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
19:23:35.0520 0x189c SupportAssistAgent - ok
19:23:35.0536 0x189c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:23:35.0551 0x189c swenum - ok
19:23:35.0567 0x189c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:23:35.0614 0x189c swprv - ok
19:23:35.0614 0x189c [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
19:23:35.0645 0x189c SynthVid - ok
19:23:35.0692 0x189c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:23:35.0739 0x189c SysMain - ok
19:23:35.0754 0x189c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:23:35.0770 0x189c TabletInputService - ok
19:23:35.0785 0x189c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:23:35.0817 0x189c TapiSrv - ok
19:23:35.0832 0x189c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:23:35.0863 0x189c TBS - ok
19:23:35.0910 0x189c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:23:36.0004 0x189c Tcpip - ok
19:23:36.0051 0x189c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:23:36.0129 0x189c TCPIP6 - ok
19:23:36.0144 0x189c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:23:36.0160 0x189c tcpipreg - ok
19:23:36.0175 0x189c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:23:36.0207 0x189c TDPIPE - ok
19:23:36.0222 0x189c [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
19:23:36.0300 0x189c tdrpman273 - ok
19:23:36.0300 0x189c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:23:36.0331 0x189c TDTCP - ok
19:23:36.0347 0x189c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:23:36.0378 0x189c tdx - ok
19:23:36.0425 0x189c [ 641500967E5E87CF026DF0193AB84EA7, D69F231449DF14973BD5299736EA1600595257AA02AFEAF00034AD0F0DDC1BE2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:23:36.0503 0x189c TeamViewer7 - ok
19:23:36.0519 0x189c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:23:36.0534 0x189c TermDD - ok
19:23:36.0550 0x189c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:23:36.0581 0x189c TermService - ok
19:23:36.0581 0x189c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:23:36.0612 0x189c Themes - ok
19:23:36.0612 0x189c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:23:36.0643 0x189c THREADORDER - ok
19:23:36.0675 0x189c [ 2C1CAF5563548A15515EAB07D2A069C6, 863405BAC725C7DC6CC86613365A099A2370781018996DD3E74981565AD0DDF5 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
19:23:36.0737 0x189c timounter - ok
19:23:36.0737 0x189c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:23:36.0784 0x189c TrkWks - ok
19:23:36.0784 0x189c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:23:36.0815 0x189c TrustedInstaller - ok
19:23:36.0831 0x189c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:23:36.0846 0x189c tssecsrv - ok
19:23:36.0862 0x189c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:23:36.0893 0x189c TsUsbFlt - ok
19:23:36.0893 0x189c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:23:36.0924 0x189c TsUsbGD - ok
19:23:36.0924 0x189c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:23:36.0971 0x189c tunnel - ok
19:23:36.0987 0x189c [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:23:37.0002 0x189c TurboB - ok
19:23:37.0002 0x189c [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:23:37.0018 0x189c TurboBoost - ok
19:23:37.0033 0x189c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:23:37.0049 0x189c uagp35 - ok
19:23:37.0065 0x189c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:23:37.0127 0x189c udfs - ok
19:23:37.0127 0x189c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:23:37.0143 0x189c UI0Detect - ok
19:23:37.0158 0x189c [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\Windows\system32\DRIVERS\UimBus.sys
19:23:37.0189 0x189c UimBus - ok
19:23:37.0189 0x189c [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\Windows\system32\DRIVERS\uim_devim.sys
19:23:37.0205 0x189c Uim_DEVIM - ok
19:23:37.0221 0x189c [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\Windows\system32\DRIVERS\uim_im.sys
19:23:37.0267 0x189c Uim_IM - ok
19:23:37.0283 0x189c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:23:37.0314 0x189c uliagpkx - ok
19:23:37.0314 0x189c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:23:37.0345 0x189c umbus - ok
19:23:37.0345 0x189c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:23:37.0377 0x189c UmPass - ok
19:23:37.0377 0x189c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:23:37.0408 0x189c UmRdpService - ok
19:23:37.0455 0x189c [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:23:37.0533 0x189c UNS - ok
19:23:37.0533 0x189c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:23:37.0579 0x189c upnphost - ok
19:23:37.0579 0x189c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:23:37.0611 0x189c USBAAPL64 - ok
19:23:37.0626 0x189c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:23:37.0657 0x189c usbccgp - ok
19:23:37.0657 0x189c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:23:37.0689 0x189c usbcir - ok
19:23:37.0689 0x189c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:23:37.0720 0x189c usbehci - ok
19:23:37.0735 0x189c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:23:37.0782 0x189c usbhub - ok
19:23:37.0782 0x189c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:23:37.0813 0x189c usbohci - ok
19:23:37.0813 0x189c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:23:37.0845 0x189c usbprint - ok
19:23:37.0845 0x189c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:23:37.0876 0x189c USBSTOR - ok
19:23:37.0876 0x189c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:23:37.0907 0x189c usbuhci - ok
19:23:37.0923 0x189c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:23:37.0954 0x189c usbvideo - ok
19:23:37.0954 0x189c [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:23:37.0985 0x189c usb_rndisx - ok
19:23:37.0985 0x189c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:23:38.0016 0x189c UxSms - ok
19:23:38.0032 0x189c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] VaultSvc C:\Windows\system32\lsass.exe
19:23:38.0047 0x189c VaultSvc - ok
19:23:38.0110 0x189c [ 20BF96C13DB4BA085D98F4700F3B05FE, B239CB072E7ADB784D094B439AF5390D370F799D2DF4CB4AB781AE00A6810BBC ] vcsFPService C:\Windows\system32\vcsFPService.exe
19:23:38.0188 0x189c vcsFPService - ok
19:23:38.0188 0x189c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:23:38.0219 0x189c vdrvroot - ok
19:23:38.0235 0x189c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:23:38.0281 0x189c vds - ok
19:23:38.0281 0x189c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:23:38.0313 0x189c vga - ok
19:23:38.0313 0x189c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:23:38.0359 0x189c VgaSave - ok
19:23:38.0375 0x189c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:23:38.0406 0x189c vhdmp - ok
19:23:38.0406 0x189c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:23:38.0437 0x189c viaide - ok
19:23:38.0437 0x189c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:23:38.0469 0x189c VMBusHID - ok
19:23:38.0469 0x189c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:23:38.0500 0x189c volmgr - ok
19:23:38.0500 0x189c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:23:38.0547 0x189c volmgrx - ok
19:23:38.0547 0x189c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:23:38.0593 0x189c volsnap - ok
19:23:38.0593 0x189c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:23:38.0625 0x189c vsmraid - ok
19:23:38.0656 0x189c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:23:38.0734 0x189c VSS - ok
19:23:38.0734 0x189c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:23:38.0765 0x189c vwifibus - ok
19:23:38.0765 0x189c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:23:38.0796 0x189c vwififlt - ok
19:23:38.0812 0x189c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:23:38.0843 0x189c vwifimp - ok
19:23:38.0843 0x189c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:23:38.0890 0x189c W32Time - ok
19:23:38.0905 0x189c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:23:38.0921 0x189c WacomPen - ok
19:23:38.0937 0x189c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:23:38.0983 0x189c WANARP - ok
19:23:38.0983 0x189c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:23:39.0030 0x189c Wanarpv6 - ok
19:23:39.0061 0x189c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:23:39.0108 0x189c wbengine - ok
19:23:39.0124 0x189c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:23:39.0139 0x189c WbioSrvc - ok
19:23:39.0155 0x189c [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:23:39.0171 0x189c WcesComm - ok
19:23:39.0186 0x189c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:23:39.0217 0x189c wcncsvc - ok
19:23:39.0217 0x189c [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:23:39.0233 0x189c WcsPlugInService - ok
19:23:39.0249 0x189c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:23:39.0264 0x189c Wd - ok
19:23:39.0280 0x189c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:23:39.0342 0x189c Wdf01000 - ok
19:23:39.0342 0x189c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:23:39.0373 0x189c WdiServiceHost - ok
19:23:39.0373 0x189c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:23:39.0405 0x189c WdiSystemHost - ok
19:23:39.0405 0x189c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
19:23:39.0436 0x189c WebClient - ok
19:23:39.0451 0x189c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:23:39.0483 0x189c Wecsvc - ok
19:23:39.0483 0x189c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:23:39.0529 0x189c wercplsupport - ok
19:23:39.0529 0x189c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:23:39.0561 0x189c WerSvc - ok
19:23:39.0576 0x189c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:23:39.0607 0x189c WfpLwf - ok
19:23:39.0623 0x189c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:23:39.0639 0x189c WIMMount - ok
19:23:39.0639 0x189c WinDefend - ok
19:23:39.0654 0x189c WinHttpAutoProxySvc - ok
19:23:39.0654 0x189c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:23:39.0701 0x189c Winmgmt - ok
19:23:39.0748 0x189c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
19:23:39.0810 0x189c WinRM - ok
19:23:39.0810 0x189c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\Windows\system32\DRIVERS\WinUsb.sys
19:23:39.0841 0x189c WinUSB - ok
19:23:39.0873 0x189c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:23:39.0904 0x189c Wlansvc - ok
19:23:39.0919 0x189c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:23:39.0919 0x189c wlcrasvc - ok
19:23:39.0982 0x189c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:23:40.0029 0x189c wlidsvc - ok
19:23:40.0044 0x189c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:23:40.0060 0x189c WmiAcpi - ok
19:23:40.0075 0x189c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:23:40.0107 0x189c wmiApSrv - ok
19:23:40.0107 0x189c WMPNetworkSvc - ok
19:23:40.0107 0x189c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:23:40.0122 0x189c WPCSvc - ok
19:23:40.0138 0x189c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:23:40.0153 0x189c WPDBusEnum - ok
19:23:40.0153 0x189c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:23:40.0200 0x189c ws2ifsl - ok
19:23:40.0200 0x189c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:23:40.0231 0x189c wscsvc - ok
19:23:40.0231 0x189c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:23:40.0263 0x189c WSDPrintDevice - ok
19:23:40.0263 0x189c WSearch - ok
19:23:40.0325 0x189c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:23:40.0403 0x189c wuauserv - ok
19:23:40.0403 0x189c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:23:40.0434 0x189c WudfPf - ok
19:23:40.0434 0x189c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:23:40.0481 0x189c WUDFRd - ok
19:23:40.0481 0x189c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:23:40.0497 0x189c wudfsvc - ok
19:23:40.0512 0x189c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:23:40.0528 0x189c WwanSvc - ok
19:23:40.0543 0x189c ================ Scan global ===============================
19:23:40.0543 0x189c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:23:40.0559 0x189c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
19:23:40.0575 0x189c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
19:23:40.0575 0x189c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:23:40.0590 0x189c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:23:40.0590 0x189c [ Global ] - ok
19:23:40.0590 0x189c ================ Scan MBR ==================================
19:23:40.0606 0x189c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:23:40.0699 0x189c \Device\Harddisk0\DR0 - ok
19:23:40.0699 0x189c ================ Scan VBR ==================================
19:23:40.0715 0x189c [ B94B37A094EE2874E07B2CE82C94E103 ] \Device\Harddisk0\DR0\Partition1
19:23:40.0715 0x189c \Device\Harddisk0\DR0\Partition1 - ok
19:23:40.0715 0x189c [ 9B3DCCCDC2E5FF5F97FD388B3DB17C8A ] \Device\Harddisk0\DR0\Partition2
19:23:40.0715 0x189c \Device\Harddisk0\DR0\Partition2 - ok
19:23:40.0715 0x189c ================ Scan generic autorun ======================
19:23:40.0731 0x189c [ E8AE4ACB2CD8820148E1D9C07E48E652, 90BD819C1BEFDDE862919727296506BC9492169B2BE2A4DDC0A6CD037559DA9E ] C:\Windows\system32\igfxtray.exe
19:23:40.0762 0x189c IgfxTray - ok
19:23:40.0777 0x189c [ 3858ECC97EAC5C3EBB7104E3A08E6C2C, CE8A897748DFDBA043D4244B18A6767D9834684ECDE425C0686659293DD59F06 ] C:\Windows\system32\igfxpers.exe
19:23:40.0793 0x189c Persistence - ok
19:23:40.0809 0x189c [ 527BA8F96712AB5535A84B3AE15E66E3, 87A7B7C17429804BBFAD920B5B41D4C023B4AAEC1622C7B5353A5F51AA014640 ] C:\Program Files\DellTPad\Apoint.exe
19:23:40.0840 0x189c Apoint - ok
19:23:40.0855 0x189c [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdcBase.exe
19:23:40.0871 0x189c Windows Mobile-based device management - ok
19:23:40.0933 0x189c [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:23:41.0011 0x189c NvBackend - ok
19:23:41.0011 0x189c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:23:41.0027 0x189c ShadowPlay - ok
19:23:41.0043 0x189c [ 64D89BDA981ECD2BC9B547E4210CA6E0, 403F685FBC8A71896F550476C3E3CAAC0D593F7CF25D4A2F61ED62D576E62F12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:23:41.0058 0x189c iTunesHelper - ok
19:23:41.0058 0x189c [ 6DD303C8AA2EB21C0776579DC4D5773E, A9DA97E7271B9B608DB19FF97662CDF8CAF63C9399C12F62B469F3A1BDBEBBF2 ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
19:23:41.0074 0x189c AvgUi - ok
19:23:41.0121 0x189c [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
19:23:41.0167 0x189c RfxSrvTray - ok
19:23:41.0167 0x189c AV detected via SS2: AVG Antivirus, C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe ( 17.2.3419.0 ), 0x41000 ( enabled : updated )
19:23:41.0183 0x189c Win FW state via NFP2: enabled ( trusted )
19:23:41.0277 0x189c ============================================================
19:23:41.0277 0x189c Scan finished
19:23:41.0277 0x189c ============================================================
19:23:41.0292 0x0d9c Detected object count: 1
19:23:41.0292 0x0d9c Actual detected object count: 1
19:24:02.0383 0x0d9c KDService ( UnsignedFile.Multi.Generic ) - skipped by user
19:24:02.0383 0x0d9c KDService ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich hoffe, das paßt jetzt so.Nochmal vielen Dank für Deine Unterstützung!  Gruß Traude Hallo Matthias, ich wollte den Post noch editieren, aber es hat leider nicht mehr geklappt. Ich habe mich zulange auf dem Board hier rumgetrieben und geschmökert Ich wollte Dir noch mitteilen, daß ich den Rechner hauptsächlich privat nutze, aber ein paar Kleinigkeiten wie die Rechnungen für meine Naturheilpraxis und die Steuergeschichten mache ich auch mit diesem Rechner. Nachdem das beim letzten Mal kein Thema war, hatte ich die Info hierüber ganz vergessen. Beim Stöbern bin ich aber wieder erinnert worden. Nun hoffe ich, daß es auch dieses Mal kein Problem darstellt. Danke! Schönen Abend! Traude |
|
18.03.2017, 21:25
| #8 | ||
| /// TB-Ausbilder | IObit wird als Malware erkannt? Servus, vielen Dank für die Logdateien. Zitat:
Zitat:
Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
18.03.2017, 22:54
| #9 |
| | IObit wird als Malware erkannt? Du bist ja flott - danke schön Die PUP-Dateien habe ich vom MBAM löschen lassen. Hier das AdwCleaner-File: Code:
ATTFilter # AdwCleaner v6.044 - Bericht erstellt am 18/03/2017 um 22:16:31
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-18.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Traude - TRAUDE
# Gestartet von : C:\Users\Traude\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Traude\Downloads\Hola
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: pcdeventlaunchertask
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Auslogics
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Auslogics
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2628 Bytes] - [30/10/2016 09:25:51]
C:\AdwCleaner\AdwCleaner[C2].txt - [1283 Bytes] - [18/03/2017 22:16:31]
C:\AdwCleaner\AdwCleaner[R0].txt - [1051 Bytes] - [22/05/2015 22:15:02]
C:\AdwCleaner\AdwCleaner[R1].txt - [1116 Bytes] - [23/05/2015 18:51:06]
C:\AdwCleaner\AdwCleaner[R2].txt - [1234 Bytes] - [23/05/2015 19:16:51]
C:\AdwCleaner\AdwCleaner[R3].txt - [1407 Bytes] - [29/05/2015 16:57:49]
C:\AdwCleaner\AdwCleaner[S0].txt - [1114 Bytes] - [22/05/2015 22:18:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [1179 Bytes] - [23/05/2015 18:52:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [1297 Bytes] - [23/05/2015 19:51:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [1469 Bytes] - [29/05/2015 17:03:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [2686 Bytes] - [30/10/2016 09:22:31]
C:\AdwCleaner\AdwCleaner[S5].txt - [2141 Bytes] - [18/03/2017 22:14:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2086 Bytes] ##########
So, hier die neue MBAM-Datei: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 18.03.17
Scan-Zeit: 22:42
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1533
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: TRAUDE\Traude
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 418464
Abgelaufene Zeit: 2 Min., 2 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 1
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IObit\ASCDownloader, In Quarantäne, [1859], [380336],1.0.1533
Datei: 1
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Downloader.log, In Quarantäne, [1859], [380336],1.0.1533
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Traude (Administrator) auf TRAUDE (18-03-2017 22:51:24)
Gestartet von C:\Users\Traude\Desktop
Geladene Profile: Traude (Verfügbare Profile: Traude)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
() C:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Alexander Seeliger Software) C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [254776 2017-03-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [4774840 2016-05-23] (Greatis Software)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Run: [RfxSrvTray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155976 2015-11-16] (NVIDIA Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
