Istartpageing.com Virus auf Rechner

togaanbl · 11.12.2015, 15:07

Hallo liebe Mitglieder,

gestern habe ich mir den Istartpageing eingefangen. Als ich wieder einen Browser öffnete fand ich nun Istartpageing.com sowie diverse am 10.12.2015 installierte Programme.

Ich bin eurer Anleitung unter "Istartpageing.com redirect Virus entfernen" gefolgt und habe alle Schritte durchgeführt.

Die Logdateien füge ich an. Vielleicht mag mir ja jemand helfen und einmal drüber schauen, ob alles weg ist. Danke vorab dafür!

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.12.2015
Suchlaufzeit: 10:08
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.11.02
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Anni Blask

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 420532
Abgelaufene Zeit: 41 Min., 13 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.DNSBlock.BrwsrFlsh, C:\Windows\System32\DnsBlockUpdateSvc.exe, 1772, Löschen bei Neustart, [c20ca2017615df57a0c890ebcf346b95]
PUP.Optional.WindowsMangerProtect, C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe, 1388, Löschen bei Neustart, [5c72faa9d0bb5cdaa89ec8f516edfd03]

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 8
PUP.Optional.DNSBlock.BrwsrFlsh, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DnsBlockUpdateSvc, In Quarantäne, [c20ca2017615df57a0c890ebcf346b95], 
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [a628ffa412799e985c6f7a86c93b4ab6], 
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DPBHO.DLL, In Quarantäne, [547a673cb8d33ff7884318e849bb8779], 
PUP.Optional.IStartPageing.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\istartpageingSoftware, In Quarantäne, [e1edb3f043481125d2d17b83bb4851af], 
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [f3db0a998b005bdb408b837dcc38fb05], 
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [5c72faa9d0bb5cdaa89ec8f516edfd03], 
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [def09e05eaa1e650063fdbe2dc271ee2], 
PUP.Optional.DeskCut, HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [ece2edb6ee9dce68186c256853b08d73], 

Registrierungswerte: 3
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|yahooprotected@gmail.com, C:\Users\Anni Blask\AppData\Roaming\Mozilla\Firefox\Profiles\GtLqFdaV.default\extensions\yahooprotected@gmail.com, In Quarantäne, [05c9396aa4e77fb7e972842157ab37c9]
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{E2AF99E5-4405-4CC9-924E-D3D25A8BB003}, C:\Windows\Installer\{AC4A2B91-3FAB-48BE-868F-8476850C0D37}\{E2AF99E5-4405-4CC9-924E-D3D25A8BB003}.xpi, In Quarantäne, [d0fe445f6f1c979f18a6d5b91fe44eb2]
PUP.Optional.DeskCut, HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\MOZILLA\EXTENDS|appid, deskCutv2@gmail.com, In Quarantäne, [ece2edb6ee9dce68186c256853b08d73]

Registrierungsdaten: 2
PUP.Optional.IStartPageing.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H),Ersetzt,[ae201c879dee79bdb09fafc516ee50b0]
PUP.Optional.IStartPageing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H),Ersetzt,[626c059ecfbcd0668ac5aacaae56a35d]

Ordner: 8
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], 
PUP.Optional.Elex, C:\Program Files (x86)\SFK, In Quarantäne, [a12d901387048aac01ef5a6ff60db44c], 
PUP.Optional.DNSBlock.BrwsrFlsh, C:\Users\Anni Blask\AppData\Local\DnsBlock, In Quarantäne, [c30b485b800b51e5c1ed591bfd050000], 
PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x, Löschen bei Neustart, [4b836d3679122214ff99257e1ae8966a], 
PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\log, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], 
PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\update, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], 
PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}, In Quarantäne, [7955970c573476c0b5003573fc08f010], 
PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], 

Dateien: 13
PUP.Optional.DNSBlock.BrwsrFlsh, C:\Windows\System32\DnsBlockUpdateSvc.exe, Löschen bei Neustart, [c20ca2017615df57a0c890ebcf346b95], 
PUP.Optional.DNSBlocker.BrwsrFlsh, C:\Windows\System32\dns.block, In Quarantäne, [705e861dd5b69d99303cb0cb7e85e21e], 
PUP.Optional.DNSBlocker.BrwsrFlsh, C:\Windows\SysWOW64\dns.block, In Quarantäne, [e9e5cfd4e3a887af9ad2700b946fa25e], 
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}\cfnhnjhplcnhglmcfjnkdfkplljiifmeorx, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], 
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}\xfnhnjhplcnhglmcfjnkdfkplljiifmeoml, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], 
PUP.Optional.Elex, C:\Program Files (x86)\SFK\SFK.ini, In Quarantäne, [a12d901387048aac01ef5a6ff60db44c], 
PUP.Optional.WindowsMangerProtect, C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe, Löschen bei Neustart, [5c72faa9d0bb5cdaa89ec8f516edfd03], 
PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\log\ProtectWindowsManager_2015-12-10[21-25-03-890].log, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], 
PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\update\conf, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], 
PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}\config.json, In Quarantäne, [7955970c573476c0b5003573fc08f010], 
PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}\def.bin, In Quarantäne, [7955970c573476c0b5003573fc08f010], 
PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}\config.json, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], 
PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}\def.bin, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v5.024 - Bericht erstellt am 11/12/2015 um 11:10:45
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Anni Blask - ANNI
# Gestartet von : C:\Users\Anni Blask\Downloads\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Windows\Installer\{AC4A2B91-3FAB-48BE-868F-8476850C0D37}

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\SpeedMon

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1040 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 x64 
Ran by Anni Blask (Administrator) on 11.12.2015 at 11:15:25,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2015 at 11:18:19,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Shortcut Cleaner 1.3.9 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 8.1 
Program started at: 12/11/2015 11:19:40 AM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Anni Blask\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Anni Blask\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 12/11/2015 11:19:41 AM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

ESET ergab keine Funde!

M-K-D-B · 11.12.2015, 15:32

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Gibt es aktuell noch Probleme? Wenn ja, in welchem Browser?

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

togaanbl · 11.12.2015, 16:16

Wie gewünscht:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Anni Blask (Administrator) auf ANNI (11-12-2015 16:05:51)
Gestartet von C:\Users\Anni Blask\Downloads
Geladene Profile: Anni Blask &  (Verfügbare Profile: Anni Blask)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_6.3.9600.20278_x64__8wekyb3d8bbwe\numbers.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-05] (IDT, Inc.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Startup: C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-11]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3137ED8D-372F-4D19-8468-BB25E814F246}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-07] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Anni Blask\AppData\Roaming\Mozilla\Firefox\Profiles\hsk1p1hn.default-1449784234263
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-07] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-01] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-01] (Microsoft Corporation)
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-26] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-09-01] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-09-01] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-01] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; kein ImagePath
U3 McNaiAnn; kein ImagePath
U3 mcpltsvc; kein ImagePath
U3 McProxy; kein ImagePath
U3 mfecore; kein ImagePath
U3 MSK80Service; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-11 16:05 - 2015-12-11 16:06 - 00017844 _____ C:\Users\Anni Blask\Downloads\FRST.txt
2015-12-11 15:55 - 2015-12-11 16:05 - 00000000 ____D C:\FRST
2015-12-11 15:55 - 2015-12-11 15:55 - 04676456 _____ (Kaspersky Lab ZAO) C:\Users\Anni Blask\Downloads\tdsskiller.exe
2015-12-11 15:54 - 2015-12-11 15:54 - 02369024 _____ (Farbar) C:\Users\Anni Blask\Downloads\FRST64.exe
2015-12-11 15:54 - 2015-12-11 15:54 - 02369024 _____ (Farbar) C:\Users\Anni Blask\Downloads\FRST64(1).exe
2015-12-11 11:49 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\e-academy Inc
2015-12-11 11:49 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\e-academy Inc
2015-12-11 11:48 - 2015-12-11 11:49 - 00720384 _____ C:\Users\Anni Blask\Downloads\SDM_DE.msi
2015-12-11 11:29 - 2015-12-11 11:29 - 00001283 _____ C:\Users\Anni Blask\Desktop\Revo Uninstaller.lnk
2015-12-11 11:29 - 2015-12-11 11:29 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-11 11:29 - 2015-12-11 11:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-11 11:20 - 2015-12-11 11:20 - 02870984 _____ (ESET) C:\Users\Anni Blask\Downloads\esetsmartinstaller_deu.exe
2015-12-11 11:20 - 2015-12-11 11:20 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-11 11:07 - 2015-12-11 11:10 - 00000000 ____D C:\AdwCleaner
2015-12-11 10:59 - 2015-12-11 11:00 - 00483328 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 10:35 - 2015-12-11 10:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Anni Blask\Downloads\revosetup95.exe
2015-12-11 10:34 - 2015-12-11 10:34 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Anni Blask\Downloads\sc-cleaner.exe
2015-12-11 10:33 - 2015-12-11 10:33 - 01738240 _____ C:\Users\Anni Blask\Downloads\AdwCleaner_5.024.exe
2015-12-11 10:33 - 2015-12-11 10:33 - 01599336 _____ (Malwarebytes) C:\Users\Anni Blask\Downloads\JRT.exe
2015-12-10 23:27 - 2015-12-10 23:27 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Avira
2015-12-10 23:23 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-12-10 22:56 - 2015-12-11 11:02 - 00001197 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-10 22:56 - 2015-12-10 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-10 22:56 - 2015-12-10 23:23 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-10 22:53 - 2015-12-10 22:55 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Anni Blask\Downloads\avira_de_av_5669f3e9c1948__ws.exe
2015-12-10 22:45 - 2015-12-10 22:46 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Anni Blask\Downloads\avira_de_av_5669f13e98269__ws.exe
2015-12-10 22:27 - 2015-12-10 22:27 - 00003142 _____ C:\Windows\System32\Tasks\{C694253A-B1AE-4A42-95CD-514800100869}
2015-12-10 21:57 - 2015-12-11 15:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-10 21:57 - 2015-12-11 11:02 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-10 21:57 - 2015-12-10 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-10 21:56 - 2015-12-10 21:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-10 21:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-10 21:56 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-10 21:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-10 21:52 - 2015-12-10 21:55 - 22908888 _____ (Malwarebytes ) C:\Users\Anni Blask\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-10 21:31 - 2015-12-10 22:26 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-10 21:31 - 2015-12-10 21:45 - 00000000 ____D C:\ProgramData\Avg
2015-12-10 21:29 - 2015-12-11 11:01 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-10 21:27 - 2015-12-10 22:26 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\AvgSetupLog
2015-12-10 21:27 - 2015-12-10 21:45 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Avg
2015-12-04 10:39 - 2015-12-04 10:52 - 00401408 _____ C:\Users\Anni Blask\Documents\Datenbank1.accdb
2015-11-22 20:50 - 2015-11-22 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-19 15:20 - 2015-11-19 15:22 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Temporary Projects
2015-11-17 12:42 - 2015-11-27 12:28 - 00000000 ____D C:\Users\Anni Blask\Documents\Visual Studio 2012
2015-11-17 12:39 - 2015-11-17 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-17 12:38 - 2015-11-17 12:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-11-17 12:38 - 2015-11-17 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2015-11-17 12:38 - 2015-11-17 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK - Deutsch
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\Program Files\Application Verifier
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-11-17 12:35 - 2015-11-17 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-11-17 12:30 - 2015-12-11 11:02 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk
2015-11-17 12:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-11-17 12:22 - 2015-11-17 12:22 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-11-17 12:16 - 2015-11-17 12:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-11-17 12:16 - 2015-11-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-11-17 12:16 - 2015-11-17 12:16 - 00000000 ____D C:\Windows\symbols
2015-11-17 12:16 - 2015-11-17 12:16 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2015-11-17 11:20 - 2015-11-17 11:20 - 00000000 ____D C:\Users\Anni Blask\AppData\LocalLow\Temp
2015-11-17 11:19 - 2015-11-17 11:19 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\NuGet
2015-11-16 18:18 - 2015-11-17 10:54 - 00000000 ____D C:\Users\Anni Blask\Documents\Visual Studio 2015
2015-11-16 18:13 - 2015-11-16 18:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-11-16 18:13 - 2015-11-16 18:13 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-11-16 18:12 - 2015-11-16 18:12 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-11-16 18:11 - 2015-11-16 18:11 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-11-16 18:10 - 2015-11-17 12:33 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-16 18:08 - 2015-11-16 18:08 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-11-16 18:08 - 2015-11-16 18:08 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-11-16 18:04 - 2015-11-16 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-11-16 18:02 - 2015-11-16 18:02 - 00000000 ____D C:\Program Files\IIS Express
2015-11-16 18:02 - 2015-11-16 18:02 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-11-16 18:01 - 2015-11-16 18:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-11-16 18:01 - 2015-11-16 18:01 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-11-16 18:00 - 2015-11-17 12:30 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-11-16 18:00 - 2015-11-17 12:29 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\ProgramData\NuGet
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\Program Files\IIS
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\Program Files (x86)\IIS
2015-11-16 17:59 - 2015-11-16 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-11-16 17:58 - 2015-12-11 11:02 - 00001549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-11-16 17:58 - 2015-11-16 17:58 - 00000000 ____D C:\Users\Anni%20Blask
2015-11-16 17:58 - 2015-11-16 17:58 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-11-16 17:57 - 2015-11-16 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-16 17:56 - 2015-11-16 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-11-16 17:55 - 2015-11-17 12:28 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-11-16 17:55 - 2015-11-17 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-11-16 17:53 - 2015-12-11 11:02 - 00001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-11-16 17:53 - 2015-11-17 12:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-11-16 17:53 - 2015-11-17 12:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-11-16 17:53 - 2015-11-16 17:57 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-11-16 17:53 - 2015-11-16 17:54 - 00000000 ____D C:\Windows\system32\1033
2015-11-16 17:53 - 2015-11-16 17:53 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-11-16 17:50 - 2015-11-16 17:53 - 00000000 ____D C:\Windows\system32\1031
2015-11-16 17:50 - 2015-11-16 17:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2015-11-16 17:50 - 2015-11-16 17:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2015-11-16 17:49 - 2015-11-17 12:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-11-16 17:49 - 2015-11-16 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-11-16 17:40 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-11-16 17:40 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-16 17:27 - 2015-11-17 10:50 - 00000000 ____D C:\ProgramData\VsTelemetry

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-11 16:04 - 2014-09-01 09:35 - 00801992 _____ C:\Windows\system32\perfh007.dat
2015-12-11 16:04 - 2014-09-01 09:35 - 00174994 _____ C:\Windows\system32\perfc007.dat
2015-12-11 16:04 - 2014-03-18 10:53 - 01924576 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-11 16:04 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-11 15:57 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-11 15:16 - 2015-04-06 11:03 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2899336889-42798528-283681265-1001
2015-12-11 11:38 - 2014-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-12-11 11:38 - 2014-09-01 00:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-11 11:37 - 2014-12-27 19:19 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-12-11 11:37 - 2014-12-27 19:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-11 11:11 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 11:02 - 2015-10-04 12:47 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-11 11:02 - 2015-04-07 20:18 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-11 11:02 - 2014-12-27 19:10 - 00001653 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Sound.lnk
2015-12-11 11:02 - 2013-09-30 22:49 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Control Zone (Touchpad Clickpad Trackpad Mouse).lnk
2015-12-11 11:01 - 2015-04-07 20:46 - 00000295 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-11 11:01 - 2015-04-07 20:40 - 00000707 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anni Blask.lnk
2015-12-11 11:01 - 2015-04-06 10:57 - 00000469 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-12-11 11:01 - 2015-04-06 10:57 - 00000467 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-12-11 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Resources
2015-12-10 23:23 - 2015-04-07 16:20 - 00000000 ____D C:\ProgramData\Avira
2015-12-10 22:56 - 2014-12-27 19:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-10 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Registration
2015-12-10 21:29 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-10 19:10 - 2015-04-06 10:57 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Packages
2015-12-07 17:43 - 2015-06-05 17:15 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Microsoft Help
2015-12-04 13:58 - 2015-04-07 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-25 09:45 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 09:43 - 2015-04-07 16:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-24 09:10 - 2015-04-06 10:57 - 00000000 ____D C:\Users\Anni Blask
2015-11-22 18:16 - 2015-09-22 09:44 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Adobe
2015-11-22 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-22 17:43 - 2015-10-04 12:47 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Skype
2015-11-22 17:40 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-22 17:22 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-17 12:36 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-17 12:34 - 2014-04-03 00:13 - 00000000 ____D C:\Program Files\MSBuild
2015-11-17 12:22 - 2014-04-03 00:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-16 19:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-16 18:02 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp

Einige Dateien in TEMP:
====================
C:\Users\Anni Blask\AppData\Local\Temp\avgnt.exe
C:\Users\Anni Blask\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-06 17:41

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Anni Blask (2015-12-11 16:06:58)
Gestartet von C:\Users\Anni Blask\Downloads
Windows 8.1 (X64) (2015-04-06 09:57:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2899336889-42798528-283681265-500 - Administrator - Disabled)
Anni Blask (S-1-5-21-2899336889-42798528-283681265-1001 - Administrator - Enabled) => C:\Users\Anni Blask
Gast (S-1-5-21-2899336889-42798528-283681265-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6498.0 - IDT)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.44.8258 - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{3682f425-c5f9-4fd6-b36a-793f4606b68f}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.34.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.16.2 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

18-11-2015 16:31:48 Removed Bonjour
26-11-2015 14:59:08 Geplanter Prüfpunkt
06-12-2015 19:00:02 Geplanter Prüfpunkt
10-12-2015 22:28:16 Removed Visual Studio 2012 x64 Redistributables
11-12-2015 11:14:45 JRT Pre-Junkware Removal
11-12-2015 11:15:26 JRT Pre-Junkware Removal
11-12-2015 11:30:27 Revo Uninstaller's restore point - CyberLink YouCam
11-12-2015 11:31:08 Konfiguriert YouCam
11-12-2015 15:32:25 Revo Uninstaller's restore point - Secure Download Manager

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {18CFC75D-D3B3-4793-9E83-C318F315C787} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {31111AD1-0414-4A65-8E2A-F2038CA6A0FD} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {4DD0FE3C-4657-4424-BE4F-7C166CC78435} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {663CCF03-FAA2-4683-81AA-C0671AEF133A} - System32\Tasks\{C694253A-B1AE-4A42-95CD-514800100869} => pcalua.exe -a "C:\Users\Anni Blask\AppData\Roaming\SpeedMon\speedmon.exe" -c /uninstall
Task: {962EE93E-D1CD-4669-9C4C-FDBB2DC593F8} - System32\Tasks\{3B0E6C7C-3F3C-4960-8552-02A8883E3B73} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.0.101/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {A740DFB6-E7C4-4FF8-A86F-CAA95BB91B25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {C9F0FFF4-F404-4935-B48F-81D2E3763EFF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {CF673C33-3AFF-4FE2-AA28-00E0858D3994} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {D8C8D4DE-BC3A-4C39-AF49-394E31058B1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {DE7A0D87-1FB3-43FA-8F88-6B345231E4F9} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {E4C39BE2-4A38-418E-8510-397D2A8802D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-04-07 19:21 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-27 19:05 - 2013-09-17 12:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2899336889-42798528-283681265-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img11.jpg
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img11.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "DnsBlock"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8030F42C-16DB-4013-94F0-1436255BB821}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7C2E3CED-CC63-4B0D-A441-4C20BFD5A318}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2E2E3C57-EA27-4987-8518-332F4394C2BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0A81E774-3D92-4738-A917-7F25650529B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{7527666A-984E-4C17-B7A7-5D8A71CADB47}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{672FC62C-079D-469D-A6C9-A0D2254531D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{95699018-1674-478E-BC38-47CEEE2DCC20}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C0571ED8-235E-474C-B53A-AC706BBC91F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{602E53F7-7FCD-41BE-B209-53E44CFF46B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{63EF34BE-42D3-4948-8A36-853E2541F326}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FE3C967B-F6BB-4C0E-9D31-66077F0F1D6E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2B960C70-A234-4CD6-BE58-FF279313E669}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{11674471-48E1-4174-880E-C384BF544EBC}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0AE95B10-D9A5-4002-B85F-A60A914D48C2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{BDB329DA-01F2-4650-9020-9167C8A30E2E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{4916F6BF-36DA-44DB-91E4-0CD39B2920D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDD55130-B68D-4D3F-940B-9F78D124A704}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DF691D3-329B-4156-8D8D-A207E38B52F9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10BB0D7A-11F1-43BC-B4A5-B86B75F600FD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{44D276E3-E6CC-4871-8BD7-9D9BEE65D52A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{73985E9D-C4A6-4F98-B4C1-53306B63A9B5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/11/2015 03:31:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/11/2015 11:20:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/11/2015 11:20:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/11/2015 11:20:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/11/2015 11:20:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/10/2015 11:30:21 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-2899336889-42798528-283681265-1001}/">.