Startup: C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-10-29]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.177.1
Tcpip\..\Interfaces\{0512DD7A-CFFA-45F7-98BE-6896EF174380}: [DhcpNameServer] 192.168.177.1
Internet Explorer:
==================
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.clustercoaching699.de/
SearchScopes: HKLM -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2017-02-18] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default [2017-03-18]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\htysxxqg.default -> Startpage HTTPS - Deutsch
FF Homepage: Mozilla\Firefox\Profiles\htysxxqg.default -> hxxps://login.yahoo.com/config/login_verify2?.intl=de&.src=ym
about:preferences
FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> share_proxy_settings", true
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (ClipConverter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-08-28]
FF Extension: (Add-on Compatibility Reporter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-11-23]
FF Extension: (Ghostery) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\firefox@ghostery.com.xpi [2017-02-11]
FF Extension: (ProxTube) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\ich@maltegoetz.de.xpi [2016-10-13]
FF Extension: (Kein Name) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\nostmp [2011-10-26] [ist nicht signiert]
FF Extension: (Photobucket Uploader) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\pbupload@photobucket.com.xpi [2016-04-27]
FF Extension: (Screengrab (fix version)) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-12-10]
FF Extension: (ColorfulTabs) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2017-03-14]
FF Extension: (FlashGot) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01]
FF Extension: (NoScript) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-17]
FF Extension: (Video DownloadHelper) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Fasterfox) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-04-27]
FF Extension: (Adblock Plus) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\forestle-de.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-maps.xml [2014-12-30]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-scholar.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\startpage-https---deutsch.xml [2016-03-21]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml [2011-07-18]
FF ProfilePath: C:\Users\Traude\AppData\Roaming\KompoZer\Profiles\go9l27sd.default [2012-01-04]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-10-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension => nicht gefunden
FF HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-16] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-12-02] (Nero AG)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\Traude\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-29] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll [2010-03-08] (Midasplayer Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-10] (Apple Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-16] (Adobe Systems) [Datei ist nicht signiert]
R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [Datei ist nicht signiert]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [263720 2017-03-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7197976 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.)
R2 Backup Service Home-Dienst; C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe [29696 2015-03-14] (Alexander Seeliger Software) [Datei ist nicht signiert]
R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [87992 2016-05-10] (Greatis Software, LLC)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [441856 2013-10-24] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2017-02-18] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166136 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [311592 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336920 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-03-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [127584 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [101624 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76688 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [994592 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [549912 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [163512 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [338576 2017-03-14] (AVG Technologies CZ, s.r.o.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2016-06-23] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2016-06-23] (Dell Computer Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-18] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-18] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82208 2017-03-18] (Malwarebytes)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299312 2015-11-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34392 2016-09-07] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-18 22:47 - 2017-03-18 22:47 - 00001409 _____ C:\Users\Traude\Desktop\mbam.txt
2017-03-18 22:40 - 2017-03-18 22:46 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-18 22:40 - 2017-03-18 22:46 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-18 22:40 - 2017-03-18 22:46 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-18 22:40 - 2017-03-18 22:46 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-18 22:40 - 2017-03-18 22:46 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-18 22:40 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-18 22:38 - 2017-03-18 22:38 - 57131432 _____ (Malwarebytes ) C:\Users\Traude\Desktop\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-18 22:33 - 2017-03-18 22:33 - 00566128 _____ (Malwarebytes) C:\Users\Traude\Desktop\mbam-clean-2.3.0.1001.exe
2017-03-18 22:04 - 2017-03-18 22:04 - 04031440 _____ C:\Users\Traude\Desktop\AdwCleaner_6.044.exe
2017-03-18 20:24 - 2017-03-18 22:16 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-18 19:20 - 2017-03-18 19:59 - 00469716 _____ C:\TDSSKiller.3.1.0.12_18.03.2017_19.20.30_log.txt
2017-03-18 19:20 - 2017-03-18 19:20 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Traude\Desktop\tdsskiller.exe
2017-03-18 19:11 - 2017-03-18 19:11 - 00057106 _____ C:\Users\Traude\Desktop\Addition.txt
2017-03-18 19:10 - 2017-03-18 22:51 - 00030341 _____ C:\Users\Traude\Desktop\FRST.txt
2017-03-18 19:09 - 2017-03-18 22:51 - 00000000 ____D C:\FRST
2017-03-18 18:59 - 2017-03-18 19:06 - 00000000 ____D C:\Users\Traude\Desktop\Malware-Logs
2017-03-18 18:57 - 2017-03-18 18:57 - 02424832 _____ (Farbar) C:\Users\Traude\Desktop\FRST64.exe
2017-03-16 07:07 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-16 07:07 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-16 07:07 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-16 07:07 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-16 06:56 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-16 06:56 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-16 06:56 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-16 06:56 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-16 06:56 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-16 06:56 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-16 06:56 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-16 06:56 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-16 06:56 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-16 06:56 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-16 06:56 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-16 06:56 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-16 06:56 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-16 06:56 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-16 06:56 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-16 06:56 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-16 06:56 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-16 06:56 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-16 06:56 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-16 06:56 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-16 06:56 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-16 06:56 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-16 06:56 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-16 06:56 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-16 06:56 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-16 06:56 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-16 06:56 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-16 06:56 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-16 06:56 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-16 06:56 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-16 06:56 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-16 06:56 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-16 06:56 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-16 06:56 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-16 06:56 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-16 06:56 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-16 06:56 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-16 06:56 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-16 06:56 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-16 06:56 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-16 06:56 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-16 06:56 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-16 06:56 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-16 06:56 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-16 06:56 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-16 06:56 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-16 06:56 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-16 06:56 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-16 06:56 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-16 06:56 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-16 06:56 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-16 06:56 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-16 06:56 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-16 06:56 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-16 06:56 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-16 06:56 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-16 06:56 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-16 06:56 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-16 06:56 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-16 06:56 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-16 06:56 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-16 06:56 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-16 06:56 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-16 06:56 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-16 06:56 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-16 06:56 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-16 06:56 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-16 06:56 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-16 06:56 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-16 06:56 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-16 06:56 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-16 06:56 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-16 06:56 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-16 06:56 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-16 06:56 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-16 06:56 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-16 06:56 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-16 06:56 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-16 06:56 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-16 06:56 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-16 06:56 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-16 06:56 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-16 06:56 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-16 06:56 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-16 06:56 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-16 06:56 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-16 06:56 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-16 06:56 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-16 06:56 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-16 06:56 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-16 06:56 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-16 06:56 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-16 06:56 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-16 06:56 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-16 06:56 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-16 06:56 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-16 06:56 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-16 06:56 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-16 06:56 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-16 06:56 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-16 06:56 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-16 06:56 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-16 06:56 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-16 06:56 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-16 06:56 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-16 06:56 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-16 06:56 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-16 06:56 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-16 06:56 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-13 07:18 - 2017-03-14 12:35 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgvmm.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgsp.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00399392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-03-13 07:18 - 2017-03-13 07:18 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-03-13 07:18 - 2017-03-13 07:17 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-03-04 12:38 - 2017-03-04 13:08 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-03-04 12:38 - 2017-03-04 12:38 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398}
2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-03-04 12:37 - 2017-03-04 12:37 - 00004026 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2017-03-04 12:37 - 2017-03-04 12:37 - 00003342 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2017-03-04 12:37 - 2017-03-04 12:37 - 00003216 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\Program Files\Dell Support Center
2017-03-04 12:36 - 2017-03-04 12:36 - 02219736 _____ (Dell Inc) C:\Users\Traude\Downloads\aulauncher.exe
2017-03-04 12:34 - 2017-03-04 12:34 - 13517824 _____ C:\Users\Traude\Downloads\SupportAssistx64.msi
2017-03-04 12:06 - 2017-03-04 14:04 - 00000000 ____D C:\ProgramData\PCDr
2017-03-04 12:06 - 2017-03-04 12:38 - 00000000 ____D C:\Users\Traude\AppData\Roaming\PCDr
2017-03-02 21:43 - 2017-03-15 19:31 - 00000000 ____D C:\Users\Traude\Documents\1a-Jörg
2017-02-18 21:44 - 2017-02-18 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-02-18 21:43 - 2017-02-18 21:44 - 00000000 ____D C:\Program Files\iTunes
2017-02-18 21:43 - 2017-02-18 21:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple Computer
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\iPod
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Bonjour
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-02-18 21:15 - 2017-02-18 21:15 - 00000000 ____D C:\Users\Traude\AppData\Roaming\ProductData
2017-02-18 21:14 - 2017-03-18 22:47 - 00000000 ____D C:\ProgramData\IObit
2017-02-18 21:14 - 2017-03-13 13:34 - 00000000 ____D C:\ProgramData\ProductData
2017-02-18 21:14 - 2017-02-18 21:14 - 00002888 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2017-02-18 21:14 - 2017-02-18 21:14 - 00001218 _____ C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2017-02-18 21:14 - 2017-02-18 21:14 - 00001194 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Users\Traude\AppData\Roaming\IObit
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-18 21:13 - 2017-02-18 21:13 - 12906784 _____ (IObit) C:\Users\Traude\Downloads\iobituninstaller.exe
2017-02-18 17:42 - 2017-02-18 21:17 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2017-02-18 17:35 - 2017-02-18 17:38 - 177092424 _____ (Apple Inc.) C:\Users\Traude\Downloads\iTunes6464Setup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-18 22:50 - 2010-11-21 07:50 - 00780482 _____ C:\Windows\system32\perfh007.dat
2017-03-18 22:50 - 2010-11-21 07:50 - 00179508 _____ C:\Windows\system32\perfc007.dat
2017-03-18 22:50 - 2009-07-14 06:13 - 01845602 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-18 22:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-18 22:48 - 2016-11-19 07:57 - 00000000 ____D C:\Users\Traude\AppData\LocalLow\Mozilla
2017-03-18 22:46 - 2016-10-30 09:18 - 00995328 _____ C:\Users\Public\Documents\bootracer.his
2017-03-18 22:46 - 2016-10-30 09:16 - 00000423 _____ C:\Users\Public\Documents\bootracer.ini
2017-03-18 22:46 - 2016-10-30 09:16 - 00000000 ____D C:\ProgramData\BootRacer
2017-03-18 22:45 - 2016-10-30 09:16 - 00000000 ____D C:\Program Files (x86)\BootRacer
2017-03-18 22:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-18 22:43 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-18 22:43 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-18 22:16 - 2015-05-22 22:10 - 00000000 ____D C:\AdwCleaner
2017-03-18 19:00 - 2011-10-26 15:06 - 00000000 ____D C:\Users\Traude\AppData\Local\CrashDumps
2017-03-18 07:50 - 2016-09-20 17:50 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-17 18:52 - 2015-05-18 14:47 - 00000000 ____D C:\Users\Traude\AppData\Roaming\KeePass
2017-03-17 17:38 - 2015-05-19 23:12 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-03-17 14:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-17 06:57 - 2009-07-14 05:45 - 00556656 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-16 18:34 - 2015-04-16 11:42 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 18:34 - 2014-05-06 18:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 18:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-16 07:12 - 2013-08-14 07:40 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 07:09 - 2011-10-27 23:10 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 07:08 - 2013-03-13 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 16:08 - 2011-10-26 11:10 - 00000000 ____D C:\Users\Traude\AppData\Roaming\Audacity
2017-03-15 16:06 - 2011-11-01 09:45 - 00000000 ____D C:\Users\Traude\Documents\Questico
2017-03-13 13:42 - 2015-10-26 12:53 - 00000000 ____D C:\ProgramData\Avg
2017-03-13 13:33 - 2015-06-02 19:09 - 00000000 ____D C:\Users\Traude\AppData\Local\Avg