Error: (12/10/2015 11:30:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-2899336889-42798528-283681265-1001}/">.

Error: (12/10/2015 05:53:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 42.0.0.5780 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11fc

Startzeit: 01d13367edfaa42d

Endzeit: 76

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 7a2d56ca-9f5e-11e5-826b-d0bf9c24d770

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/10/2015 02:40:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/10/2015 02:38:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (12/11/2015 11:21:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/11/2015 11:21:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2015 11:21:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/11/2015 11:21:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2015 11:21:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/11/2015 11:21:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys

Error: (12/11/2015 11:11:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 4012.27 MB
Verfügbarer physikalischer RAM: 2386.37 MB
Summe virtueller Speicher: 4716.27 MB
Verfügbarer virtueller Speicher: 2865.95 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:448.57 GB) (Free:399.26 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.17 GB) (Free:1.63 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== Ende von Addition.txt ============================

togaanbl · 11.12.2015, 16:17

Und hier die TDSSKiller:

Code:

ATTFilter

16:09:45.0181 0x1318  TDSS rootkit removing tool 3.1.0.8 Dec  5 2015 01:19:03
16:09:45.0181 0x1318  UEFI system
16:09:55.0848 0x1318  ============================================================
16:09:55.0849 0x1318  Current date / time: 2015/12/11 16:09:55.0848
16:09:55.0849 0x1318  SystemInfo:
16:09:55.0849 0x1318  
16:09:55.0849 0x1318  OS Version: 6.3.9600 ServicePack: 0.0
16:09:55.0849 0x1318  Product type: Workstation
16:09:55.0849 0x1318  ComputerName: ANNI
16:09:55.0849 0x1318  UserName: Anni Blask
16:09:55.0849 0x1318  Windows directory: C:\Windows
16:09:55.0849 0x1318  System windows directory: C:\Windows
16:09:55.0849 0x1318  Running under WOW64
16:09:55.0849 0x1318  Processor architecture: Intel x64
16:09:55.0849 0x1318  Number of processors: 4
16:09:55.0849 0x1318  Page size: 0x1000
16:09:55.0849 0x1318  Boot type: Normal boot
16:09:55.0849 0x1318  ============================================================
16:09:56.0544 0x1318  KLMD registered as C:\Windows\system32\drivers\95049476.sys
16:09:56.0907 0x1318  System UUID: {22AC08BD-3DD7-B2D2-5FEA-BA272D742D48}
16:09:57.0926 0x1318  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:09:57.0958 0x1318  ============================================================
16:09:57.0958 0x1318  \Device\Harddisk0\DR0:
16:09:57.0959 0x1318  GPT partitions:
16:09:57.0960 0x1318  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {133ED07E-22E5-4308-9315-DE26E42B5723}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
16:09:57.0960 0x1318  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {76ED9E1C-9934-441B-8EC3-0C33302E6B4D}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
16:09:57.0960 0x1318  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B2777725-0001-4796-BEB7-844B4879B106}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
16:09:57.0960 0x1318  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {67397706-7B17-462B-BD2A-9031C35159B6}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x38123000
16:09:57.0960 0x1318  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {78788AEA-9523-4071-B251-C32D9D9D523C}, Name: Basic data partition, StartLBA 0x3832A800, BlocksNum 0x2059000
16:09:57.0960 0x1318  MBR partitions:
16:09:57.0960 0x1318  ============================================================
16:09:57.0981 0x1318  C: <-> \Device\Harddisk0\DR0\Partition4
16:09:58.0056 0x1318  D: <-> \Device\Harddisk0\DR0\Partition5
16:09:58.0056 0x1318  ============================================================
16:09:58.0056 0x1318  Initialize success
16:09:58.0056 0x1318  ============================================================
16:10:31.0544 0x01e8  ============================================================
16:10:31.0544 0x01e8  Scan started
16:10:31.0544 0x01e8  Mode: Manual; SigCheck; TDLFS; 
16:10:31.0544 0x01e8  ============================================================
16:10:31.0544 0x01e8  KSN ping started
16:10:33.0872 0x01e8  KSN ping finished: true
16:10:37.0856 0x01e8  ================ Scan system memory ========================
16:10:37.0856 0x01e8  System memory - ok
16:10:37.0856 0x01e8  ================ Scan services =============================
16:10:38.0028 0x01e8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
16:10:38.0216 0x01e8  1394ohci - ok
16:10:38.0262 0x01e8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
16:10:38.0294 0x01e8  3ware - ok
16:10:38.0325 0x01e8  [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
16:10:38.0341 0x01e8  Accelerometer - ok
16:10:38.0419 0x01e8  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:10:38.0481 0x01e8  ACPI - ok
16:10:38.0512 0x01e8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
16:10:38.0544 0x01e8  acpiex - ok
16:10:38.0559 0x01e8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
16:10:38.0591 0x01e8  acpipagr - ok
16:10:38.0591 0x01e8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
16:10:38.0622 0x01e8  AcpiPmi - ok
16:10:38.0637 0x01e8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
16:10:38.0653 0x01e8  acpitime - ok
16:10:38.0731 0x01e8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
16:10:38.0809 0x01e8  ADP80XX - ok
16:10:38.0872 0x01e8  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:10:38.0919 0x01e8  AeLookupSvc - ok
16:10:38.0981 0x01e8  [ 7C7BE474915166B61B84C025F1F10157, 41F5E2C29F602D272138A6FA0E0FC3369491DABEFF123EF3914613979BA6BDA8 ] AFD             C:\Windows\system32\drivers\afd.sys
16:10:39.0044 0x01e8  AFD - ok
16:10:39.0075 0x01e8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:10:39.0106 0x01e8  agp440 - ok
16:10:39.0138 0x01e8  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
16:10:39.0153 0x01e8  ahcache - ok
16:10:39.0184 0x01e8  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
16:10:39.0231 0x01e8  ALG - ok
16:10:39.0263 0x01e8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
16:10:39.0294 0x01e8  AmdK8 - ok
16:10:39.0309 0x01e8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
16:10:39.0341 0x01e8  AmdPPM - ok
16:10:39.0356 0x01e8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:10:39.0388 0x01e8  amdsata - ok
16:10:39.0419 0x01e8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:10:39.0466 0x01e8  amdsbs - ok
16:10:39.0481 0x01e8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:10:39.0497 0x01e8  amdxata - ok
16:10:39.0809 0x01e8  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
16:10:39.0903 0x01e8  AntiVirMailService - ok
16:10:40.0028 0x01e8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
16:10:40.0075 0x01e8  AntiVirSchedulerService - ok
16:10:40.0138 0x01e8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
16:10:40.0184 0x01e8  AntiVirService - ok
16:10:40.0278 0x01e8  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
16:10:40.0388 0x01e8  AntiVirWebService - ok
16:10:40.0434 0x01e8  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
16:10:40.0466 0x01e8  AppHostSvc - ok
16:10:40.0497 0x01e8  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
16:10:40.0528 0x01e8  AppID - ok
16:10:40.0559 0x01e8  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:10:40.0575 0x01e8  AppIDSvc - ok
16:10:40.0591 0x01e8  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\Windows\System32\appinfo.dll
16:10:40.0638 0x01e8  Appinfo - ok
16:10:40.0684 0x01e8  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
16:10:40.0747 0x01e8  AppReadiness - ok
16:10:40.0841 0x01e8  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
16:10:40.0966 0x01e8  AppXSvc - ok
16:10:40.0997 0x01e8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:10:41.0028 0x01e8  arcsas - ok
16:10:41.0122 0x01e8  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:10:41.0153 0x01e8  aspnet_state - ok
16:10:41.0184 0x01e8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:10:41.0216 0x01e8  atapi - ok
16:10:41.0247 0x01e8  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:10:41.0309 0x01e8  AudioEndpointBuilder - ok
16:10:41.0372 0x01e8  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:10:41.0450 0x01e8  Audiosrv - ok
16:10:41.0497 0x01e8  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:10:41.0528 0x01e8  avgntflt - ok
16:10:41.0544 0x01e8  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:10:41.0575 0x01e8  avipbb - ok
16:10:41.0731 0x01e8  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:10:41.0763 0x01e8  Avira.ServiceHost - ok
16:10:41.0778 0x01e8  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:10:41.0809 0x01e8  avkmgr - ok
16:10:41.0825 0x01e8  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
16:10:41.0841 0x01e8  avnetflt - ok
16:10:41.0981 0x01e8  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:10:42.0028 0x01e8  AxInstSV - ok
16:10:42.0091 0x01e8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:10:42.0153 0x01e8  b06bdrv - ok
16:10:42.0200 0x01e8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
16:10:42.0231 0x01e8  BasicDisplay - ok
16:10:42.0247 0x01e8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
16:10:42.0278 0x01e8  BasicRender - ok
16:10:42.0309 0x01e8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
16:10:42.0325 0x01e8  bcmfn2 - ok
16:10:42.0372 0x01e8  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:10:42.0403 0x01e8  BDESVC - ok
16:10:42.0434 0x01e8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
16:10:42.0450 0x01e8  Beep - ok
16:10:42.0528 0x01e8  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\Windows\System32\bfe.dll
16:10:42.0606 0x01e8  BFE - ok
16:10:42.0700 0x01e8  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
16:10:42.0903 0x01e8  BITS - ok
16:10:42.0934 0x01e8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:10:42.0966 0x01e8  bowser - ok
16:10:42.0997 0x01e8  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:10:43.0044 0x01e8  BrokerInfrastructure - ok
16:10:43.0059 0x01e8  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
16:10:43.0106 0x01e8  Browser - ok
16:10:43.0122 0x01e8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
16:10:43.0153 0x01e8  BthAvrcpTg - ok
16:10:43.0200 0x01e8  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:10:43.0247 0x01e8  BthEnum - ok
16:10:43.0263 0x01e8  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
16:10:43.0278 0x01e8  BthHFEnum - ok
16:10:43.0294 0x01e8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
16:10:43.0325 0x01e8  bthhfhid - ok
16:10:43.0356 0x01e8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
16:10:43.0388 0x01e8  BthLEEnum - ok
16:10:43.0419 0x01e8  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
16:10:43.0450 0x01e8  BTHMODEM - ok
16:10:43.0466 0x01e8  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:10:43.0497 0x01e8  BthPan - ok
16:10:43.0622 0x01e8  [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:10:43.0747 0x01e8  BTHPORT - ok
16:10:43.0763 0x01e8  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
16:10:43.0794 0x01e8  bthserv - ok
16:10:43.0825 0x01e8  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:10:43.0872 0x01e8  BTHUSB - ok
16:10:43.0950 0x01e8  [ DEE40211AA700A0A9D7F95EC38DE0714, F3926D92D940311D7E1E7E656116B1B48C4D6B3AFC35017658C4EC3D0A33EF40 ] Cachedrv server C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
16:10:43.0966 0x01e8  Cachedrv server - detected UnsignedFile.Multi.Generic ( 1 )
16:10:54.0153 0x01e8  Cachedrv server ( UnsignedFile.Multi.Generic ) - warning
16:10:54.0153 0x01e8  Force sending object to P2P due to detect: Cachedrv server
16:10:54.0200 0x01e8  Object send P2P result: false
16:10:54.0294 0x01e8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:10:54.0325 0x01e8  cdfs - ok
16:10:54.0356 0x01e8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
16:10:54.0388 0x01e8  cdrom - ok
16:10:54.0419 0x01e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:10:54.0466 0x01e8  CertPropSvc - ok
16:10:54.0497 0x01e8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
16:10:54.0528 0x01e8  circlass - ok
16:10:54.0575 0x01e8  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
16:10:54.0622 0x01e8  CLFS - ok
16:10:54.0888 0x01e8  [ 92547C9A6C5E9A3BEC689486C4885C4B, AB56F0BB2CBAB9AA6EA2E12F04F192271762DEBD7F6FBFB8CFAB6BA23121C295 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:10:55.0075 0x01e8  ClickToRunSvc - ok
16:10:55.0185 0x01e8  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
16:10:55.0200 0x01e8  CLVirtualDrive - ok
16:10:55.0216 0x01e8  clwvd - ok
16:10:55.0247 0x01e8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
16:10:55.0278 0x01e8  CmBatt - ok
16:10:55.0341 0x01e8  [ 593CA2F3E870D586C20A332171988AFF, A811C1ED00E616D0F752EB35D03DD4CA852503D4B8553B99EBE1212D915E7448 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:10:55.0403 0x01e8  CNG - ok
16:10:55.0419 0x01e8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
16:10:55.0450 0x01e8  CompositeBus - ok
16:10:55.0450 0x01e8  COMSysApp - ok
16:10:55.0481 0x01e8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
16:10:55.0497 0x01e8  condrv - ok
16:10:55.0591 0x01e8  [ 07519E3097517BAFBC19BFD0E20EFB36, 145E0518D296A198383328B9F0CBBE83B08C84FD43546C643938DE7A9DF6A8B0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:10:55.0638 0x01e8  cphs - ok
16:10:55.0669 0x01e8  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:10:55.0716 0x01e8  CryptSvc - ok
16:10:55.0810 0x01e8  [ F2099D2D7B6085D94FB597FA39356D08, BCC73C9BA642E0DAB97D184486F4006B78EFE98131C92AB48AC77295DBDA347E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
16:10:55.0825 0x01e8  CyberLink PowerDVD 12 Media Server Monitor Service - ok
16:10:55.0856 0x01e8  [ CA27F20A09B6500482AC2F5B3DB488CF, 4D946F6163DBEEB93E9DA54B056032C3A6B5C2215A2FB0CCFEB0789BC74BB2C9 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
16:10:55.0919 0x01e8  CyberLink PowerDVD 12 Media Server Service - ok
16:10:55.0950 0x01e8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
16:10:55.0997 0x01e8  dam - ok
16:10:56.0075 0x01e8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:10:56.0231 0x01e8  DcomLaunch - ok
16:10:56.0294 0x01e8  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:10:56.0388 0x01e8  defragsvc - ok
16:10:56.0450 0x01e8  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
16:10:56.0528 0x01e8  DeviceAssociationService - ok
16:10:56.0544 0x01e8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
16:10:56.0575 0x01e8  DeviceInstall - ok
16:10:56.0607 0x01e8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
16:10:56.0653 0x01e8  Dfsc - ok
16:10:56.0685 0x01e8  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:10:56.0716 0x01e8  dg_ssudbus - ok
16:10:56.0763 0x01e8  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:10:56.0810 0x01e8  Dhcp - ok
16:10:56.0841 0x01e8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
16:10:56.0872 0x01e8  disk - ok
16:10:56.0888 0x01e8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
16:10:56.0919 0x01e8  dmvsc - ok
16:10:56.0966 0x01e8  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:10:57.0013 0x01e8  Dnscache - ok
16:10:57.0044 0x01e8  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
16:10:57.0091 0x01e8  dot3svc - ok
16:10:57.0106 0x01e8  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
16:10:57.0169 0x01e8  DPS - ok
16:10:57.0200 0x01e8  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:10:57.0216 0x01e8  drmkaud - ok
16:10:57.0278 0x01e8  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
16:10:57.0341 0x01e8  DsmSvc - ok
16:10:57.0466 0x01e8  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:10:57.0607 0x01e8  DXGKrnl - ok
16:10:57.0622 0x01e8  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
16:10:57.0669 0x01e8  Eaphost - ok
16:10:57.0888 0x01e8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:10:58.0138 0x01e8  ebdrv - ok
16:10:58.0169 0x01e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
16:10:58.0200 0x01e8  EFS - ok
16:10:58.0216 0x01e8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
16:10:58.0247 0x01e8  EhStorClass - ok
16:10:58.0263 0x01e8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:10:58.0294 0x01e8  EhStorTcgDrv - ok
16:10:58.0325 0x01e8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
16:10:58.0341 0x01e8  ErrDev - ok
16:10:58.0403 0x01e8  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
16:10:58.0450 0x01e8  EventSystem - ok
16:10:58.0482 0x01e8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:10:58.0544 0x01e8  exfat - ok
16:10:58.0560 0x01e8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:10:58.0607 0x01e8  fastfat - ok
16:10:58.0653 0x01e8  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
16:10:58.0716 0x01e8  Fax - ok
16:10:58.0732 0x01e8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
16:10:58.0763 0x01e8  fdc - ok
16:10:58.0778 0x01e8  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
16:10:58.0810 0x01e8  fdPHost - ok
16:10:58.0825 0x01e8  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
16:10:58.0872 0x01e8  FDResPub - ok
16:10:58.0888 0x01e8  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
16:10:58.0919 0x01e8  fhsvc - ok
16:10:58.0950 0x01e8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:10:58.0982 0x01e8  FileInfo - ok
16:10:58.0982 0x01e8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:10:59.0028 0x01e8  Filetrace - ok
16:10:59.0091 0x01e8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
16:10:59.0122 0x01e8  flpydisk - ok
16:10:59.0169 0x01e8  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:10:59.0247 0x01e8  FltMgr - ok
16:10:59.0341 0x01e8  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\Windows\system32\FntCache.dll
16:10:59.0450 0x01e8  FontCache - ok
16:10:59.0528 0x01e8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:10:59.0544 0x01e8  FontCache3.0.0.0 - ok
16:10:59.0575 0x01e8  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:10:59.0607 0x01e8  FsDepends - ok
16:10:59.0622 0x01e8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:10:59.0638 0x01e8  Fs_Rec - ok
16:10:59.0747 0x01e8  [ 895BA1CFF25E867CE5A52073E905C93B, A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477 ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
16:10:59.0763 0x01e8  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
16:10:59.0763 0x01e8  fussvc ( UnsignedFile.Multi.Generic ) - warning
16:10:59.0825 0x01e8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:10:59.0888 0x01e8  fvevol - ok
16:10:59.0903 0x01e8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
16:10:59.0935 0x01e8  FxPPM - ok
16:10:59.0966 0x01e8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:10:59.0982 0x01e8  gagp30kx - ok
16:11:00.0013 0x01e8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
16:11:00.0028 0x01e8  gencounter - ok
16:11:00.0060 0x01e8  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
16:11:00.0091 0x01e8  GPIOClx0101 - ok
16:11:00.0185 0x01e8  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc           C:\Windows\System32\gpsvc.dll
16:11:00.0294 0x01e8  gpsvc - ok
16:11:00.0341 0x01e8  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:11:00.0388 0x01e8  HdAudAddService - ok
16:11:00.0419 0x01e8  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
16:11:00.0450 0x01e8  HDAudBus - ok
16:11:00.0466 0x01e8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
16:11:00.0482 0x01e8  HidBatt - ok
16:11:00.0513 0x01e8  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
16:11:00.0544 0x01e8  HidBth - ok
16:11:00.0544 0x01e8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
16:11:00.0575 0x01e8  hidi2c - ok
16:11:00.0575 0x01e8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
16:11:00.0607 0x01e8  HidIr - ok
16:11:00.0622 0x01e8  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
16:11:00.0653 0x01e8  hidserv - ok
16:11:00.0685 0x01e8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
16:11:00.0700 0x01e8  HidUsb - ok
16:11:00.0732 0x01e8  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:11:00.0763 0x01e8  hkmsvc - ok
16:11:00.0794 0x01e8  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:11:00.0841 0x01e8  HomeGroupListener - ok
16:11:00.0888 0x01e8  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:11:00.0935 0x01e8  HomeGroupProvider - ok
16:11:00.0966 0x01e8  [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