2017-03-13 13:33 - 2011-10-26 09:07 - 00000000 ____D C:\ProgramData\MFAData
2017-03-13 07:19 - 2015-10-26 13:02 - 00000000 ____D C:\Users\Traude\AppData\Roaming\AVG
2017-03-13 07:17 - 2015-10-26 12:52 - 00000000 ____D C:\Users\Traude\AppData\Local\AvgSetupLog
2017-03-13 07:16 - 2015-11-26 07:26 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-13 07:16 - 2011-10-26 09:08 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-12 08:31 - 2016-05-24 16:12 - 00000898 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-03-11 07:55 - 2012-01-28 08:56 - 00000000 ____D C:\ProgramData\ashampoo
2017-03-08 16:21 - 2016-07-27 15:19 - 00000000 ____D C:\Users\Traude\Documents\Testamentsvollstreckung
2017-03-05 20:54 - 2013-08-19 18:39 - 00000000 ____D C:\Users\Traude\AppData\Local\Audible
2017-03-04 12:38 - 2011-10-21 17:17 - 00000000 ____D C:\Program Files\Dell
2017-03-04 12:38 - 2011-10-21 17:09 - 00000000 ____D C:\Program Files (x86)\Dell
2017-03-04 12:37 - 2011-10-21 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-03-03 18:22 - 2016-12-11 16:21 - 00000000 ____D C:\Users\Traude\Desktop\Mietgesuche
2017-03-02 21:43 - 2014-03-19 21:48 - 00000000 ____D C:\Users\Traude\Documents\AaufräumenSpeichern Desktop
2017-02-23 16:10 - 2011-10-26 15:12 - 00000000 ____D C:\Users\Traude\Documents\Praxis
2017-02-23 15:07 - 2016-02-20 10:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 16:37 - 2015-05-18 15:22 - 00000000 ____D C:\Users\Traude\Documents\Sicherheit
2017-02-18 17:42 - 2014-02-05 21:13 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-11-17 11:26 - 2011-11-17 12:24 - 0038112 _____ () C:\Users\Traude\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2016-09-07 20:06 - 2016-09-07 20:06 - 0001181 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt
2016-09-07 20:06 - 2016-09-07 20:06 - 0000000 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-08-14 20:33 - 2012-08-14 20:33 - 0123959 _____ () C:\Users\Traude\AppData\Local\ars.cache
2012-08-14 20:34 - 2012-08-14 20:34 - 0893155 _____ () C:\Users\Traude\AppData\Local\census.cache
2011-11-27 12:19 - 2013-04-10 21:54 - 0008192 _____ () C:\Users\Traude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-26 06:18 - 2012-06-26 06:18 - 0033758 _____ () C:\Users\Traude\AppData\Local\dt.dat
2012-08-14 20:24 - 2012-08-14 20:24 - 0000036 _____ () C:\Users\Traude\AppData\Local\housecall.guid.cache
2011-11-07 13:19 - 2012-12-02 16:27 - 0007606 _____ () C:\Users\Traude\AppData\Local\Resmon.ResmonCfg
2011-11-08 18:10 - 2011-11-08 18:10 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Einige Dateien in TEMP:
====================
2016-04-18 12:22 - 2016-03-23 15:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081356595972.exe
2016-05-31 17:47 - 2016-04-22 09:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081369225268.exe
2016-02-24 07:04 - 2016-01-12 16:23 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081416171258.exe
2016-06-24 16:23 - 2016-05-18 12:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081624092742.exe
2016-04-09 07:23 - 2016-02-18 12:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081845367172.exe
2016-07-27 12:01 - 2016-06-21 17:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_081893819348.exe
2016-05-17 11:49 - 2016-04-14 16:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_082085062087.exe
2016-08-23 19:00 - 2016-07-20 13:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Traude\AppData\Local\Temp\avguirn_08342509991.exe
2016-10-19 15:47 - 2016-10-19 15:47 - 2458672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Traude\AppData\Local\Temp\libeay32.dll
2016-10-19 15:47 - 2016-10-19 15:47 - 0970912 _____ (Microsoft Corporation) C:\Users\Traude\AppData\Local\Temp\msvcr120.dll
2016-10-19 15:47 - 2016-10-19 15:47 - 0772672 _____ () C:\Users\Traude\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2012-01-20 11:02
==================== Ende von FRST.txt ============================
|
|
18.03.2017, 22:58
| #10 |
| | IObit wird als Malware erkannt? Und hier noch die Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Traude (18-03-2017 22:52:09)
Gestartet von C:\Users\Traude\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-26 07:02:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2721480124-1926032340-2623985909-500 - Administrator - Disabled)
Gast (S-1-5-21-2721480124-1926032340-2623985909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2721480124-1926032340-2623985909-1003 - Limited - Enabled)
Traude (S-1-5-21-2721480124-1926032340-2623985909-1001 - Administrator - Enabled) => C:\Users\Traude
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.17 - STMicroelectronics)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2000174334.48.56.41298730 - Audible, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.2.3008 - AVG Technologies)
Backup Service Home 3.5.3 (HKLM-x32\...\{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1) (Version: 3.5.3.2 - Alexander Seeliger Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BootRacer (HKLM-x32\...\{AAF04580-CE8A-4C52-98B9-0394654BC5A9}) (Version: 6.0.0.407 - Greatis Software, LLC)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Business Contact Manager für Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
calibre 64bit (HKLM\...\{9B70C080-F90A-49EA-B8A4-3E4D7BDDA853}) (Version: 2.36.0 - Kovid Goyal)
Canon iP4200 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Data Vault (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
Dropbox (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
GDR 5520 für SQL Server 2008 (KB 2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
king.com (remove only) (HKLM-x32\...\king.com) (Version: - Midasplayer Ltd (king.com))
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (HKLM-x32\...\{742D41A9-B3BF-3A65-806E-F8372FB3E492}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)
QuickSlide® Home & Business (HKLM-x32\...\{E4B98C7B-6850-4B52-819C-69FD9A3FC21B}) (Version: 1.113.4 - Strategy Compass)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SoundTap Streaming Audio-Recorder (HKLM-x32\...\SoundTap) (Version: 3.02 - NCH Software)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12189 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Validity Sensors DDK (HKLM\...\{10AAF056-7792-497A-ACAF-3BF002196574}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WISO Buchhaltung 2 (HKLM-x32\...\WISO Buchhaltung 2) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {20D86487-2013-4305-8334-C05F6F708A6A} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: {2A5597A6-ABD6-4A84-9A50-414667E7832D} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {2BD514D9-EE09-4942-8238-B4A8479A3F07} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {2CFBE6B6-5884-41BB-85E4-CFBBD457FCC2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-03-13] (AVG Technologies CZ, s.r.o.)
Task: {3083436A-97EB-4EFE-AE8D-945EF7C8562F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {32764461-1BE0-4CFF-8573-91AFC4846F1E} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {3BF1C568-8A50-4D17-AF4B-DBFB7C45C098} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {3F599757-8E06-403F-B099-100507B811A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-16] (Adobe Systems Incorporated)
Task: {47AB7541-0A6D-4EE9-A2B5-4FC9121A8C48} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {4EFC7342-5717-4321-B287-DDAA6E1E0191} - System32\Tasks\0414bUpdateInfo => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe [2014-04-09] ()
Task: {517BFF39-1267-41C8-BBBC-A46A37AAFB29} - System32\Tasks\{82E25D12-D1E3-4F67-BA8E-3399E26270E5} => pcalua.exe -a C:\Users\Traude\Downloads\Radiotracker_6_Special_Computerbild.de.exe -d C:\Users\Traude\Downloads
Task: {5D9E8CE5-6CBD-4D20-85D2-A682418A612E} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-02-18] (IObit)
Task: {651F8BA7-E9A7-45CB-B074-FD30488F3A41} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: {8611A45D-4A77-4FD1-A4C2-4348546408DE} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: {8C021EE7-3E8E-4364-90FC-B5B5B7F43D02} - System32\Tasks\0415avUpdateInfo => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: {9BA98E42-3CBE-4579-AFEF-8526474D9598} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9EC1493A-A223-4846-8D6E-ACE018DA0BE5} - System32\Tasks\HP Officejet 6500 E710n-z.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HP Officejet 6500 E710n-z.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A0A9A05F-AE72-4250-8E61-4F02C10F2170} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A4EC09E3-00FC-4821-A880-5C06304FAB15} - System32\Tasks\FaxSetupWizard.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxSetupWizard.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AB504399-C8DA-4B7F-805F-8124B45860E5} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: {C6F51862-32FE-4A4C-BCC1-64EDD6680382} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: {C9C2CE16-D76E-42B6-BCFE-3F6CE3728C86} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: {DD647DBF-B51B-46B2-AA19-AD152A458AB9} - System32\Tasks\1214avUpdateInfo => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: {E758412B-B717-455E-9368-7EE0EF23E29C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {EB2B061B-C3DF-4564-84A9-2D8D11AC6E13} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.)
Task: {EBBAFB6B-6A70-46D8-91DE-A0AE7824EAB1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F6056EB5-8BC4-4A1B-9C15-D571959F3845} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\0116avzUpdateInfo.job => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0316avzUpdateInfo.job => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2721480124-1926032340-2623985909-1001Core1d0c14aa289cce6.job => C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Traude\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-27 08:05 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-02 16:20 - 2015-06-02 16:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2011-10-21 18:19 - 2011-07-20 14:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-18 22:40 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 22:40 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00163584 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-03-18 20:13 - 2017-03-18 20:13 - 05885952 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17031801\algo.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00656040 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2015-11-20 21:05 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-28 12:55 - 2016-11-28 12:55 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2011-11-29 00:02 - 2013-06-03 12:06 - 09907712 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll
2011-11-29 00:02 - 2013-05-16 13:28 - 00242688 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger
2017-03-13 07:17 - 2017-03-13 07:17 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-05-14 18:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.177.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Radio.fx => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Traude^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Adobe Version Cue CS2 => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BackupServiceHome3Run => C:\Program Files (x86)\Alexosoft\Backup Service Home 3\Alexosoft.BackupService.MainApp.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DataCardMonitor => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\TrayApp.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HW_OPENEYE_OUC_T-Mobile Internet Manager => "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{24552CB8-D2D0-4A98-B3BE-07DD0E3DC53A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{0C0719E5-E684-4226-9E33-5E85FBF14F1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D0B947FF-971B-474F-9CD9-5DD8265572F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{80770A80-46B0-4E8D-9EB5-F1A6E56B5C4B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{2B8A644B-50E1-4255-B6D7-307BA311D504}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8232CE5E-66C2-4D7E-9FF9-3FD2DBA23D93}] => (Allow) LPort=2869
FirewallRules: [{2B5D4181-353B-4219-BB44-8809CDED1138}] => (Allow) LPort=1900
FirewallRules: [{C316FCD8-186F-4629-8260-FEF61E44CB52}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3DF06A5E-13B7-4CCB-85E4-889AFDBCF12E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{831B0B33-4C67-452C-94CF-94860BB106D4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{B5F4DD3E-CA13-45C1-9802-878F4A27CED4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{34858832-A0F9-40FB-BDB1-483D1BEA8D7D}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{E2681585-9C84-4B34-9AF7-EC8A1D8660E7}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4238EC06-874F-44AD-9FC7-8086AEF3A50F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{BEFF5E89-E588-471D-97AD-5D5C0AEA0DFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{9D086069-1DE2-4F95-BC6D-5FC579ACE394}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F0C07CF2-C034-40DD-B167-8CD811F786B4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{3F2F45D5-CCB8-4166-83A8-22FE1D8BF5E3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{919DB40C-4C28-4394-B356-94FBF9A808D8}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{B2829EF0-9777-4910-B7B0-C4294B6AAA29}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EB96B583-CE15-4F82-AFB8-9888FE81E542}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{A849370C-B1A3-4842-B543-D93A8501B681}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{246D22FE-B805-4CEE-BBD3-7710F1C210E8}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [{F0785DF7-7FE0-4914-9E0F-98EBFBF016A6}] => (Allow) LPort=5353
FirewallRules: [{0128A8BD-76FC-4AFA-89A4-C2F48CD1D4B2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9AA37D79-CE72-4F3B-8AF1-D19EB346D35B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{A33136C1-5717-4C49-A3FA-F001C983D9DB}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{BBF2F086-6E39-418B-A731-3424CD3A5931}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{B6B5C4CD-CA56-406F-9587-1AC63C6311E8}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{19CEC1D9-2722-4DE9-9B6C-DB1B8FD2E469}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{91A75A44-C75F-4C7C-9CA8-CDD0364CF785}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{20E1AAC5-3F86-4A4F-81AE-C003AF82ACF2}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{94FDBDAB-CD4D-4D90-B2D2-D269A7FBEE91}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{7500D163-5284-442D-8BA0-5CC17A5EE3C2}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{ED10ED38-8903-4FF7-8FFE-5EAE395543C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0FF34D6-3465-4888-A43C-9DFB6D1B2D7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98E27789-53C7-491E-B04C-3C39098F7F86}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{0F4AE8E4-E73E-4CB2-A4BD-5A55EF49D9DE}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{E742269F-472D-4CF1-AA39-EC7754D495F4}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{5A086E20-3C42-43D4-BB89-79DCC9A192D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1456411F-26C7-4B39-8F9C-D24B4E3A53E4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9026CB27-9A63-42A7-9859-91121FB01CA4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3D5AF432-24C2-441A-94D3-83C3D918B297}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{64BBA564-6B64-44B0-949B-9E11EB42DCD4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{582732F3-521A-458C-808E-719A2B03D169}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A5ACCA1E-88F4-4258-962B-8A7D9844EF4C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{4A27FEA7-E66B-4E3D-B752-5EFC85240EC0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B14A0AF7-B02E-4643-AE3C-CB94C1FA1781}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{83222B37-73E0-4444-9811-52433A1C7A12}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{43ACFD01-5E4C-45D5-BEFC-CD9A5DDB82F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79EBD6B7-8AE7-4EB2-8B00-738B3551F608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12992321-48C2-4887-BD53-6823B06B2359}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A3A563EC-2FD6-40E1-9420-FFE93792DC30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A35EC85-C06E-435E-B8E0-656592C9E272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{67789EF0-192A-43B5-89B5-AECE3552FE95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1C096973-E374-4B11-A4DD-9223335E0022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AAFEC492-365D-42C1-B32C-167D9A628745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECD259E3-AE26-415B-BD58-36C56816C6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9F6A9E4-C939-4CA6-890F-8EDB7018EBDB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{66605E5C-0066-4342-AB66-BBAD7B296E8C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{7DBB20F1-6B03-4758-BA41-79B57B0E87FB}] => (Allow) LPort=3702
FirewallRules: [{8F5F19C1-C715-4180-B91F-FE5CA594B537}] => (Allow) LPort=9244
FirewallRules: [{301A239F-A0B9-44DC-80EC-8E09B74ED85B}] => (Allow) LPort=3702
FirewallRules: [{26068542-29E7-4C3B-808B-06D8AC8B31C1}] => (Allow) LPort=9244
FirewallRules: [{067222A9-F4FD-43DF-ABA4-0E81A9D09F97}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{37D0E031-B371-45D3-A2B9-D0FDE497C5E1}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{B8743A74-EBD6-4ECF-BE6F-DD69000F1F96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB18389F-4745-47F8-A89C-639418769D3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E54CC96-1D8C-4650-8619-553534100FD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7C6238E-CEA6-481D-A4C7-E3E4A47757A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC898EE7-4072-4177-A7F8-AF8603A76DFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
02-03-2017 22:19:28 Geplanter Prüfpunkt
04-03-2017 12:32:44 IObit Uninstaller restore point
04-03-2017 14:00:21 nach neuer PC-Doctor-Software-Version
12-03-2017 10:42:41 Geplanter Prüfpunkt
13-03-2017 07:19:52 Removed AVG
13-03-2017 07:20:24 Removed AVG 2016
16-03-2017 07:07:28 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/18/2017 10:46:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 10:46:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/18/2017 10:46:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/18/2017 10:35:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 10:26:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/18/2017 10:26:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/18/2017 10:26:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 10:17:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/18/2017 10:17:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/18/2017 10:17:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (03/18/2017 10:46:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (03/18/2017 10:46:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.