16:11:00.0982 0x01e8  hpdskflt - ok
16:11:01.0091 0x01e8  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:11:01.0185 0x01e8  hpqwmiex - ok
16:11:01.0232 0x01e8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:11:01.0263 0x01e8  HpSAMD - ok
16:11:01.0278 0x01e8  [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv           C:\Windows\system32\Hpservice.exe
16:11:01.0310 0x01e8  hpsrv - ok
16:11:01.0388 0x01e8  [ F5F3F27E5823A4DF0193CC2534029742, F0126009F8CE9B85A2E9CFC257D1A3117B1CD5A739369502576B1CDF49E1DF85 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
16:11:01.0466 0x01e8  HPWMISVC - ok
16:11:01.0544 0x01e8  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:11:01.0638 0x01e8  HTTP - ok
16:11:01.0669 0x01e8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:11:01.0685 0x01e8  hwpolicy - ok
16:11:01.0700 0x01e8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
16:11:01.0732 0x01e8  hyperkbd - ok
16:11:01.0732 0x01e8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
16:11:01.0763 0x01e8  HyperVideo - ok
16:11:01.0778 0x01e8  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
16:11:01.0810 0x01e8  i8042prt - ok
16:11:01.0825 0x01e8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:11:01.0841 0x01e8  iaLPSSi_GPIO - ok
16:11:01.0857 0x01e8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:11:01.0872 0x01e8  iaLPSSi_I2C - ok
16:11:01.0935 0x01e8  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
16:11:01.0997 0x01e8  iaStorA - ok
16:11:02.0060 0x01e8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
16:11:02.0122 0x01e8  iaStorAV - ok
16:11:02.0185 0x01e8  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:11:02.0200 0x01e8  IAStorDataMgrSvc - ok
16:11:02.0247 0x01e8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:11:02.0310 0x01e8  iaStorV - ok
16:11:02.0310 0x01e8  IEEtwCollectorService - ok
16:11:02.0575 0x01e8  [ 40E022751ECBBAEAB90C199F3B8358FC, 3C8B150AA67029ADF3221E76B37B9E277F38059EAF9F3E0EA380144600039156 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:11:02.0872 0x01e8  igfx - ok
16:11:02.0966 0x01e8  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:11:03.0060 0x01e8  IKEEXT - ok
16:11:03.0091 0x01e8  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:11:03.0107 0x01e8  intaud_WaveExtensible - ok
16:11:03.0169 0x01e8  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:11:03.0216 0x01e8  IntcDAud - ok
16:11:03.0294 0x01e8  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:11:03.0341 0x01e8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
16:11:03.0341 0x01e8  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
16:11:03.0403 0x01e8  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:11:03.0482 0x01e8  Intel(R) Capability Licensing Service TCP IP Interface - ok
16:11:03.0528 0x01e8  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
16:11:03.0560 0x01e8  Intel(R) ME Service - ok
16:11:03.0591 0x01e8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:11:03.0607 0x01e8  intelide - ok
16:11:03.0653 0x01e8  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
16:11:03.0669 0x01e8  intelpep - ok
16:11:03.0685 0x01e8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
16:11:03.0716 0x01e8  intelppm - ok
16:11:03.0778 0x01e8  [ EA6080592F2F2B9478D4E1B4D3D9791B, 7EFC55B45ECED145EC0DC2C7494BEAD1E753304C64F6210A2A0B60F54E9000AC ] intelsba        C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
16:11:03.0794 0x01e8  intelsba - ok
16:11:03.0810 0x01e8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:03.0857 0x01e8  IpFilterDriver - ok
16:11:03.0935 0x01e8  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:11:04.0013 0x01e8  iphlpsvc - ok
16:11:04.0044 0x01e8  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
16:11:04.0075 0x01e8  IPMIDRV - ok
16:11:04.0107 0x01e8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:11:04.0138 0x01e8  IPNAT - ok
16:11:04.0153 0x01e8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:11:04.0185 0x01e8  IRENUM - ok
16:11:04.0185 0x01e8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:11:04.0216 0x01e8  isapnp - ok
16:11:04.0278 0x01e8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
16:11:04.0310 0x01e8  iScsiPrt - ok
16:11:04.0357 0x01e8  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
16:11:04.0372 0x01e8  iwdbus - ok
16:11:04.0419 0x01e8  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:11:04.0435 0x01e8  jhi_service - ok
16:11:04.0466 0x01e8  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
16:11:04.0497 0x01e8  kbdclass - ok
16:11:04.0513 0x01e8  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
16:11:04.0528 0x01e8  kbdhid - ok
16:11:04.0560 0x01e8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
16:11:04.0575 0x01e8  kdnic - ok
16:11:04.0591 0x01e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
16:11:04.0622 0x01e8  KeyIso - ok
16:11:04.0638 0x01e8  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:11:04.0669 0x01e8  KSecDD - ok
16:11:04.0700 0x01e8  [ 24F7908334185E342729B883DA5DFA84, D80AED7B43971BF9B53C4128D602DA1B39BC55666D4FCB2FDF40732358A837C2 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:11:04.0747 0x01e8  KSecPkg - ok
16:11:04.0763 0x01e8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:11:04.0794 0x01e8  ksthunk - ok
16:11:04.0841 0x01e8  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:11:04.0888 0x01e8  KtmRm - ok
16:11:04.0950 0x01e8  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:11:04.0982 0x01e8  LanmanServer - ok
16:11:05.0028 0x01e8  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:11:05.0075 0x01e8  LanmanWorkstation - ok
16:11:05.0122 0x01e8  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
16:11:05.0169 0x01e8  lfsvc - ok
16:11:05.0200 0x01e8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:11:05.0232 0x01e8  lltdio - ok
16:11:05.0263 0x01e8  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:11:05.0310 0x01e8  lltdsvc - ok
16:11:05.0325 0x01e8  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:11:05.0357 0x01e8  lmhosts - ok
16:11:05.0403 0x01e8  [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:11:05.0450 0x01e8  LMS - ok
16:11:05.0482 0x01e8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:11:05.0513 0x01e8  LSI_SAS - ok
16:11:05.0529 0x01e8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:11:05.0560 0x01e8  LSI_SAS2 - ok
16:11:05.0575 0x01e8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
16:11:05.0591 0x01e8  LSI_SAS3 - ok
16:11:05.0607 0x01e8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
16:11:05.0638 0x01e8  LSI_SSS - ok
16:11:05.0700 0x01e8  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\Windows\System32\lsm.dll
16:11:05.0763 0x01e8  LSM - ok
16:11:05.0794 0x01e8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:11:05.0825 0x01e8  luafv - ok
16:11:05.0857 0x01e8  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:11:05.0872 0x01e8  MBAMProtector - ok
16:11:06.0013 0x01e8  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:11:06.0091 0x01e8  MBAMService - ok
16:11:06.0122 0x01e8  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:11:06.0138 0x01e8  MBAMWebAccessControl - ok
16:11:06.0169 0x01e8  mcbootdelaystartsvc - ok
16:11:06.0216 0x01e8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
16:11:06.0232 0x01e8  megasas - ok
16:11:06.0310 0x01e8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
16:11:06.0372 0x01e8  megasr - ok
16:11:06.0419 0x01e8  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
16:11:06.0435 0x01e8  MEIx64 - ok
16:11:06.0482 0x01e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
16:11:06.0497 0x01e8  MMCSS - ok
16:11:06.0528 0x01e8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
16:11:06.0560 0x01e8  Modem - ok
16:11:06.0575 0x01e8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
16:11:06.0591 0x01e8  monitor - ok
16:11:06.0622 0x01e8  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
16:11:06.0653 0x01e8  mouclass - ok
16:11:06.0669 0x01e8  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
16:11:06.0700 0x01e8  mouhid - ok
16:11:06.0716 0x01e8  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:11:06.0747 0x01e8  mountmgr - ok
16:11:06.0779 0x01e8  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:11:06.0810 0x01e8  MozillaMaintenance - ok
16:11:06.0825 0x01e8  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:11:06.0857 0x01e8  mpsdrv - ok
16:11:06.0935 0x01e8  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:11:07.0013 0x01e8  MpsSvc - ok
16:11:07.0044 0x01e8  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:11:07.0075 0x01e8  MRxDAV - ok
16:11:07.0138 0x01e8  [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:07.0185 0x01e8  mrxsmb - ok
16:11:07.0216 0x01e8  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:07.0247 0x01e8  mrxsmb10 - ok
16:11:07.0279 0x01e8  [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:07.0310 0x01e8  mrxsmb20 - ok
16:11:07.0357 0x01e8  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
16:11:07.0388 0x01e8  MsBridge - ok
16:11:07.0403 0x01e8  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
16:11:07.0450 0x01e8  MSDTC - ok
16:11:07.0482 0x01e8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:11:07.0513 0x01e8  Msfs - ok
16:11:07.0529 0x01e8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
16:11:07.0560 0x01e8  msgpiowin32 - ok
16:11:07.0575 0x01e8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:11:07.0607 0x01e8  mshidkmdf - ok
16:11:07.0622 0x01e8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
16:11:07.0638 0x01e8  mshidumdf - ok
16:11:07.0653 0x01e8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:11:07.0685 0x01e8  msisadrv - ok
16:11:07.0716 0x01e8  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:11:07.0747 0x01e8  MSiSCSI - ok
16:11:07.0747 0x01e8  msiserver - ok
16:11:07.0763 0x01e8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:11:07.0794 0x01e8  MSKSSRV - ok
16:11:07.0825 0x01e8  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
16:11:07.0857 0x01e8  MsLldp - ok
16:11:07.0857 0x01e8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:07.0888 0x01e8  MSPCLOCK - ok
16:11:07.0904 0x01e8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:11:07.0919 0x01e8  MSPQM - ok
16:11:07.0950 0x01e8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:11:07.0997 0x01e8  MsRPC - ok
16:11:08.0013 0x01e8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
16:11:08.0044 0x01e8  mssmbios - ok
16:11:08.0044 0x01e8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:11:08.0075 0x01e8  MSTEE - ok
16:11:08.0075 0x01e8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
16:11:08.0107 0x01e8  MTConfig - ok
16:11:08.0122 0x01e8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
16:11:08.0138 0x01e8  Mup - ok
16:11:08.0154 0x01e8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
16:11:08.0185 0x01e8  mvumis - ok
16:11:08.0247 0x01e8  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
16:11:08.0310 0x01e8  napagent - ok
16:11:08.0341 0x01e8  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:11:08.0388 0x01e8  NativeWifiP - ok
16:11:08.0419 0x01e8  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
16:11:08.0466 0x01e8  NcaSvc - ok
16:11:08.0482 0x01e8  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
16:11:08.0513 0x01e8  NcbService - ok
16:11:08.0513 0x01e8  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
16:11:08.0591 0x01e8  NcdAutoSetup - ok
16:11:08.0669 0x01e8  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:11:08.0763 0x01e8  NDIS - ok
16:11:08.0794 0x01e8  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:08.0825 0x01e8  NdisCap - ok
16:11:08.0857 0x01e8  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:11:08.0888 0x01e8  NdisImPlatform - ok
16:11:08.0904 0x01e8  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:08.0935 0x01e8  NdisTapi - ok
16:11:08.0950 0x01e8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:08.0982 0x01e8  Ndisuio - ok
16:11:08.0997 0x01e8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
16:11:09.0029 0x01e8  NdisVirtualBus - ok
16:11:09.0044 0x01e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:09.0091 0x01e8  NdisWan - ok
16:11:09.0107 0x01e8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:09.0154 0x01e8  NdisWanLegacy - ok
16:11:09.0154 0x01e8  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:11:09.0200 0x01e8  NDProxy - ok
16:11:09.0216 0x01e8  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
16:11:09.0247 0x01e8  Ndu - ok
16:11:09.0263 0x01e8  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:11:09.0294 0x01e8  NetBIOS - ok
16:11:09.0325 0x01e8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:11:09.0372 0x01e8  NetBT - ok
16:11:09.0404 0x01e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
16:11:09.0419 0x01e8  Netlogon - ok
16:11:09.0466 0x01e8  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
16:11:09.0513 0x01e8  Netman - ok
16:11:09.0544 0x01e8  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
16:11:09.0607 0x01e8  netprofm - ok
16:11:09.0779 0x01e8  [ 76E90502D9001077DA92F81126D06C9B, 9E5B6DD3F1DAF49D303A7B3F6763A25C5F55F1E67A33AA8572204E9105B092EF ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
16:11:09.0935 0x01e8  netr28x - ok
16:11:09.0997 0x01e8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:10.0044 0x01e8  NetTcpPortSharing - ok
16:11:10.0091 0x01e8  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
16:11:10.0107 0x01e8  netvsc - ok
16:11:10.0169 0x01e8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:11:10.0216 0x01e8  NlaSvc - ok
16:11:10.0232 0x01e8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:11:10.0279 0x01e8  Npfs - ok
16:11:10.0310 0x01e8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
16:11:10.0357 0x01e8  npsvctrig - ok
16:11:10.0388 0x01e8  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
16:11:10.0404 0x01e8  nsi - ok
16:11:10.0419 0x01e8  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:11:10.0450 0x01e8  nsiproxy - ok
16:11:10.0591 0x01e8  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:11:10.0779 0x01e8  Ntfs - ok
16:11:10.0825 0x01e8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
16:11:10.0841 0x01e8  Null - ok
16:11:10.0872 0x01e8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:11:10.0904 0x01e8  nvraid - ok
16:11:10.0919 0x01e8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:11:10.0950 0x01e8  nvstor - ok
16:11:10.0966 0x01e8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:11:10.0997 0x01e8  nv_agp - ok
16:11:11.0075 0x01e8  [ 1300D100EF891C98504DE38624D3F639, 3F7D5A1BB725DC224E08EFC0D6A7F579FC78C64554BAF02D58A6624B91D6384E ] omniserv        C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
16:11:11.0091 0x01e8  omniserv - detected UnsignedFile.Multi.Generic ( 1 )
16:11:11.0091 0x01e8  omniserv ( UnsignedFile.Multi.Generic ) - warning
16:11:11.0138 0x01e8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:11.0169 0x01e8  ose - ok
16:11:11.0216 0x01e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:11:11.0263 0x01e8  p2pimsvc - ok
16:11:11.0294 0x01e8  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:11:11.0357 0x01e8  p2psvc - ok
16:11:11.0388 0x01e8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
16:11:11.0404 0x01e8  Parport - ok
16:11:11.0435 0x01e8  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:11:11.0466 0x01e8  partmgr - ok
16:11:11.0497 0x01e8  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:11:11.0560 0x01e8  PcaSvc - ok
16:11:11.0591 0x01e8  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\Windows\system32\drivers\pci.sys
16:11:11.0622 0x01e8  pci - ok
16:11:11.0654 0x01e8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:11:11.0669 0x01e8  pciide - ok
16:11:11.0700 0x01e8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:11:11.0732 0x01e8  pcmcia - ok
16:11:11.0747 0x01e8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:11:11.0763 0x01e8  pcw - ok
16:11:11.0779 0x01e8  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
16:11:11.0810 0x01e8  pdc - ok
16:11:11.0872 0x01e8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:11:11.0935 0x01e8  PEAUTH - ok
16:11:12.0013 0x01e8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:11:12.0044 0x01e8  PerfHost - ok
16:11:12.0169 0x01e8  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
16:11:12.0294 0x01e8  pla - ok
16:11:12.0341 0x01e8  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:11:12.0372 0x01e8  PlugPlay - ok
16:11:12.0388 0x01e8  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:11:12.0419 0x01e8  PNRPAutoReg - ok
16:11:12.0435 0x01e8  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:11:12.0482 0x01e8  PNRPsvc - ok
16:11:12.0529 0x01e8  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:11:12.0575 0x01e8  PolicyAgent - ok
16:11:12.0607 0x01e8  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
16:11:12.0638 0x01e8  Power - ok
16:11:12.0841 0x01e8  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:11:13.0044 0x01e8  PrintNotify - ok
16:11:13.0091 0x01e8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
16:11:13.0122 0x01e8  Processor - ok
16:11:13.0138 0x01e8  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\Windows\system32\profsvc.dll
16:11:13.0185 0x01e8  ProfSvc - ok
16:11:13.0200 0x01e8  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:11:13.0247 0x01e8  Psched - ok
16:11:13.0294 0x01e8  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
16:11:13.0341 0x01e8  QWAVE - ok
16:11:13.0357 0x01e8  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:11:13.0388 0x01e8  QWAVEdrv - ok
16:11:13.0419 0x01e8  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:11:13.0435 0x01e8  RasAcd - ok
16:11:13.0466 0x01e8  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
16:11:13.0513 0x01e8  RasAuto - ok
16:11:13.0575 0x01e8  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\Windows\System32\rasmans.dll
16:11:13.0622 0x01e8  RasMan - ok
16:11:13.0638 0x01e8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:13.0669 0x01e8  RasPppoe - ok
16:11:13.0716 0x01e8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:11:13.0763 0x01e8  rdbss - ok
16:11:13.0779 0x01e8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
16:11:13.0810 0x01e8  rdpbus - ok
16:11:13.0825 0x01e8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:11:13.0857 0x01e8  RDPDR - ok
16:11:13.0904 0x01e8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:11:13.0919 0x01e8  RdpVideoMiniport - ok
16:11:13.0950 0x01e8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:11:13.0982 0x01e8  rdyboost - ok
16:11:14.0060 0x01e8  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
16:11:14.0154 0x01e8  ReFS - ok
16:11:14.0200 0x01e8  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:11:14.0232 0x01e8  RemoteAccess - ok
16:11:14.0279 0x01e8  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:11:14.0357 0x01e8  RemoteRegistry - ok
16:11:14.0404 0x01e8  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:11:14.0450 0x01e8  RFCOMM - ok
16:11:14.0482 0x01e8  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:11:14.0513 0x01e8  RpcEptMapper - ok
16:11:14.0544 0x01e8  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
16:11:14.0560 0x01e8  RpcLocator - ok
16:11:14.0622 0x01e8  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\Windows\system32\rpcss.dll
16:11:14.0685 0x01e8  RpcSs - ok
16:11:14.0747 0x01e8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:11:14.0779 0x01e8  rspndr - ok
16:11:14.0872 0x01e8  [ 3B7A94926B52D171C5B515EDECC2118E, 4D3A8F24AAA8DD155BE2B5814701FFE67C367BB29D31D615685277D2DEF0DB0A ] rtbth           C:\Windows\System32\drivers\rtbth.sys
16:11:14.0966 0x01e8  rtbth - ok
16:11:15.0075 0x01e8  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
16:11:15.0154 0x01e8  RTL8168 - ok
16:11:15.0200 0x01e8  [ F95151BE3F9FD74CFE90D1B35CD58062, E5C9079445CAEEDE51FC588D91D16387701682C8902C7C3E24B7A1A5E2D314AD ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
16:11:15.0232 0x01e8  RTSPER - ok
16:11:15.0263 0x01e8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
16:11:15.0294 0x01e8  s3cap - ok
16:11:15.0310 0x01e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
16:11:15.0341 0x01e8  SamSs - ok
16:11:15.0372 0x01e8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:11:15.0404 0x01e8  sbp2port - ok
16:11:15.0435 0x01e8  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:11:15.0482 0x01e8  SCardSvr - ok
16:11:15.0497 0x01e8  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
16:11:15.0529 0x01e8  ScDeviceEnum - ok
16:11:15.0560 0x01e8  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:11:15.0591 0x01e8  scfilter - ok