CodeIntegrity:
===================================
Date: 2015-05-14 19:58:00.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-14 19:58:00.710
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 18:10:40.527
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.347
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.267
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:39.967
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 17:17:24.984
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3990.17 MB
Verfügbarer physikalischer RAM: 1124.57 MB
Summe virtueller Speicher: 7978.52 MB
Verfügbarer virtueller Speicher: 4781.87 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:444.27 GB) (Free:127.28 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=444.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Morgen komme ich wahrscheinlich erst abends dazu, falls Du morgen überhaupt was machst, schließlich ist ja Wochenende! Aber soweit ich das hier verfolgt habe, seid Ihr Jäger ja rund um die Uhr auf der Jagd Viele Grüße und einen schönen Sonntag! Traude |
|
19.03.2017, 12:29
| #11 |
| /// TB-Ausbilder | IObit wird als Malware erkannt? Servus, normalerweise bin ich täglich hier unterwegs (Ausnahme: Urlaub).  Wir kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
FirewallRules: [TCP Query User{94FDBDAB-CD4D-4D90-B2D2-D269A7FBEE91}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{7500D163-5284-442D-8BA0-5CC17A5EE3C2}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{0F4AE8E4-E73E-4CB2-A4BD-5A55EF49D9DE}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{E742269F-472D-4CF1-AA39-EC7754D495F4}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
Unlock: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
19.03.2017, 20:02
| #12 |
| | IObit wird als Malware erkannt? Hallo Matthias, ja, das nenne ich Einsatz! Ich finde es wirklich toll, daß Ihr das jahrelang macht und trotzdem immer noch so voll Elan dabei seid! Wirklich ein toller Einsatz! Wenn alle so denken würden, gäbs keine Kriege .... Ihr seid die PC- ....  So, und nun genug gelobt, jetzt gibt's die Logs Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Traude (19-03-2017 18:07:26) Run:1
Gestartet von C:\Users\Traude\Desktop
Geladene Profile: Traude (Verfügbare Profile: Traude)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
FirewallRules: [TCP Query User{94FDBDAB-CD4D-4D90-B2D2-D269A7FBEE91}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{7500D163-5284-442D-8BA0-5CC17A5EE3C2}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{0F4AE8E4-E73E-4CB2-A4BD-5A55EF49D9DE}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{E742269F-472D-4CF1-AA39-EC7754D495F4}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe
Unlock: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml"
CMD: type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden.
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F28C98E0-B471-4C5D-92E1-55272CEE2DE9} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{F28C98E0-B471-4C5D-92E1-55272CEE2DE9} => Schlüssel nicht gefunden.
HKCR\PROTOCOLS\Handler\linkscanner => Schlüssel nicht gefunden.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Schlüssel nicht gefunden.
HKCR\PROTOCOLS\Handler\tmpx => Schlüssel nicht gefunden.
HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => Schlüssel nicht gefunden.
HKLM\System\CurrentControlSet\Services\catchme => Schlüssel erfolgreich entfernt
catchme => Dienst erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{94FDBDAB-CD4D-4D90-B2D2-D269A7FBEE91}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7500D163-5284-442D-8BA0-5CC17A5EE3C2}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0F4AE8E4-E73E-4CB2-A4BD-5A55EF49D9DE}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E742269F-472D-4CF1-AA39-EC7754D495F4}C:\users\traude\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
"C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins" => wurde entsperrt
========= type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml" =========
<SearchPlugin xmlns="hxxp://www.mozilla.org/2006/browser/search/">
<ShortName>MyVideo</ShortName>
<Description>MyVideo</Description>
<InputEncoding>ISO-8859-1</InputEncoding>
<Image width="16" height="16">data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAABMLAAATCwAAAAAAAAAAAAD/////////////////////8sOe/+ePSf/liD3/5Yg9/+qeYv/44c7/////////////////////////////////////////////////77WG/+WIPf/liD3/6p5h/+ymbv/qnmH/5Yg9//fawv//////////////////////////////////////9Muq/+WIPf/nj0n/99rC//////////////////XStv/nj0n//fjz/////////////////////////////fjz/+ePSf/liD3/99rC////////////////////////////9Muq//LDnv////////////////////////////XStv/liD3/7KZu//////////////////////9AjP//gLP//+/1///utYX////////////////////////////vtYb/5Yg9//XStv//////////////////////QIz//wBm//8QcP//gLP/////////////////////////////7KZu/+WIPf/88Of///////348//qnmH//////0CM//8AZv//AGb//wBm//8gef//n8b//////////////////+WIPf/liD3////////////wvJL/5Yg9//////9AjP//AGb//wBm//8AZv//AGb//wBm//9gn//////////////liD3/5Yg9////////////549J//C8kv//////QIz//wBm//8AZv//AGb//xBw//+PvP//////////////////549J/+WIPf///////////+iXVf///////////0CM//8AZv//AGb//1CW///g7P///////////////////////+ymbv/liD3//PDn///////spm7///////////9AjP//IHn//7/Z///yxJ7////////////////////////////wvJL/5Yg9//TLqv//////7a16//348///////r8/////////9+PP/77WG////////////////////////////+una/+WIPf/ol1X//fjz//rp2//wvJL/////////////////8LyS//jhzv/////////////////////////////////trXr/5Yg9/+2tev/9+PP//PDn//348///////9dK2/+2tev///////////////////////////////////////fjz/+qeYv/liD3/6JdV//C8kv/yxJ7/6p5h/+qeYv/9+PP////////////////////////////////////////////9+PP/8LyS/+ePSf/liD3/549J//LDnv/9+PP/////////////////////////////////AAD//wAA//8AAP//AAD//wAA//8AAP//AAD//wAA//8AAP//AAD//wAA//8AAP//AAD//wAA//8AAP//AAD//w==</Image>
<Url type="text/html" method="GET" template="hxxp://www.myvideo.de.anonymize-me.de/?">
<Param name="to" value="6D79766964656F2E6465" />
<Param name="st" value="{searchTerms}" />
<Param name="clid" value="3798008a-9021-42be-a96d-c3f34c931f99" />
<Param name="pid" value="freewarede" />
<Param name="mode" value="bounce" />
<Param name="k" value="0" />
</Url>
<SearchForm></SearchForm>
</SearchPlugin>
========= Ende von CMD: =========
========= type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml" =========
<SearchPlugin xmlns="hxxp://www.mozilla.org/2006/browser/search/">
<ShortName>Preisvergleich</ShortName>
<Description>Preisvergleich</Description>
<InputEncoding>ISO-8859-1</InputEncoding>
<Image width="16" height="16">data:image/x-icon;base64,AAABAAEAEBAAAAEAGABoAwAAFgAAACgAAAAQAAAAIAAAAAEAGAAAAAAAQAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBnblWh68qaZwlZ5pDdKCBnbkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACivdNGkL4Jf8MAkd0ApPMApvYAkd8AdLwWWJKZrcUAAAAAAAAAAAAAAAAAAACdpqo/rNwDp+0AtP8Aw/8Ar/AAouMAsP8AsP8Al+gAVJqcrsUAAAAAAAAAAAAAAAA3aHwBRWEAtvMAvP8Ac5kAJDIAQFoAq+4Ar/8Arv8AnvILVJWcrsUAAAAAAAAAAAAvwPQASWMAMkEAc5YAPUsAFRoAFBwAo9wAtv8AqP8AsP8AgdFYf6cAAAAAAABq3f4Xxf8AsuUAPUsADBIAhKMAb4kADhQAmc4Au/8ArP8Asf8Arv8KYKOwxNcAAABq3f4Iu/4ArucAvecAWGsAAAIAQ1QAX3YAr+cAwv8Atv8AnuIAbJ8BV5KwxNcAAABq3f4Dvf8AxP8Azv8A1P0AcIQAAwIAKTQAfZ4Av/YAxf8AQ1wAHSkAOV6aq7sAAABq3f4Owv8Axf8Ayv8A0/8A3v8AlLEAFRkAAAAAOEkAX3kAAwQAa5cBdLq1vMQAAACk4fUtzf8AxP8Azv8A0f8A0v8A3v8At9oASFkAAAEAAAAACw4Ag70rjs0AAAAAAAAAAABq3f4BxP8Ay/8A0/8AyfEAmrsAv+EAwOYAV3AAFyAANkwAW4eRr8QAAAAAAAAAAACk4fVH1f8AxP8AyP8Az/8ApMUAXHAAOUgAMUIAg7QBfa4AAABeWVcAAAAAAAAAAAAAAACk4fVX2P4Vxv8Awf8AyP8AodMAf6kFodYhvfhSosUeISIoJyUAAAAAAAAAAAAAAAAAAAAAAACk4fVX2P4AyP8AyP9P4P9h2f8AAAAAAADMzs/NzMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA+B8AAOAHAADAAwAAwAEAAMABAACAAAAAgAAAAIAAAACAAAAAgAEAAMABAADAAQAA4AEAAPgZAAD//wAA</Image>
<Url type="text/html" method="GET" template="hxxp://www.pricerunner.de.anonymize-me.de/?">
<Param name="to" value="707269636572756E6E65722E6465" />
<Param name="st" value="{searchTerms}" />
<Param name="clid" value="3798008a-9021-42be-a96d-c3f34c931f99" />
<Param name="pid" value="freewarede" />
<Param name="mode" value="bounce" />
<Param name="k" value="0" />
</Url>
<SearchForm></SearchForm>
</SearchPlugin>
========= Ende von CMD: =========
========= type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml" =========
<SearchPlugin xmlns="hxxp://www.mozilla.org/2006/browser/search/">
<ShortName>OTTO</ShortName>
<Description>OTTO</Description>
<InputEncoding>ISO-8859-1</InputEncoding>
<Image width="16" height="16">data:image/x-icon;base64,AAABAAIAICAQAAAAAADoAgAAJgAAABAQEAAAAAAAKAEAAA4DAAAoAAAAIAAAAEAAAAABAAQAAAAAAIACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///wBFVecAsbn1AAwf3wB2gu0A0dX4ACg64wDp6/wAi5bwAFlo6QBndesAGy3hADVG5QD19v4AESTgABERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERFn/8JhE9IxE8IxFn/8phEerJVf0RPdMRPNMRrJVfphEcJhEsUWLDEWfDEcJhEsURHCERbyFqyRFtyRHCERbyERwhER/RG0URHUURwhER/REc1hEfcRVLMRJLYc1hEfcRGskRb9iJ+jiL+miskRb9ERbHWZ+Zqv2qsv2rnHWZ+RERaszCZcx3x9x3z1aszKYRERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAAAEAAAACAAAAABAAQAAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///wAiM+IAkZnxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEREREREREREREREREREREREREREREREREREREREREREyIxIRITIjESESEhEhIRIRIRISESEhEhEhEhIRISESETIjIiIiMiMRERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image>
<Url type="text/html" method="GET" template="hxxp://www.otto.de.anonymize-me.de/?">
<Param name="to" value="6F74746F2E6465" />
<Param name="st" value="{searchTerms}" />
<Param name="clid" value="3798008a-9021-42be-a96d-c3f34c931f99" />
<Param name="pid" value="freewarede" />
<Param name="mode" value="bounce" />
<Param name="k" value="0" />
</Url>
<SearchForm></SearchForm>
</SearchPlugin>
========= Ende von CMD: =========
========= type "C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml" =========
<SearchPlugin xmlns="hxxp://www.mozilla.org/2006/browser/search/" xmlns:os="hxxp://a9.com/-/spec/opensearch/1.1/">
<os:ShortName>Firefox Add-ons</os:ShortName>
<os:Description></os:Description>
<os:InputEncoding>UTF-8</os:InputEncoding>
<os:Image width="16" height="16">data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8%2F9hAAAABHNCSVQICAgIfAhkiAAAAAlwSFlz%0D%0AAAAN1wAADdcBQiibeAAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAAKoSURB%0D%0AVDiNjZNLaJRnFIaf75vvy2UGTWr8NYkxl0IFUYkNXSSZQNWFWlxIEVy1FLLo0i4adddVXRnS4kJw%0D%0AYxci2GaRTWlSFGKFGRXNmFBF62VMO4TENBdjMv9k5p%2F%2FOy4SLzgqHs7yPc95eTlHiQjvqniPbVYR%0D%0AzuBoR%2BFQDEvId4neIPNCY945DayNVff%2F8NUvn9XXNJMv5hhKnTvYP3ymHmj%2FIMBSbmHjjP8fycxv%0D%0A%2BMEzGqtatUI1vK7R7wM4J32XUv3Li%2Fl5imGBkbtXlsMw%2FPF1jXozg3iP3aM0Z8XRBFDr1fl7Og9E%0D%0AnTguXx30p%2F6fjAIozb%2Fi6C4BdB2z6QOfH27ZUFNL0QUELs%2Ftycs4J2zdGEerCADTM1P8df3PxyUZ%0D%0AiKPF8zyGHpwGFLC6QCCRuYA4QQQ6mw4hjhYT77GN2qiBWFnV5sXc0xMAgfKx5foVYKURB2vLPbxo%0D%0AM8auODE6ws%2FfH%2B77dHtjhxp5OHzywpWf%2FIIsRk25Rq0CRFY4UVNNndkmqZFRf3YuWaYUS0aE3RP5%0D%0AMXX3%2FiCOgu3Y1WYfL90sdSDgxRoYTY5mZ2anjwC%2FAqEBdM4tMJ4dwYs1YiOGSBkYrVHqlQNxoC34%0D%0AOV8BdxK9gQ%2Bguo7bwdYdrXu92nU6nR7Pzc%2FPSXxfazTj30IpRaWpIqbX4UQoBDkWJlRwLzVeLBTy%0D%0AGs2UcUX5duzvsfPqNpvDovQhnBIdELGaWFk1hclYmLx2fxmFbNm5qXJNvdi2DQ1WAsO1P%2F5petsh%0D%0Ayf6v25gJ0nxUUUeiP531s%2FkvAcor7MDOL2pjz3JzVKpqUoMTpb8QsSqdeTT98fomjyDv8LP5aKI3%0D%0AuAgQP2orCkGAVRVMZxbQhnQJIAzkm3s3Js6GSfkEQEd4%2Bbpa8%2BTW71P1ANqoB65I93OA2DgV%2BZ%2Bo%0D%0AmgAAAABJRU5ErkJggg%3D%3D</os:Image>
<os:Url type="text/html" method="GET" template="hxxp://https:.anonymize-me.de/?">
<Param name="anonymto" value="68747470733A2F2F6164646F6E732E6D6F7A696C6C612E6F72672F64652F66697265666F782F7365617263682F3F713D7B7365617263685465726D737D" />
<Param name="st" value="{searchTerms}" />
<Param name="clid" value="3798008a-9021-42be-a96d-c3f34c931f99" />
<Param name="pid" value="freewarede" />
<Param name="k" value="0" />
</os:Url>
<os:SearchForm></os:SearchForm>
</SearchPlugin>
========= Ende von CMD: =========
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Program Files
18.03.2017 22:40 <DIR> .
18.03.2017 22:40 <DIR> ..
04.02.2016 22:28 <DIR> 7-Zip
18.02.2017 21:43 <DIR> Bonjour
19.09.2015 08:28 <DIR> Calibre2
24.01.2015 19:34 <DIR> CCleaner
14.12.2012 06:35 <DIR> CDBurnerXP
13.03.2017 13:33 <DIR> Common Files
11.10.2015 20:59 <DIR> ConvertHelper3
04.03.2017 12:38 <DIR> Dell
21.10.2011 16:53 <DIR> Dell Inc
04.03.2017 12:37 <DIR> Dell Support Center
22.11.2011 13:13 <DIR> DellTPad
21.10.2011 17:21 <DIR> DigitalPersona
16.03.2017 18:34 <DIR> DVD Maker
04.02.2016 22:37 <DIR> GWC
24.01.2012 16:32 <DIR> HP
21.10.2011 17:18 <DIR> Intel
16.03.2017 18:34 <DIR> Internet Explorer
18.02.2017 21:43 <DIR> iPod
18.02.2017 21:44 <DIR> iTunes
15.03.2013 18:25 <DIR> Java
05.12.2015 17:17 <DIR> KDService
05.12.2015 17:17 <DIR> Kyocera
18.03.2017 22:40 <DIR> Malwarebytes
15.11.2011 22:02 <DIR> Microsoft Games
17.11.2011 08:49 <DIR> Microsoft Office
17.03.2017 06:57 <DIR> Microsoft Silverlight
17.11.2011 09:08 <DIR> Microsoft SQL Server
14.07.2009 06:32 <DIR> MSBuild
20.11.2015 21:06 <DIR> NVIDIA Corporation
29.12.2014 18:01 <DIR> OnlineFotoservice
20.05.2015 22:03 <DIR> Paragon Software
21.10.2011 09:43 <DIR> Realtek
14.07.2009 06:32 <DIR> Reference Assemblies
21.10.2011 18:39 <DIR> STMicroelectronics
13.05.2015 23:46 <DIR> Tracker Software
21.10.2011 17:12 <DIR> Validity Sensors
07.04.2013 08:33 <DIR> VideoLAN
10.07.2013 11:27 <DIR> Windows Defender
21.10.2011 17:43 <DIR> Windows Live
21.11.2010 07:50 <DIR> Windows Mail
21.09.2016 15:20 <DIR> Windows Media Player
26.10.2011 08:02 <DIR> Windows NT
21.11.2010 07:50 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
21.11.2010 07:50 <DIR> Windows Sidebar
16.11.2011 08:11 <DIR> WISO
0 Datei(en), 0 Bytes
48 Verzeichnis(se), 136.616.439.808 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Program Files (x86)
18.03.2017 22:40 <DIR> .
18.03.2017 22:40 <DIR> ..
26.10.2011 11:54 <DIR> Acronis
20.02.2016 10:30 <DIR> Adobe
20.05.2015 20:34 <DIR> Alexosoft
28.11.2011 18:20 <DIR> Amazon
07.09.2016 21:43 <DIR> Apowersoft
18.02.2017 21:43 <DIR> Apple Software Update
22.09.2013 09:00 <DIR> Ashampoo
07.09.2016 21:16 <DIR> Audacity
26.10.2011 11:10 <DIR> Audacity 1.3 Beta (Unicode)
19.08.2013 18:39 <DIR> Audible
13.03.2017 07:16 <DIR> AVG
13.12.2012 19:02 <DIR> Bing Bar Installer
18.02.2017 21:43 <DIR> Bonjour
19.03.2017 17:22 <DIR> BootRacer
16.11.2011 08:11 <DIR> Borland
30.03.2016 11:59 <DIR> CDBurnerXP
02.12.2012 16:22 <DIR> CEWE COLOR
18.02.2017 21:43 <DIR> Common Files
20.11.2011 10:51 <DIR> Creative
21.10.2011 17:28 <DIR> Creative Live! Cam
28.05.2015 22:11 <DIR> CrystalDiskInfo
21.10.2011 17:27 <DIR> CyberLink
04.03.2017 12:38 <DIR> Dell
21.10.2011 17:28 <DIR> Dell Webcam
21.10.2011 17:16 <DIR> Dell Wireless
21.10.2011 17:21 <DIR> DigitalPersona
22.05.2015 22:30 <DIR> ESET
13.06.2015 09:31 <DIR> FileZilla FTP Client
13.05.2015 23:42 <DIR> Foxit Software
26.10.2011 11:16 <DIR> FreeTime
28.08.2015 21:03 <DIR> Google
24.01.2012 16:33 <DIR> HP
21.10.2011 17:09 <DIR> Intel
16.03.2017 18:34 <DIR> Internet Explorer
18.02.2017 21:14 <DIR> IObit
24.01.2015 10:02 <DIR> Java
15.01.2016 16:33 <DIR> KeePass Password Safe 2
26.10.2011 11:11 <DIR> Lame For Audacity
13.02.2015 20:18 <DIR> lg_fwupdate
13.12.2012 19:02 <DIR> Microsoft
17.11.2011 08:49 <DIR> Microsoft Analysis Services
17.11.2011 09:10 <DIR> Microsoft Chart Controls
17.11.2011 08:51 <DIR> Microsoft Office
17.03.2017 06:57 <DIR> Microsoft Silverlight
17.11.2011 09:11 <DIR> Microsoft Small Business
14.07.2015 23:42 <DIR> Microsoft SQL Server
17.11.2011 08:51 <DIR> Microsoft SQL Server Compact Edition
17.11.2011 08:51 <DIR> Microsoft Sync Framework
17.11.2011 08:51 <DIR> Microsoft Synchronization Services
17.11.2011 08:49 <DIR> Microsoft Visual Studio 8
17.11.2011 09:07 <DIR> Microsoft Visual Studio 9.0
17.11.2011 09:07 <DIR> Microsoft.NET
07.03.2012 09:51 <DIR> Mobile Partner
27.01.2017 16:07 <DIR> Mozilla Firefox
27.01.2017 16:07 <DIR> Mozilla Maintenance Service
17.11.2011 08:52 <DIR> MSBuild
07.09.2016 20:06 <DIR> NCH Software
28.01.2012 08:41 <DIR> Nero
20.11.2015 21:06 <DIR> NVIDIA Corporation
30.10.2016 10:47 <DIR> PantsOff
10.11.2011 23:26 <DIR> QuickTime
14.07.2009 06:32 <DIR> Reference Assemblies
27.10.2011 07:27 <DIR> Roxio
26.05.2015 17:31 <DIR> Seagate
21.10.2011 17:13 <DIR> STMicroelectronics
18.11.2011 15:01 <DIR> Strategy Compass
20.12.2013 18:08 <DIR> StreamTransport
07.12.2011 07:54 <DIR> TeamViewer
29.11.2011 00:02 <DIR> Tobit Radio.fx
26.10.2011 09:10 <DIR> TREND MICRO
10.07.2013 11:27 <DIR> Windows Defender
21.10.2011 17:48 <DIR> Windows Live
21.11.2010 07:50 <DIR> Windows Mail
21.09.2016 15:20 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
21.11.2010 07:50 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
21.11.2010 07:50 <DIR> Windows Sidebar
0 Datei(en), 0 Bytes
80 Verzeichnis(se), 136.616.374.272 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\ProgramData
18.03.2017 22:40 <DIR> .
18.03.2017 22:40 <DIR> ..
05.04.2015 19:01 <DIR> 34BE82C4-E596-4e99-A191-52C6199EBF69
07.11.2011 14:00 <DIR> Acronis
20.02.2016 10:29 <DIR> Adobe
18.02.2017 21:43 <DIR> Apple
18.02.2017 21:43 <DIR> Apple Computer
11.03.2017 07:55 <DIR> ashampoo
26.10.2011 08:06 <DIR> Atheros
13.03.2017 13:42 <DIR> Avg
21.01.2013 12:36 <DIR> AVG January 2013 Campaign
26.10.2015 16:45 <DIR> AVG2015
18.04.2014 17:20 <DIR> Avg_Update_0414b
26.11.2015 12:50 <DIR> Avg_Update_0615piz
19.03.2017 17:23 <DIR> BootRacer
27.10.2011 07:25 <DIR> Canneverbe Limited
07.09.2016 20:53 <DIR> Caphyon
20.11.2011 10:09 <DIR> Creative
23.02.2012 12:15 <DIR> CyberLink
03.12.2012 18:02 <DIR> Dell
21.10.2011 17:21 <DIR> Downloaded Installations
21.06.2015 21:05 <DIR> Dropbox
18.02.2017 21:17 <DIR> E1864A66-75E3-486a-BD95-D1B7D99A84A7
20.05.2015 22:00 <DIR> explauncher
25.06.2012 17:40 <DIR> FLEXnet
24.01.2012 16:32 <DIR> HP
11.12.2012 13:22 <DIR> hps
21.10.2011 17:58 <DIR> Intel
18.03.2017 22:47 <DIR> IObit
19.07.2014 12:34 <DIR> iolo
22.12.2016 22:32 <DIR> KDService
20.05.2015 22:06 <DIR> launcher
21.10.2011 17:21 <DIR> Macrovision
18.03.2017 22:40 <DIR> Malwarebytes
17.03.2017 17:38 <DIR> Malwarebytes Anti-Exploit
14.05.2015 08:09 <DIR> Malwarebytes' Anti-Malware (portable)
02.01.2012 18:24 <DIR> McAfee
13.03.2017 13:33 <DIR> MFAData
11.08.2016 21:37 <DIR> Microsoft Help
02.05.2012 10:47 <DIR> Mozilla
07.09.2016 20:09 <DIR> NCH Software
28.01.2012 08:44 <DIR> Nero
20.05.2015 22:09 <DIR> newbackup
20.11.2015 21:08 <DIR> NVIDIA
20.11.2015 21:24 <DIR> NVIDIA Corporation
24.01.2015 10:02 <DIR> Oracle
20.11.2015 20:55 <DIR> Package Cache
04.03.2017 12:37 <DIR> PC-Doctor for Windows
04.03.2017 12:38 <DIR> PC-Doctor, Inc
04.03.2017 14:04 <DIR> PCDr
13.03.2017 13:34 <DIR> ProductData
27.10.2011 07:30 <DIR> Roxio
01.09.2014 14:01 <DIR> Skype
27.10.2011 07:30 <DIR> Sonic
11.12.2014 13:08 <DIR> Spyware Terminator
21.10.2011 17:08 <DIR> Sun
04.03.2017 13:08 <DIR> SupportAssistAgent
08.12.2015 19:46 <DIR> Temp
29.12.2014 22:28 <DIR> tmp
21.10.2011 17:13 <DIR> Validity
26.10.2011 11:56 <DIR> VirtualizedApplications
26.10.2011 11:23 <DIR> {93E26451-CD9A-43A5-A2FA-C42392EA4001}
0 Datei(en), 0 Bytes
62 Verzeichnis(se), 136.616.321.024 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Users\Traude\AppData\Roaming
04.03.2017 14:04 <DIR> .
04.03.2017 14:04 <DIR> ..
08.11.2011 08:50 <DIR> 0FE1F822-67EA-4572-9D80-F8FE8542E0F4
07.11.2011 13:13 <DIR> Acronis
23.09.2015 20:40 <DIR> Adobe
21.05.2015 21:32 <DIR> Alexosoft
28.11.2011 18:20 <DIR> Amazon
07.09.2016 21:47 <DIR> Apowersoft
15.09.2013 15:47 <DIR> Apple Computer
22.09.2013 08:50 <DIR> Ashampoo
15.03.2017 16:08 <DIR> Audacity
13.03.2017 07:19 <DIR> AVG
19.09.2015 08:29 <DIR> calibre
27.10.2011 07:25 <DIR> Canneverbe Limited
30.12.2014 11:38 <DIR> Cliqz
20.11.2011 10:51 <DIR> Creative
23.02.2012 12:15 <DIR> CyberLink
27.10.2011 14:00 <DIR> Dell
26.10.2011 08:02 <DIR> DigitalPersona
29.07.2015 06:11 <DIR> Dropbox
14.08.2015 19:51 <DIR> dvdcss
11.10.2015 21:22 <DIR> DVDVideoSoft
26.08.2015 20:20 <DIR> FileZilla
26.10.2011 22:17 <DIR> FLEXnet
13.05.2015 23:49 <DIR> Foxit Software
24.01.2012 16:33 <DIR> HpUpdate
26.10.2011 08:06 <DIR> Identities
18.02.2017 21:14 <DIR> IObit
17.03.2017 18:52 <DIR> KeePass
17.11.2011 12:24 38.112 Kommagetrennte Werte (DOS).ADR
04.01.2012 09:45 <DIR> KompoZer
26.10.2011 09:02 <DIR> Macromedia
21.11.2010 08:00 <DIR> Media Center Programs
26.10.2011 09:43 <DIR> Mozilla
07.09.2016 20:06 <DIR> NCH Software
28.01.2012 08:44 <DIR> Nero
04.11.2011 12:37 <DIR> NVIDIA
16.03.2013 20:59 <DIR> Opera
14.09.2014 18:50 <DIR> Oracle
04.03.2017 12:38 <DIR> PCDr
18.02.2017 21:15 <DIR> ProductData
08.11.2011 18:26 <DIR> Reallusion
27.10.2011 07:28 <DIR> Roxio
27.10.2011 07:27 <DIR> Roxio Log Files
19.11.2012 13:07 <DIR> Skype
13.01.2012 19:59 <DIR> skypePM
17.11.2011 08:43 <DIR> SoftGrid Client
19.11.2014 20:39 <DIR> Spyware Terminator
04.11.2011 18:03 <DIR> T-Mobile
11.01.2013 12:56 <DIR> T-Mobile Internet Manager
08.12.2015 19:38 <DIR> TeamViewer
21.12.2014 12:44 <DIR> Tobit
26.10.2011 09:13 <DIR> TP
07.09.2016 20:06 1.181 trace_FilterInstaller.txt
07.09.2016 20:06 0 trace_FilterInstaller.txt-CRT.txt
11.12.2012 18:25 <DIR> TuneUp Software
26.01.2016 17:27 <DIR> vlc
3 Datei(en), 39.293 Bytes
54 Verzeichnis(se), 136.616.263.680 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Users\Traude\AppData\Local
30.10.2016 09:25 <DIR> .