16:11:15.0685 0x01e8  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\Windows\system32\schedsvc.dll
16:11:15.0779 0x01e8  Schedule - ok
16:11:15.0825 0x01e8  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:11:15.0857 0x01e8  SCPolicySvc - ok
16:11:15.0888 0x01e8  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\Windows\System32\drivers\sdbus.sys
16:11:15.0935 0x01e8  sdbus - ok
16:11:15.0982 0x01e8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
16:11:16.0013 0x01e8  sdstor - ok
16:11:16.0029 0x01e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:11:16.0044 0x01e8  secdrv - ok
16:11:16.0076 0x01e8  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
16:11:16.0122 0x01e8  seclogon - ok
16:11:16.0138 0x01e8  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
16:11:16.0185 0x01e8  SENS - ok
16:11:16.0232 0x01e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:16.0263 0x01e8  SensorsSimulatorDriver - ok
16:11:16.0279 0x01e8  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:11:16.0326 0x01e8  SensrSvc - ok
16:11:16.0357 0x01e8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
16:11:16.0372 0x01e8  SerCx - ok
16:11:16.0388 0x01e8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
16:11:16.0419 0x01e8  SerCx2 - ok
16:11:16.0435 0x01e8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
16:11:16.0466 0x01e8  Serenum - ok
16:11:16.0497 0x01e8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
16:11:16.0529 0x01e8  Serial - ok
16:11:16.0544 0x01e8  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
16:11:16.0560 0x01e8  sermouse - ok
16:11:16.0607 0x01e8  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:11:16.0654 0x01e8  SessionEnv - ok
16:11:16.0669 0x01e8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
16:11:16.0701 0x01e8  sfloppy - ok
16:11:16.0747 0x01e8  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:11:16.0794 0x01e8  SharedAccess - ok
16:11:16.0872 0x01e8  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:11:16.0966 0x01e8  ShellHWDetection - ok
16:11:16.0966 0x01e8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:11:16.0997 0x01e8  SiSRaid2 - ok
16:11:17.0013 0x01e8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:11:17.0029 0x01e8  SiSRaid4 - ok
16:11:17.0107 0x01e8  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:11:17.0138 0x01e8  SkypeUpdate - ok
16:11:17.0169 0x01e8  [ 6A05EDE953D5F8F106AD5800C3BDAA14, 42B1819C54E5F4CCC4F3CD4590B4A4D68C53604314079A492438C849A463FC9A ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
16:11:17.0185 0x01e8  SmbDrv - ok
16:11:17.0216 0x01e8  [ 5C1C621A1936B369EC8548CC57DD47FB, 564533EC07EAEDA6BEF80770BBEE33BDF4512DC18A307EEDBD8D1442D7960356 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
16:11:17.0232 0x01e8  SmbDrvI - ok
16:11:17.0279 0x01e8  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
16:11:17.0294 0x01e8  smphost - ok
16:11:17.0326 0x01e8  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:11:17.0357 0x01e8  SNMPTRAP - ok
16:11:17.0419 0x01e8  [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
16:11:17.0466 0x01e8  spaceport - ok
16:11:17.0497 0x01e8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
16:11:17.0529 0x01e8  SpbCx - ok
16:11:17.0591 0x01e8  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
16:11:17.0669 0x01e8  Spooler - ok
16:11:18.0044 0x01e8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
16:11:18.0544 0x01e8  sppsvc - ok
16:11:18.0732 0x01e8  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:11:18.0763 0x01e8  SQLWriter - ok
16:11:18.0810 0x01e8  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:11:18.0857 0x01e8  srv - ok
16:11:19.0185 0x01e8  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:11:19.0247 0x01e8  srv2 - ok
16:11:19.0263 0x01e8  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:11:19.0294 0x01e8  srvnet - ok
16:11:19.0341 0x01e8  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:11:19.0388 0x01e8  SSDPSRV - ok
16:11:19.0404 0x01e8  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:11:19.0451 0x01e8  SstpSvc - ok
16:11:19.0482 0x01e8  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:11:19.0513 0x01e8  ssudmdm - ok
16:11:19.0591 0x01e8  [ 1B4B3C81E36A4A06120284CD1B42AE50, 376ECBC77569E4536CE6DD8E71D3D46233758F132639272ADE463DF5FFCD82BB ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
16:11:19.0622 0x01e8  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
16:11:19.0622 0x01e8  STacSV ( UnsignedFile.Multi.Generic ) - warning
16:11:19.0654 0x01e8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:11:19.0669 0x01e8  stexstor - ok
16:11:19.0732 0x01e8  [ 674648106F972128B29D90EF6567629D, 5D0A6D089D812FD9BE0F81ED796DD46DFB840655D760A8055E70B80C897DC1F9 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:11:19.0794 0x01e8  STHDA - ok
16:11:19.0857 0x01e8  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
16:11:19.0919 0x01e8  stisvc - ok
16:11:19.0951 0x01e8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
16:11:19.0982 0x01e8  storahci - ok
16:11:20.0029 0x01e8  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
16:11:20.0044 0x01e8  storflt - ok
16:11:20.0060 0x01e8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
16:11:20.0091 0x01e8  stornvme - ok
16:11:20.0107 0x01e8  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
16:11:20.0138 0x01e8  StorSvc - ok
16:11:20.0154 0x01e8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:11:20.0169 0x01e8  storvsc - ok
16:11:20.0201 0x01e8  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
16:11:20.0232 0x01e8  svsvc - ok
16:11:20.0263 0x01e8  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
16:11:20.0279 0x01e8  swenum - ok
16:11:20.0357 0x01e8  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll
16:11:20.0419 0x01e8  swprv - ok
16:11:20.0482 0x01e8  [ 4AC0EDD7CE827590FCC93BD3529A98D6, 8631A2BF904CAFC01793BD88483237ACD1D98DC43FCE45414FC5037B2D074D78 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:11:20.0529 0x01e8  SynTP - ok
16:11:20.0622 0x01e8  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\Windows\system32\sysmain.dll
16:11:20.0716 0x01e8  SysMain - ok
16:11:20.0763 0x01e8  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:11:20.0794 0x01e8  SystemEventsBroker - ok
16:11:20.0810 0x01e8  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
16:11:20.0857 0x01e8  TabletInputService - ok
16:11:20.0872 0x01e8  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:11:20.0919 0x01e8  TapiSrv - ok
16:11:21.0122 0x01e8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:11:21.0326 0x01e8  Tcpip - ok
16:11:21.0529 0x01e8  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:11:21.0732 0x01e8  TCPIP6 - ok
16:11:21.0888 0x01e8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:11:21.0904 0x01e8  tcpipreg - ok
16:11:21.0935 0x01e8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:11:21.0966 0x01e8  tdx - ok
16:11:22.0060 0x01e8  [ BB676D2C7AD5E7131D12417E4691F9B9, C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
16:11:22.0076 0x01e8  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
16:11:22.0076 0x01e8  Te.Service ( UnsignedFile.Multi.Generic ) - warning
16:11:22.0091 0x01e8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
16:11:22.0122 0x01e8  terminpt - ok
16:11:22.0216 0x01e8  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
16:11:22.0294 0x01e8  TermService - ok
16:11:22.0310 0x01e8  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
16:11:22.0357 0x01e8  Themes - ok
16:11:22.0388 0x01e8  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
16:11:22.0419 0x01e8  THREADORDER - ok
16:11:22.0435 0x01e8  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
16:11:22.0497 0x01e8  TimeBroker - ok
16:11:22.0529 0x01e8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
16:11:22.0560 0x01e8  TPM - ok
16:11:22.0591 0x01e8  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
16:11:22.0622 0x01e8  TrkWks - ok
16:11:22.0669 0x01e8  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:22.0716 0x01e8  TrustedInstaller - ok
16:11:22.0732 0x01e8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:11:22.0763 0x01e8  TsUsbFlt - ok
16:11:22.0763 0x01e8  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
16:11:22.0794 0x01e8  TsUsbGD - ok
16:11:22.0826 0x01e8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:11:22.0872 0x01e8  tunnel - ok
16:11:22.0888 0x01e8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:11:22.0904 0x01e8  uagp35 - ok
16:11:22.0935 0x01e8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
16:11:22.0966 0x01e8  UASPStor - ok
16:11:22.0982 0x01e8  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
16:11:23.0013 0x01e8  UCX01000 - ok
16:11:23.0044 0x01e8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:11:23.0107 0x01e8  udfs - ok
16:11:23.0107 0x01e8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
16:11:23.0138 0x01e8  UEFI - ok
16:11:23.0169 0x01e8  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:11:23.0216 0x01e8  UI0Detect - ok
16:11:23.0216 0x01e8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:11:23.0247 0x01e8  uliagpkx - ok
16:11:23.0279 0x01e8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
16:11:23.0294 0x01e8  umbus - ok
16:11:23.0310 0x01e8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
16:11:23.0326 0x01e8  UmPass - ok
16:11:23.0372 0x01e8  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:11:23.0404 0x01e8  UmRdpService - ok
16:11:23.0451 0x01e8  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
16:11:23.0513 0x01e8  upnphost - ok
16:11:23.0529 0x01e8  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
16:11:23.0560 0x01e8  usbccgp - ok
16:11:23.0607 0x01e8  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
16:11:23.0638 0x01e8  usbcir - ok
16:11:23.0669 0x01e8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
16:11:23.0701 0x01e8  usbehci - ok
16:11:23.0747 0x01e8  [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
16:11:23.0810 0x01e8  usbhub - ok
16:11:23.0872 0x01e8  [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
16:11:23.0935 0x01e8  USBHUB3 - ok
16:11:23.0966 0x01e8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
16:11:23.0997 0x01e8  usbohci - ok
16:11:24.0013 0x01e8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
16:11:24.0044 0x01e8  usbprint - ok
16:11:24.0076 0x01e8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