30.10.2016 09:25 <DIR> ..
16.01.2017 13:59 <DIR> Adobe
15.06.2014 09:42 <DIR> Adobe_Systems_Incorporate
19.07.2014 06:42 <DIR> Alexander_Seeliger_Softwa
19.09.2015 08:17 <DIR> Amazon
26.10.2011 11:22 <DIR> Apple
07.04.2013 22:57 <DIR> Apple Computer
19.07.2014 16:51 <DIR> Apps
14.08.2012 20:33 123.959 ars.cache
28.01.2012 08:57 <DIR> ashampoo
29.10.2016 07:51 <DIR> assembly
07.09.2016 21:16 <DIR> Audacity
05.03.2017 20:54 <DIR> Audible
13.03.2017 13:33 <DIR> Avg
13.03.2017 07:17 <DIR> AvgSetupLog
26.10.2011 08:06 <DIR> BMExplorer
19.09.2015 08:29 <DIR> calibre-cache
21.02.2016 08:17 <DIR> CEF
14.08.2012 20:34 893.155 census.cache
18.03.2017 19:00 <DIR> CrashDumps
23.02.2012 12:15 <DIR> Cyberlink
10.04.2013 21:54 8.192 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
21.10.2013 13:18 <DIR> Dell Edoc Viewer
30.04.2014 19:34 <DIR> Diagnostics
26.10.2011 08:02 <DIR> DigitalPersona
20.05.2015 22:02 <DIR> Downloaded Installations
04.07.2015 20:05 <DIR> Dropbox
26.06.2012 06:18 33.758 dt.dat
07.04.2013 08:29 <DIR> DVDVideoSoft_Ltd
21.01.2015 16:39 <DIR> ElevatedDiagnostics
08.12.2015 21:02 154.936 GDIPFONTCACHEV1.DAT
28.08.2015 21:02 <DIR> Google
14.08.2012 20:24 36 housecall.guid.cache
24.01.2012 16:36 <DIR> HP
23.09.2016 16:49 <DIR> iTunes
30.10.2011 10:56 <DIR> king.com
12.06.2012 07:08 <DIR> Macromedia
11.12.2012 18:17 <DIR> MFAData
15.01.2017 14:17 <DIR> Microsoft
15.02.2012 17:43 <DIR> Microsoft Games
07.08.2013 16:23 <DIR> Microsoft Help
18.11.2011 15:03 <DIR> Microsoft_Corporation
25.07.2014 13:40 <DIR> Mozilla
30.03.2016 11:42 <DIR> Nero
28.01.2012 08:44 <DIR> Nero_AG
20.11.2015 21:08 <DIR> NVIDIA
20.11.2015 21:05 <DIR> NVIDIA Corporation
16.08.2013 12:20 <DIR> Programs
28.11.2011 23:50 <DIR> RapidSolution
02.12.2012 16:27 7.606 Resmon.ResmonCfg
26.10.2011 09:12 <DIR> SoftGrid Client
19.03.2017 18:00 <DIR> Temp
28.01.2012 09:03 <DIR> VirtualStore
7 Datei(en), 1.221.642 Bytes
47 Verzeichnis(se), 136.616.206.336 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Program Files (x86)\Common Files
18.02.2017 21:43 <DIR> .
18.02.2017 21:43 <DIR> ..
08.11.2011 08:50 <DIR> Acronis
20.02.2016 10:30 <DIR> Adobe
16.01.2013 16:50 <DIR> Adobe Systems Shared
18.02.2017 21:43 <DIR> Apple
21.10.2011 17:15 <DIR> Atheros
21.10.2011 17:27 <DIR> CyberLink
15.05.2014 22:08 <DIR> DESIGNER
21.10.2011 17:28 <DIR> InstallShield
21.10.2011 09:43 <DIR> Intel
24.01.2015 10:01 <DIR> Java
25.06.2012 16:47 <DIR> Macrovision Shared
13.09.2015 08:47 <DIR> microsoft shared
28.01.2012 08:40 <DIR> Nero
21.10.2011 17:09 <DIR> postureAgent
14.07.2009 04:20 <DIR> Services
14.07.2009 04:20 <DIR> SpeechEngines
17.11.2011 08:54 <DIR> System
21.10.2011 17:39 <DIR> Windows Live
0 Datei(en), 0 Bytes
20 Verzeichnis(se), 136.616.144.896 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: C43F-51D2
Verzeichnis von C:\Program Files\Common Files
13.03.2017 13:33 <DIR> .
13.03.2017 13:33 <DIR> ..
25.06.2012 16:47 <DIR> Adobe
18.02.2017 21:43 <DIR> Apple
21.10.2011 09:43 <DIR> Intel
13.09.2015 08:47 <DIR> Microsoft Shared
14.07.2009 04:20 <DIR> Services
14.07.2009 04:20 <DIR> SpeechEngines
10.11.2011 07:24 <DIR> System
0 Datei(en), 0 Bytes
9 Verzeichnis(se), 136.616.091.648 Bytes frei
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58269366 B
Java, Flash, Steam htmlcache => 56130 B
Windows/system/drivers => 1367212368 B
Edge => 0 B
Chrome => 0 B
Firefox => 384516586 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Traude => 333475977 B
RecycleBin => 9763466585 B
EmptyTemp: => 11.1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:08:03 ====
Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : TRAUDE
Windows . . . . . . . : 6.1.1.7601.X64/8
User name . . . . . . : TRAUDE\Traude
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-03-19 18:19:54
Scan mode . . . . . . : Normal
Scan duration . . . . : 2m 7s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 2
Objects scanned . . . : 2.983.463
Files scanned . . . . : 119.730
Remnants scanned . . : 844.813 files / 2.018.920 keys
Suspicious files ____________________________________________________________
C:\Users\Traude\Desktop\FRST64.exe
Size . . . . . . . : 2.424.832 bytes
Age . . . . . . . : 1.0 days (2017-03-18 18:57:33)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Traude\Desktop\FRST64.exe
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=23978
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-05-22 09:34:27
# local_time=2015-05-22 11:34:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 112960 119464451 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 58878436 183960317 0 0
# scanned=2568
# found=0
# cleaned=0
# scan_time=60
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=23984
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-05-23 10:41:30
# local_time=2015-05-23 12:41:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 10288 119511674 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 58925659 184007540 0 0
# scanned=326260
# found=0
# cleaned=0
# scan_time=5642
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=init
# utc_time=2015-07-18 09:55:25
# local_time=2015-07-18 11:55:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24863
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=updated
# utc_time=2015-07-18 09:57:45
# local_time=2015-07-18 11:57:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=24863
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-18 11:36:29
# local_time=2015-07-18 01:36:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 19909 124353373 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 63767358 188849239 0 0
# scanned=341218
# found=0
# cleaned=0
# scan_time=5923
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=init
# utc_time=2015-09-13 09:11:20
# local_time=2015-09-13 11:11:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25735
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=updated
# utc_time=2015-09-13 09:13:31
# local_time=2015-09-13 11:13:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=25735
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-13 10:57:30
# local_time=2015-09-13 12:57:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 10845 129275834 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 68689819 193771700 0 0
# scanned=358001
# found=0
# cleaned=0
# scan_time=6238
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=init
# utc_time=2016-10-30 08:29:13
# local_time=2016-10-30 09:29:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31241
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=updated
# utc_time=2016-10-30 08:31:31
# local_time=2016-10-30 09:31:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=31241
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-10-30 09:48:17
# local_time=2016-10-30 10:48:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition'
# compatibility_mode=1057 16777213 100 82 67188 4386769 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 104368866 229450747 0 0
# scanned=405071
# found=2
# cleaned=2
# scan_time=4605
sh=93B631A75B0A6815449406608FE53DFA97A66580 ft=1 fh=f1beb0a58b15cce5 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht)" ac=C fn="C:\$RECYCLE.BIN\S-1-5-21-2721480124-1926032340-2623985909-1001\$RLWZMBR.exe"
sh=724F2B7778EE4B1DCE618D61946917E54D3E7375 ft=1 fh=68686c7175165e89 vn="Variante von Win32/PSWTool.PantsOff.A potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Program Files (x86)\PantsOff\PantsOffHk.dll"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=init
# utc_time=2017-03-19 05:30:55
# local_time=2017-03-19 06:30:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 32772
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# end=updated
# utc_time=2017-03-19 05:34:49
# local_time=2017-03-19 06:34:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5b053ea96b91d74995f854d400b2f188
# engine=32772
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-19 06:52:59
# local_time=2017-03-19 07:52:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 116497548 241579429 0 0
# scanned=396751
# found=0
# cleaned=0
# scan_time=4689
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Traude (Administrator) auf TRAUDE (19-03-2017 20:00:16)
Gestartet von C:\Users\Traude\Desktop
Geladene Profile: Traude (Verfügbare Profile: Traude)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Adobe Systems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Alexander Seeliger Software) C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
() C:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Sytems Incorporated) C:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [254776 2017-03-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [4774840 2016-05-23] (Greatis Software)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Run: [RfxSrvTray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155976 2015-11-16] (NVIDIA Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
Startup: C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-10-29]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.177.1
Tcpip\..\Interfaces\{0512DD7A-CFFA-45F7-98BE-6896EF174380}: [DhcpNameServer] 192.168.177.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.clustercoaching699.de/
SearchScopes: HKLM -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F28C98E0-B471-4C5D-92E1-55272CEE2DE9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2017-02-18] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default [2017-03-19]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\htysxxqg.default -> Startpage HTTPS - Deutsch
FF Homepage: Mozilla\Firefox\Profiles\htysxxqg.default -> hxxps://login.yahoo.com/config/login_verify2?.intl=de&.src=ym
about:preferences
FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: Mozilla\Firefox\Profiles\htysxxqg.default -> share_proxy_settings", true
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (ClipConverter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\clipconverter@clipconverter.cc.xpi [2015-08-28]
FF Extension: (Add-on Compatibility Reporter) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-11-23]
FF Extension: (Ghostery) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\firefox@ghostery.com.xpi [2017-02-11]
FF Extension: (ProxTube) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\ich@maltegoetz.de.xpi [2016-10-13]
FF Extension: (Kein Name) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\nostmp [2011-10-26] [ist nicht signiert]
FF Extension: (Photobucket Uploader) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\pbupload@photobucket.com.xpi [2016-04-27]
FF Extension: (Screengrab (fix version)) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-12-10]
FF Extension: (ColorfulTabs) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2017-03-14]
FF Extension: (FlashGot) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01]
FF Extension: (NoScript) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-17]
FF Extension: (Video DownloadHelper) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Fasterfox) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-04-27]
FF Extension: (Adblock Plus) - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\firefox-add-ons.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\forestle-de.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-maps.xml [2014-12-30]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\google-scholar.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\startpage-https---deutsch.xml [2016-03-21]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{3BF5568F-8A66-464F-8776-672588E7190D}.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{4F30B239-0305-4CF5-90B3-CE8425223BAA}.xml [2011-07-18]
FF SearchPlugin: C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\searchplugins\{BC94D3E1-7C24-465D-9BC7-820E38700ED5}.xml [2011-07-18]
FF ProfilePath: C:\Users\Traude\AppData\Roaming\KompoZer\Profiles\go9l27sd.default [2012-01-04]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-10-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension => nicht gefunden
FF HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Traude\AppData\Roaming\Mozilla\Firefox\Profiles\htysxxqg.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-16] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-12-02] (Nero AG)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\Traude\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-2721480124-1926032340-2623985909-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-29] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll [2010-03-08] (Midasplayer Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-11-10] (Apple Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-16] (Adobe Systems) [Datei ist nicht signiert]
R2 Adobe Version Cue CS2; c:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [Datei ist nicht signiert]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [263720 2017-03-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7197976 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.)
R2 Backup Service Home-Dienst; C:\Program Files (x86)\Alexosoft\Backup Service Home 3\BSHService.exe [29696 2015-03-14] (Alexander Seeliger Software) [Datei ist nicht signiert]
R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [87992 2016-05-10] (Greatis Software, LLC)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [441856 2013-10-24] (KYOCERA Document Solutions Inc.) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2017-02-18] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166136 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [311592 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336920 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-03-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [127584 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [101624 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76688 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [994592 2017-03-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [549912 2017-03-13] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [163512 2017-03-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [338576 2017-03-14] (AVG Technologies CZ, s.r.o.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2016-06-23] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2016-06-23] (Dell Computer Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82208 2017-03-19] (Malwarebytes)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299312 2015-11-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34392 2016-09-07] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-19 18:28 - 2017-03-19 18:28 - 02870984 _____ (ESET) C:\Users\Traude\Desktop\esetsmartinstaller_deu.exe
2017-03-19 18:18 - 2017-03-19 18:23 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-19 18:15 - 2017-03-19 18:16 - 11581544 _____ (SurfRight B.V.) C:\Users\Traude\Desktop\HitmanPro_x64.exe
2017-03-19 18:07 - 2017-03-19 18:08 - 00034165 _____ C:\Users\Traude\Desktop\Fixlog.txt
2017-03-18 22:47 - 2017-03-18 22:47 - 00001409 _____ C:\Users\Traude\Desktop\mbam.txt
2017-03-18 22:40 - 2017-03-19 18:29 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-18 22:40 - 2017-03-19 18:09 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-18 22:40 - 2017-03-19 18:09 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-18 22:40 - 2017-03-19 18:09 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-18 22:40 - 2017-03-19 18:09 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-18 22:40 - 2017-03-18 22:40 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-18 22:40 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-18 22:38 - 2017-03-18 22:38 - 57131432 _____ (Malwarebytes ) C:\Users\Traude\Desktop\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-18 22:33 - 2017-03-18 22:33 - 00566128 _____ (Malwarebytes) C:\Users\Traude\Desktop\mbam-clean-2.3.0.1001.exe
2017-03-18 22:04 - 2017-03-18 22:04 - 04031440 _____ C:\Users\Traude\Desktop\AdwCleaner_6.044.exe
2017-03-18 20:24 - 2017-03-18 22:16 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-18 19:20 - 2017-03-18 19:59 - 00469716 _____ C:\TDSSKiller.3.1.0.12_18.03.2017_19.20.30_log.txt
2017-03-18 19:20 - 2017-03-18 19:20 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Traude\Desktop\tdsskiller.exe
2017-03-18 19:11 - 2017-03-18 22:52 - 00057804 _____ C:\Users\Traude\Desktop\Addition.txt
2017-03-18 19:10 - 2017-03-19 20:00 - 00029801 _____ C:\Users\Traude\Desktop\FRST.txt
2017-03-18 19:09 - 2017-03-19 20:00 - 00000000 ____D C:\FRST
2017-03-18 18:59 - 2017-03-18 19:06 - 00000000 ____D C:\Users\Traude\Desktop\Malware-Logs
2017-03-18 18:57 - 2017-03-18 18:57 - 02424832 _____ (Farbar) C:\Users\Traude\Desktop\FRST64.exe
2017-03-16 07:07 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-16 07:07 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-16 07:07 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-16 07:07 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-16 07:07 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-16 06:56 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-16 06:56 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-16 06:56 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-16 06:56 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-16 06:56 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-16 06:56 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-16 06:56 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-16 06:56 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-16 06:56 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-16 06:56 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-16 06:56 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-16 06:56 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-16 06:56 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-16 06:56 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-16 06:56 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-16 06:56 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-16 06:56 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-16 06:56 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-16 06:56 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-16 06:56 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-16 06:56 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-16 06:56 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-16 06:56 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-16 06:56 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-16 06:56 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-16 06:56 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-16 06:56 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-16 06:56 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-16 06:56 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-16 06:56 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-16 06:56 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-16 06:56 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-16 06:56 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-16 06:56 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-16 06:56 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-16 06:56 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-16 06:56 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-16 06:56 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-16 06:56 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-16 06:56 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-16 06:56 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-16 06:56 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-16 06:56 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-16 06:56 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-16 06:56 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-16 06:56 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-16 06:56 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-16 06:56 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-16 06:56 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-16 06:56 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-16 06:56 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-16 06:56 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-16 06:56 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-16 06:56 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-16 06:56 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-16 06:56 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-16 06:56 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-16 06:56 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-16 06:56 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-16 06:56 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-16 06:56 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-16 06:56 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-16 06:56 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-16 06:56 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-16 06:56 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-16 06:56 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-16 06:56 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-16 06:56 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-16 06:56 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-16 06:56 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-16 06:56 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-16 06:56 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-16 06:56 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-16 06:56 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-16 06:56 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-16 06:56 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-16 06:56 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-16 06:56 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-16 06:56 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-16 06:56 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-16 06:56 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-16 06:56 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-16 06:56 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-16 06:56 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-16 06:56 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-16 06:56 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-16 06:56 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-16 06:56 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-16 06:56 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-16 06:56 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-16 06:56 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-16 06:56 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-16 06:56 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-16 06:56 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-16 06:56 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-16 06:56 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-16 06:56 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-16 06:56 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-16 06:56 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-16 06:56 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-16 06:56 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-16 06:56 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-16 06:56 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-16 06:56 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-16 06:56 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-16 06:56 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-16 06:56 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-16 06:56 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-16 06:56 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-16 06:56 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-16 06:56 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-16 06:56 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-13 07:18 - 2017-03-14 12:35 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgvmm.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgsp.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00399392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-03-13 07:18 - 2017-03-13 07:18 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-03-13 07:18 - 2017-03-13 07:18 - 00003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2017-03-13 07:18 - 2017-03-13 07:17 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-03-13 07:18 - 2017-03-13 07:17 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-03-04 12:38 - 2017-03-04 13:08 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-03-04 12:38 - 2017-03-04 12:38 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 __HDC C:\ProgramData\{A328A61B-C332-4C8C-A740-42F7F71DC398}
2017-03-04 12:38 - 2017-03-04 12:38 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-03-04 12:37 - 2017-03-04 12:37 - 00004026 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2017-03-04 12:37 - 2017-03-04 12:37 - 00003342 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2017-03-04 12:37 - 2017-03-04 12:37 - 00003216 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-03-04 12:37 - 2017-03-04 12:37 - 00000000 ____D C:\Program Files\Dell Support Center
2017-03-04 12:36 - 2017-03-04 12:36 - 02219736 _____ (Dell Inc) C:\Users\Traude\Downloads\aulauncher.exe
2017-03-04 12:34 - 2017-03-04 12:34 - 13517824 _____ C:\Users\Traude\Downloads\SupportAssistx64.msi
2017-03-04 12:06 - 2017-03-04 14:04 - 00000000 ____D C:\ProgramData\PCDr
2017-03-04 12:06 - 2017-03-04 12:38 - 00000000 ____D C:\Users\Traude\AppData\Roaming\PCDr
2017-03-02 21:43 - 2017-03-15 19:31 - 00000000 ____D C:\Users\Traude\Documents\1a-Jörg
2017-02-18 21:44 - 2017-02-18 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-02-18 21:43 - 2017-02-18 21:44 - 00000000 ____D C:\Program Files\iTunes
2017-02-18 21:43 - 2017-02-18 21:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple Computer
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\ProgramData\Apple
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\iPod
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files\Bonjour
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-02-18 21:43 - 2017-02-18 21:43 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-02-18 21:15 - 2017-02-18 21:15 - 00000000 ____D C:\Users\Traude\AppData\Roaming\ProductData
2017-02-18 21:14 - 2017-03-18 22:47 - 00000000 ____D C:\ProgramData\IObit
2017-02-18 21:14 - 2017-03-13 13:34 - 00000000 ____D C:\ProgramData\ProductData
2017-02-18 21:14 - 2017-02-18 21:14 - 00002888 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2017-02-18 21:14 - 2017-02-18 21:14 - 00001218 _____ C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2017-02-18 21:14 - 2017-02-18 21:14 - 00001194 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Users\Traude\AppData\Roaming\IObit
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-02-18 21:14 - 2017-02-18 21:14 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-18 21:13 - 2017-02-18 21:13 - 12906784 _____ (IObit) C:\Users\Traude\Downloads\iobituninstaller.exe
2017-02-18 17:42 - 2017-02-18 21:17 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2017-02-18 17:35 - 2017-02-18 17:38 - 177092424 _____ (Apple Inc.) C:\Users\Traude\Downloads\iTunes6464Setup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-19 18:16 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 18:16 - 2009-07-14 05:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 18:13 - 2010-11-21 07:50 - 00780482 _____ C:\Windows\system32\perfh007.dat
2017-03-19 18:13 - 2010-11-21 07:50 - 00179508 _____ C:\Windows\system32\perfc007.dat
2017-03-19 18:13 - 2009-07-14 06:13 - 01845602 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-19 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-19 18:10 - 2016-11-19 07:57 - 00000000 ____D C:\Users\Traude\AppData\LocalLow\Mozilla
2017-03-19 18:09 - 2016-10-30 09:18 - 01003520 _____ C:\Users\Public\Documents\bootracer.his
2017-03-19 18:09 - 2016-10-30 09:16 - 00000423 _____ C:\Users\Public\Documents\bootracer.ini
2017-03-19 18:09 - 2016-10-30 09:16 - 00000000 ____D C:\ProgramData\BootRacer
2017-03-19 18:08 - 2016-10-30 09:16 - 00000000 ____D C:\Program Files (x86)\BootRacer
2017-03-19 18:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 18:07 - 2016-07-30 10:18 - 00000000 ____D C:\Users\Traude\AppData\LocalLow\Temp
2017-03-19 17:37 - 2016-09-20 17:50 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-18 22:16 - 2015-05-22 22:10 - 00000000 ____D C:\AdwCleaner
2017-03-18 19:00 - 2011-10-26 15:06 - 00000000 ____D C:\Users\Traude\AppData\Local\CrashDumps
2017-03-17 18:52 - 2015-05-18 14:47 - 00000000 ____D C:\Users\Traude\AppData\Roaming\KeePass
2017-03-17 17:38 - 2015-05-19 23:12 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-03-17 14:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-17 06:57 - 2013-03-13 07:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-17 06:57 - 2009-07-14 05:45 - 00556656 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-16 18:34 - 2015-04-16 11:42 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 18:34 - 2014-05-06 18:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 18:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-16 07:12 - 2013-08-14 07:40 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 07:09 - 2011-10-27 23:10 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 07:08 - 2013-03-13 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 16:08 - 2011-10-26 11:10 - 00000000 ____D C:\Users\Traude\AppData\Roaming\Audacity
2017-03-15 16:06 - 2011-11-01 09:45 - 00000000 ____D C:\Users\Traude\Documents\Questico
2017-03-13 13:42 - 2015-10-26 12:53 - 00000000 ____D C:\ProgramData\Avg
2017-03-13 13:33 - 2015-06-02 19:09 - 00000000 ____D C:\Users\Traude\AppData\Local\Avg
2017-03-13 13:33 - 2011-10-26 09:07 - 00000000 ____D C:\ProgramData\MFAData
2017-03-13 07:19 - 2015-10-26 13:02 - 00000000 ____D C:\Users\Traude\AppData\Roaming\AVG
2017-03-13 07:17 - 2015-10-26 12:52 - 00000000 ____D C:\Users\Traude\AppData\Local\AvgSetupLog
2017-03-13 07:16 - 2015-11-26 07:26 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-13 07:16 - 2011-10-26 09:08 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-12 08:31 - 2016-05-24 16:12 - 00000898 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2017-03-11 07:55 - 2012-01-28 08:56 - 00000000 ____D C:\ProgramData\ashampoo
2017-03-08 16:21 - 2016-07-27 15:19 - 00000000 ____D C:\Users\Traude\Documents\Testamentsvollstreckung
2017-03-05 20:54 - 2013-08-19 18:39 - 00000000 ____D C:\Users\Traude\AppData\Local\Audible
2017-03-04 12:38 - 2011-10-21 17:17 - 00000000 ____D C:\Program Files\Dell
2017-03-04 12:38 - 2011-10-21 17:09 - 00000000 ____D C:\Program Files (x86)\Dell
2017-03-04 12:37 - 2011-10-21 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-03-03 18:22 - 2016-12-11 16:21 - 00000000 ____D C:\Users\Traude\Desktop\Mietgesuche
2017-03-02 21:43 - 2014-03-19 21:48 - 00000000 ____D C:\Users\Traude\Documents\AaufräumenSpeichern Desktop
2017-02-23 16:10 - 2011-10-26 15:12 - 00000000 ____D C:\Users\Traude\Documents\Praxis
2017-02-23 15:07 - 2016-02-20 10:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 16:37 - 2015-05-18 15:22 - 00000000 ____D C:\Users\Traude\Documents\Sicherheit
2017-02-18 17:42 - 2014-02-05 21:13 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-11-17 11:26 - 2011-11-17 12:24 - 0038112 _____ () C:\Users\Traude\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2016-09-07 20:06 - 2016-09-07 20:06 - 0001181 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt
2016-09-07 20:06 - 2016-09-07 20:06 - 0000000 _____ () C:\Users\Traude\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-08-14 20:33 - 2012-08-14 20:33 - 0123959 _____ () C:\Users\Traude\AppData\Local\ars.cache
2012-08-14 20:34 - 2012-08-14 20:34 - 0893155 _____ () C:\Users\Traude\AppData\Local\census.cache
2011-11-27 12:19 - 2013-04-10 21:54 - 0008192 _____ () C:\Users\Traude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-26 06:18 - 2012-06-26 06:18 - 0033758 _____ () C:\Users\Traude\AppData\Local\dt.dat
2012-08-14 20:24 - 2012-08-14 20:24 - 0000036 _____ () C:\Users\Traude\AppData\Local\housecall.guid.cache
2011-11-07 13:19 - 2012-12-02 16:27 - 0007606 _____ () C:\Users\Traude\AppData\Local\Resmon.ResmonCfg
2011-11-08 18:10 - 2011-11-08 18:10 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2012-01-20 11:02
==================== Ende von FRST.txt ============================
|
|
19.03.2017, 20:18
| #13 |
| | IObit wird als Malware erkannt? und hier noch die Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Traude (19-03-2017 20:00:53)
Gestartet von C:\Users\Traude\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-26 07:02:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2721480124-1926032340-2623985909-500 - Administrator - Disabled)
Gast (S-1-5-21-2721480124-1926032340-2623985909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2721480124-1926032340-2623985909-1003 - Limited - Enabled)
Traude (S-1-5-21-2721480124-1926032340-2623985909-1001 - Administrator - Enabled) => C:\Users\Traude
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.17 - STMicroelectronics)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - )
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2000174334.48.56.41298730 - Audible, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.2.3008 - AVG Technologies)
Backup Service Home 3.5.3 (HKLM-x32\...\{5979B77A-9AE6-4E75-AED8-283C5E16C02D}_is1) (Version: 3.5.3.2 - Alexander Seeliger Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BootRacer (HKLM-x32\...\{AAF04580-CE8A-4C52-98B9-0394654BC5A9}) (Version: 6.0.0.407 - Greatis Software, LLC)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Business Contact Manager für Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
calibre 64bit (HKLM\...\{9B70C080-F90A-49EA-B8A4-3E4D7BDDA853}) (Version: 2.36.0 - Kovid Goyal)
Canon iP4200 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4200) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Data Vault (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
Dropbox (HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
GDR 5520 für SQL Server 2008 (KB 2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.31 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
king.com (remove only) (HKLM-x32\...\king.com) (Version: - Midasplayer Ltd (king.com))
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (HKLM-x32\...\{742D41A9-B3BF-3A65-806E-F8372FB3E492}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)
QuickSlide® Home & Business (HKLM-x32\...\{E4B98C7B-6850-4B52-819C-69FD9A3FC21B}) (Version: 1.113.4 - Strategy Compass)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
SoundTap Streaming Audio-Recorder (HKLM-x32\...\SoundTap) (Version: 3.02 - NCH Software)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{E8C633FD-8719-448F-9A55-F04CFDD53E67}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12189 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Validity Sensors DDK (HKLM\...\{10AAF056-7792-497A-ACAF-3BF002196574}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WISO Buchhaltung 2 (HKLM-x32\...\WISO Buchhaltung 2) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2721480124-1926032340-2623985909-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Traude\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {20D86487-2013-4305-8334-C05F6F708A6A} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: {2A5597A6-ABD6-4A84-9A50-414667E7832D} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {2BD514D9-EE09-4942-8238-B4A8479A3F07} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {2CFBE6B6-5884-41BB-85E4-CFBBD457FCC2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-03-13] (AVG Technologies CZ, s.r.o.)
Task: {3083436A-97EB-4EFE-AE8D-945EF7C8562F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {32764461-1BE0-4CFF-8573-91AFC4846F1E} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {3BF1C568-8A50-4D17-AF4B-DBFB7C45C098} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {3F599757-8E06-403F-B099-100507B811A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-16] (Adobe Systems Incorporated)
Task: {47AB7541-0A6D-4EE9-A2B5-4FC9121A8C48} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: {4EFC7342-5717-4321-B287-DDAA6E1E0191} - System32\Tasks\0414bUpdateInfo => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe [2014-04-09] ()
Task: {517BFF39-1267-41C8-BBBC-A46A37AAFB29} - System32\Tasks\{82E25D12-D1E3-4F67-BA8E-3399E26270E5} => pcalua.exe -a C:\Users\Traude\Downloads\Radiotracker_6_Special_Computerbild.de.exe -d C:\Users\Traude\Downloads
Task: {5D9E8CE5-6CBD-4D20-85D2-A682418A612E} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-02-18] (IObit)
Task: {651F8BA7-E9A7-45CB-B074-FD30488F3A41} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: {8611A45D-4A77-4FD1-A4C2-4348546408DE} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: {8C021EE7-3E8E-4364-90FC-B5B5B7F43D02} - System32\Tasks\0415avUpdateInfo => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: {9BA98E42-3CBE-4579-AFEF-8526474D9598} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9EC1493A-A223-4846-8D6E-ACE018DA0BE5} - System32\Tasks\HP Officejet 6500 E710n-z.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HP Officejet 6500 E710n-z.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A0A9A05F-AE72-4250-8E61-4F02C10F2170} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A4EC09E3-00FC-4821-A880-5C06304FAB15} - System32\Tasks\FaxSetupWizard.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\FaxSetupWizard.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AB504399-C8DA-4B7F-805F-8124B45860E5} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: {C6F51862-32FE-4A4C-BCC1-64EDD6680382} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: {C9C2CE16-D76E-42B6-BCFE-3F6CE3728C86} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: {DD647DBF-B51B-46B2-AA19-AD152A458AB9} - System32\Tasks\1214avUpdateInfo => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: {E758412B-B717-455E-9368-7EE0EF23E29C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {EB2B061B-C3DF-4564-84A9-2D8D11AC6E13} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.)
Task: {EBBAFB6B-6A70-46D8-91DE-A0AE7824EAB1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F6056EB5-8BC4-4A1B-9C15-D571959F3845} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\0116avzUpdateInfo.job => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0316avzUpdateInfo.job => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1214avUpdateInfo.job => C:\ProgramData\Avg_Update_1214av\1214av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2721480124-1926032340-2623985909-1001Core1d0c14aa289cce6.job => C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Traude\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-27 08:05 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-02 16:20 - 2015-06-02 16:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2017-03-18 22:40 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 22:40 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00163584 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00793640 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2011-10-21 18:19 - 2011-07-20 14:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-03-18 20:13 - 2017-03-18 20:13 - 05885952 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17031801\algo.dll
2017-03-13 07:17 - 2017-03-13 07:17 - 00656040 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () C:\Creative Suite CS2\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () c:\Creative Suite CS2\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2015-11-20 21:05 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-28 12:55 - 2016-11-28 12:55 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2011-11-29 00:02 - 2013-06-03 12:06 - 09907712 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll
2011-11-29 00:02 - 2013-05-16 13:28 - 00242688 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger
2017-03-13 07:17 - 2017-03-13 07:17 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-05-14 18:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2721480124-1926032340-2623985909-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traude\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.177.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Radio.fx => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: vcsFPService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Traude^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Adobe Version Cue CS2 => c:\Creative Suite CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BackupServiceHome3Run => C:\Program Files (x86)\Alexosoft\Backup Service Home 3\Alexosoft.BackupService.MainApp.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DataCardMonitor => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\TrayApp.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Traude\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HW_OPENEYE_OUC_T-Mobile Internet Manager => "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: rfxsrvtray => "C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{24552CB8-D2D0-4A98-B3BE-07DD0E3DC53A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{0C0719E5-E684-4226-9E33-5E85FBF14F1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D0B947FF-971B-474F-9CD9-5DD8265572F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{80770A80-46B0-4E8D-9EB5-F1A6E56B5C4B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{2B8A644B-50E1-4255-B6D7-307BA311D504}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8232CE5E-66C2-4D7E-9FF9-3FD2DBA23D93}] => (Allow) LPort=2869
FirewallRules: [{2B5D4181-353B-4219-BB44-8809CDED1138}] => (Allow) LPort=1900
FirewallRules: [{C316FCD8-186F-4629-8260-FEF61E44CB52}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3DF06A5E-13B7-4CCB-85E4-889AFDBCF12E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{831B0B33-4C67-452C-94CF-94860BB106D4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{B5F4DD3E-CA13-45C1-9802-878F4A27CED4}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{34858832-A0F9-40FB-BDB1-483D1BEA8D7D}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{E2681585-9C84-4B34-9AF7-EC8A1D8660E7}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4238EC06-874F-44AD-9FC7-8086AEF3A50F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{BEFF5E89-E588-471D-97AD-5D5C0AEA0DFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{9D086069-1DE2-4F95-BC6D-5FC579ACE394}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{F0C07CF2-C034-40DD-B167-8CD811F786B4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{3F2F45D5-CCB8-4166-83A8-22FE1D8BF5E3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{919DB40C-4C28-4394-B356-94FBF9A808D8}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{B2829EF0-9777-4910-B7B0-C4294B6AAA29}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EB96B583-CE15-4F82-AFB8-9888FE81E542}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{A849370C-B1A3-4842-B543-D93A8501B681}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{246D22FE-B805-4CEE-BBD3-7710F1C210E8}C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe
FirewallRules: [{F0785DF7-7FE0-4914-9E0F-98EBFBF016A6}] => (Allow) LPort=5353
FirewallRules: [{0128A8BD-76FC-4AFA-89A4-C2F48CD1D4B2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9AA37D79-CE72-4F3B-8AF1-D19EB346D35B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{A33136C1-5717-4C49-A3FA-F001C983D9DB}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{BBF2F086-6E39-418B-A731-3424CD3A5931}] => (Allow) C:\Creative Suite CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{B6B5C4CD-CA56-406F-9587-1AC63C6311E8}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{19CEC1D9-2722-4DE9-9B6C-DB1B8FD2E469}] => (Allow) C:\Users\Traude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{91A75A44-C75F-4C7C-9CA8-CDD0364CF785}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{20E1AAC5-3F86-4A4F-81AE-C003AF82ACF2}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [{ED10ED38-8903-4FF7-8FFE-5EAE395543C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0FF34D6-3465-4888-A43C-9DFB6D1B2D7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98E27789-53C7-491E-B04C-3C39098F7F86}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{5A086E20-3C42-43D4-BB89-79DCC9A192D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1456411F-26C7-4B39-8F9C-D24B4E3A53E4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9026CB27-9A63-42A7-9859-91121FB01CA4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3D5AF432-24C2-441A-94D3-83C3D918B297}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{64BBA564-6B64-44B0-949B-9E11EB42DCD4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{582732F3-521A-458C-808E-719A2B03D169}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A5ACCA1E-88F4-4258-962B-8A7D9844EF4C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{4A27FEA7-E66B-4E3D-B752-5EFC85240EC0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B14A0AF7-B02E-4643-AE3C-CB94C1FA1781}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{83222B37-73E0-4444-9811-52433A1C7A12}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{43ACFD01-5E4C-45D5-BEFC-CD9A5DDB82F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79EBD6B7-8AE7-4EB2-8B00-738B3551F608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12992321-48C2-4887-BD53-6823B06B2359}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A3A563EC-2FD6-40E1-9420-FFE93792DC30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A35EC85-C06E-435E-B8E0-656592C9E272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{67789EF0-192A-43B5-89B5-AECE3552FE95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1C096973-E374-4B11-A4DD-9223335E0022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AAFEC492-365D-42C1-B32C-167D9A628745}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ECD259E3-AE26-415B-BD58-36C56816C6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9F6A9E4-C939-4CA6-890F-8EDB7018EBDB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{66605E5C-0066-4342-AB66-BBAD7B296E8C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{7DBB20F1-6B03-4758-BA41-79B57B0E87FB}] => (Allow) LPort=3702
FirewallRules: [{8F5F19C1-C715-4180-B91F-FE5CA594B537}] => (Allow) LPort=9244
FirewallRules: [{301A239F-A0B9-44DC-80EC-8E09B74ED85B}] => (Allow) LPort=3702
FirewallRules: [{26068542-29E7-4C3B-808B-06D8AC8B31C1}] => (Allow) LPort=9244
FirewallRules: [{067222A9-F4FD-43DF-ABA4-0E81A9D09F97}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{37D0E031-B371-45D3-A2B9-D0FDE497C5E1}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{B8743A74-EBD6-4ECF-BE6F-DD69000F1F96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB18389F-4745-47F8-A89C-639418769D3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4E54CC96-1D8C-4650-8619-553534100FD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7C6238E-CEA6-481D-A4C7-E3E4A47757A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC898EE7-4072-4177-A7F8-AF8603A76DFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
02-03-2017 22:19:28 Geplanter Prüfpunkt
04-03-2017 12:32:44 IObit Uninstaller restore point
04-03-2017 14:00:21 nach neuer PC-Doctor-Software-Version
12-03-2017 10:42:41 Geplanter Prüfpunkt
13-03-2017 07:19:52 Removed AVG
13-03-2017 07:20:24 Removed AVG 2016
16-03-2017 07:07:28 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/19/2017 07:54:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (03/19/2017 06:30:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Traude\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (03/19/2017 06:30:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Traude\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (03/19/2017 06:30:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Traude\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (03/19/2017 06:30:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Traude\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (03/19/2017 06:09:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/19/2017 06:09:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 14 20.177.168.192.in-addr.arpa. PTR Traude.local.
Error: (03/19/2017 06:09:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.177.20:5353 16 20.177.168.192.in-addr.arpa. PTR Traude-2.local.
Error: (03/19/2017 05:22:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (03/18/2017 10:46:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (03/19/2017 06:34:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/19/2017 06:34:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Traude\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/19/2017 06:34:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/19/2017 06:34:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Traude\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/19/2017 06:34:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/19/2017 06:34:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Traude\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/19/2017 06:32:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/19/2017 06:32:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Traude\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/19/2017 06:32:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/19/2017 06:32:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Traude\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2015-05-14 19:58:00.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-14 19:58:00.710
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-10-10 18:10:40.527
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.347
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.267
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:40.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 18:10:39.967
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 17:17:24.984
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\DigitalPersona\Bin\DpOFeedb.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 3990.17 MB
Verfügbarer physikalischer RAM: 1488.62 MB
Summe virtueller Speicher: 7978.52 MB
Verfügbarer virtueller Speicher: 4679.57 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:444.27 GB) (Free:136.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=444.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Probleme mit Browser hatte ich wegen der PUP-Dateien keine. Aber ein paar Fragen hätte ich noch - wäre nett, wenn Du mir die kurz beantworten könntest. Ich hab heute Nacht bis um 2 Uhr im Umfrage-Trööt über die Virenscanner geschmökert. Auch wenn der Ton manchmal nicht so freundlich war, hab ich viel gelernt. Nun meine diesbezügliche Frage: wird bei Nutzung eines der empfohlenen Tools (das von Schraubers Firma, MSE, Bitdefender oder Eset) das Hochladen von Malware verhindert? Ich hab ja AVG drauf (hast ja gesehen), und die Argumentation von Schrauber wegen der Datensammelei ist nicht von der Hand zu weisen. Aber verhindert das auch Malware? Nachdem Cosinus so von Ubuntu begeistert ist und ich absolut nicht auf WIN 10 umsteigen will, hab ich mir überlegt, ob ich parallel auf meinem Rechner mal Linux probieren kann? Ich bin jetzt nicht so der Crack was PC angeht, aber ich traue mir (trotz meiner 55 Lenze) zu, hier noch umzusteigen.... Nun noch eine Frage zur Registry: ich hab gelernt, daß das Aufräumen der Registry gefährlich sein kann. Bei dem installierten IObit werden aber die Registry - Einträge mit rausgelöscht. Was neulich bei einer Neuinstallation von Itunes auch nötig war, weil ich mein Iphone nicht mehr synchronisieren konnte. Die normale Deinstallation von der Apple Software hat da nicht ausgereicht. Kann ich das IObit problemlos verwenden? Oder soll ich das nur im absoluten Notfall nutzen? Oder vorher Rat bei Euch einholen, bevor das Kind in Brunnen gefallen ist? Jetzt wurde es doch etwas länger  ... Ich hoffe, das ist o.k.Schönen Abend noch! Traude |
|
20.03.2017, 20:46
| #14 | |||||||||||||
| /// TB-Ausbilder | IObit wird als Malware erkannt? Servus, Zitat:
Was meinst du mit "Hochladen von Malware"? Prinzipiell versucht jede Schutzsoftware, dass Malware nicht auf den Rechner gelangt. Die meisten Firmen sind sich da ähnlich. Dir muss einfach bewusst sein, dass kein Tool 100% der Malware erkennt bzw. aufhalten kann. Jeder, der etwas anderes behauptet, will dir entweder etwas verkaufen oder hat von der Materie nicht wirklich Ahnung.  Zitat:
 Zitat:
Wir hatten hier schon User, die sich wegen Tools wie Iobit, CCleaner oder TuneUp das komplette Windows zerschossen haben. Zudem empfehlt selbst Microsoft die Verwendung solcher Tools nicht... und das ist eigentlich eindeutig. Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
21.03.2017, 13:20
| #15 | ||
| | IObit wird als Malware erkannt? Hallo Matthias, tja, hier hat mal wieder Blondie zugeschlagen Mann kann es auch total kompliziert formulieren  Zitat:
Ich glaube, so ist das jetzt verständlicher Zitat:
Jetzt hab ich noch eine Frage, weiß aber nicht, ob Du mir da weiterhelfen kannst/darfst: Ich hab mir jetzt einen Boot-Stick von Ubuntu erstellt und wollte im BIOS die Boot-Optionen verändern. Leider hab ich ein Passwort drauf, das aber weder von mir noch von meinem Ex gesetzt wurde (sagt er - ich hab ihn gefragt). Ich wußte das nicht und habe 2 x versucht, meine gängigen Passwörter einzugeben ... hat natürlich nicht geklappt. Um den Rechner nicht abzuschießen - ich weiß nicht, wie oft man die Passwörter probieren kann - hab ich dann aufgegeben..... Hast Du mir einen Tipp, wie ich - ohne Ausbauen der CMOS-Batterie  - dieses Passwort löschen kann? Ich hab einen Dell-Laptop 3750, und die verlangen wohl für das Rücksetzen des Passwortes eine richtig fette Summe.... da würde ich gerne lieber Eure Kasse etwas klingeln lassen Wenn Du mir hier auch noch helfen könntest, dann bist Du wirklich DER Trojaner- Schönen Tag noch! Traude |
|
| Themen zu IObit wird als Malware erkannt? |
| deinstalliere, einiger, erkannt, fund, guten, hänge, installer, installiert, lösch, löscht, malware, malwarebytes, praktisch, programme, programmen, quarantäne, registry, schädlich, sorge, tool, troja, trojaner, uninstaller, verschoben, wirklich |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