16:11:24.0107 0x01e8  USBSTOR - ok
16:11:24.0138 0x01e8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
16:11:24.0169 0x01e8  usbuhci - ok
16:11:24.0201 0x01e8  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:11:24.0232 0x01e8  usbvideo - ok
16:11:24.0263 0x01e8  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
16:11:24.0310 0x01e8  USBXHCI - ok
16:11:24.0326 0x01e8  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:11:24.0357 0x01e8  VaultSvc - ok
16:11:24.0372 0x01e8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:11:24.0388 0x01e8  vdrvroot - ok
16:11:24.0497 0x01e8  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
16:11:24.0591 0x01e8  vds - ok
16:11:24.0607 0x01e8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
16:11:24.0638 0x01e8  VerifierExt - ok
16:11:24.0701 0x01e8  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
16:11:24.0763 0x01e8  vhdmp - ok
16:11:24.0810 0x01e8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:11:24.0826 0x01e8  viaide - ok
16:11:24.0841 0x01e8  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:11:24.0872 0x01e8  vmbus - ok
16:11:24.0888 0x01e8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
16:11:24.0904 0x01e8  VMBusHID - ok
16:11:24.0966 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:11:25.0029 0x01e8  vmicguestinterface - ok
16:11:25.0060 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
16:11:25.0107 0x01e8  vmicheartbeat - ok
16:11:25.0138 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:11:25.0201 0x01e8  vmickvpexchange - ok
16:11:25.0247 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
16:11:25.0294 0x01e8  vmicrdv - ok
16:11:25.0326 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
16:11:25.0388 0x01e8  vmicshutdown - ok
16:11:25.0419 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
16:11:25.0466 0x01e8  vmictimesync - ok
16:11:25.0513 0x01e8  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
16:11:25.0560 0x01e8  vmicvss - ok
16:11:25.0591 0x01e8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:11:25.0622 0x01e8  volmgr - ok
16:11:25.0638 0x01e8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:11:25.0685 0x01e8  volmgrx - ok
16:11:25.0732 0x01e8  [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:11:25.0779 0x01e8  volsnap - ok
16:11:25.0810 0x01e8  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
16:11:25.0826 0x01e8  vpci - ok
16:11:25.0841 0x01e8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:11:25.0888 0x01e8  vsmraid - ok
16:11:25.0982 0x01e8  [ F972436B5ED08069A1E7D623B77C226A, FA01505B5EC392ADE55019C22588D2F3608CBF9A6B03A44203F3587D372F8342 ] VSPerfDrv110    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
16:11:25.0997 0x01e8  VSPerfDrv110 - ok
16:11:26.0107 0x01e8  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\Windows\system32\vssvc.exe
16:11:26.0216 0x01e8  VSS - ok
16:11:26.0310 0x01e8  [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
16:11:26.0326 0x01e8  VSStandardCollectorService140 - ok
16:11:26.0372 0x01e8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
16:11:26.0404 0x01e8  VSTXRAID - ok
16:11:26.0435 0x01e8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:11:26.0451 0x01e8  vwifibus - ok
16:11:26.0497 0x01e8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:26.0529 0x01e8  vwififlt - ok
16:11:26.0529 0x01e8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:26.0560 0x01e8  vwifimp - ok
16:11:26.0607 0x01e8  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
16:11:26.0669 0x01e8  W32Time - ok
16:11:26.0716 0x01e8  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll
16:11:26.0747 0x01e8  w3logsvc - ok
16:11:26.0763 0x01e8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
16:11:26.0794 0x01e8  WacomPen - ok
16:11:26.0841 0x01e8  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
16:11:26.0888 0x01e8  WAS - ok
16:11:27.0013 0x01e8  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\Windows\system32\wbengine.exe
16:11:27.0138 0x01e8  wbengine - ok
16:11:27.0232 0x01e8  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:11:27.0279 0x01e8  WbioSrvc - ok
16:11:27.0310 0x01e8  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
16:11:27.0357 0x01e8  Wcmsvc - ok
16:11:27.0388 0x01e8  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:11:27.0435 0x01e8  wcncsvc - ok
16:11:27.0451 0x01e8  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:27.0466 0x01e8  WcsPlugInService - ok
16:11:27.0513 0x01e8  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
16:11:27.0529 0x01e8  WdBoot - ok
16:11:27.0623 0x01e8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:11:27.0701 0x01e8  Wdf01000 - ok
16:11:27.0716 0x01e8  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
16:11:27.0763 0x01e8  WdFilter - ok
16:11:27.0794 0x01e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:11:27.0826 0x01e8  WdiServiceHost - ok
16:11:27.0841 0x01e8  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:11:27.0888 0x01e8  WdiSystemHost - ok
16:11:27.0919 0x01e8  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
16:11:27.0951 0x01e8  WdNisDrv - ok
16:11:27.0982 0x01e8  WdNisSvc - ok
16:11:27.0998 0x01e8  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\Windows\System32\webclnt.dll
16:11:28.0060 0x01e8  WebClient - ok
16:11:28.0091 0x01e8  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:11:28.0123 0x01e8  Wecsvc - ok
16:11:28.0138 0x01e8  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
16:11:28.0169 0x01e8  WEPHOSTSVC - ok
16:11:28.0185 0x01e8  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:11:28.0248 0x01e8  wercplsupport - ok
16:11:28.0263 0x01e8  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:11:28.0310 0x01e8  WerSvc - ok
16:11:28.0341 0x01e8  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
16:11:28.0373 0x01e8  WFPLWFS - ok
16:11:28.0388 0x01e8  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
16:11:28.0419 0x01e8  WiaRpc - ok
16:11:28.0435 0x01e8  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:11:28.0466 0x01e8  WIMMount - ok
16:11:28.0466 0x01e8  WinDefend - ok
16:11:28.0544 0x01e8  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:11:28.0607 0x01e8  WinHttpAutoProxySvc - ok
16:11:28.0685 0x01e8  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:11:28.0748 0x01e8  Winmgmt - ok
16:11:28.0919 0x01e8  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:11:29.0091 0x01e8  WinRM - ok
16:11:29.0216 0x01e8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:29.0248 0x01e8  WinUsb - ok
16:11:29.0279 0x01e8  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
16:11:29.0294 0x01e8  WirelessButtonDriver - ok
16:11:29.0404 0x01e8  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\Windows\System32\wlansvc.dll
16:11:29.0529 0x01e8  WlanSvc - ok
16:11:29.0638 0x01e8  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
16:11:29.0763 0x01e8  wlidsvc - ok
16:11:29.0779 0x01e8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
16:11:29.0810 0x01e8  WmiAcpi - ok
16:11:29.0841 0x01e8  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:11:29.0873 0x01e8  wmiApSrv - ok
16:11:29.0904 0x01e8  WMPNetworkSvc - ok
16:11:29.0935 0x01e8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
16:11:29.0982 0x01e8  Wof - ok
16:11:30.0091 0x01e8  [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
16:11:30.0216 0x01e8  workfolderssvc - ok
16:11:30.0248 0x01e8  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
16:11:30.0279 0x01e8  wpcfltr - ok
16:11:30.0310 0x01e8  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:11:30.0341 0x01e8  WPCSvc - ok
16:11:30.0357 0x01e8  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:11:30.0388 0x01e8  WPDBusEnum - ok
16:11:30.0419 0x01e8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
16:11:30.0435 0x01e8  WpdUpFltr - ok
16:11:30.0451 0x01e8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:11:30.0482 0x01e8  ws2ifsl - ok
16:11:30.0513 0x01e8  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:11:30.0544 0x01e8  wscsvc - ok
16:11:30.0560 0x01e8  WSearch - ok
16:11:30.0779 0x01e8  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
16:11:31.0060 0x01e8  WSService - ok
16:11:31.0341 0x01e8  [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv        C:\Windows\system32\wuaueng.dll
16:11:31.0576 0x01e8  wuauserv - ok
16:11:31.0716 0x01e8  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:11:31.0748 0x01e8  WudfPf - ok
16:11:31.0779 0x01e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
16:11:31.0826 0x01e8  WUDFRd - ok
16:11:31.0841 0x01e8  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:11:31.0873 0x01e8  wudfsvc - ok
16:11:31.0888 0x01e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:31.0935 0x01e8  WUDFWpdFs - ok
16:11:31.0951 0x01e8  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:31.0982 0x01e8  WUDFWpdMtp - ok
16:11:32.0044 0x01e8  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:11:32.0107 0x01e8  WwanSvc - ok
16:11:32.0123 0x01e8  ================ Scan global ===============================
16:11:32.0154 0x01e8  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
16:11:32.0201 0x01e8  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
16:11:32.0248 0x01e8  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
16:11:32.0294 0x01e8  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
16:11:32.0326 0x01e8  [ Global ] - ok
16:11:32.0326 0x01e8  ================ Scan MBR ==================================
16:11:32.0326 0x01e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:11:32.0513 0x01e8  \Device\Harddisk0\DR0 - ok
16:11:32.0513 0x01e8  ================ Scan VBR ==================================
16:11:32.0544 0x01e8  [ BF67C470D88A8CA3790F6B74212A7B4B ] \Device\Harddisk0\DR0\Partition1
16:11:32.0560 0x01e8  \Device\Harddisk0\DR0\Partition1 - ok
16:11:32.0576 0x01e8  [ 3B7F2E14A6BA40FBFB54C5D4F26E1EA1 ] \Device\Harddisk0\DR0\Partition2
16:11:32.0591 0x01e8  \Device\Harddisk0\DR0\Partition2 - ok
16:11:32.0607 0x01e8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:11:32.0607 0x01e8  \Device\Harddisk0\DR0\Partition3 - ok
16:11:32.0623 0x01e8  [ 1BFBEF2D3EEA2D18FFE8D51DF9B7A71A ] \Device\Harddisk0\DR0\Partition4
16:11:32.0654 0x01e8  \Device\Harddisk0\DR0\Partition4 - ok
16:11:32.0685 0x01e8  [ 2E2C1B546D5AE976372B392875ECD833 ] \Device\Harddisk0\DR0\Partition5
16:11:32.0748 0x01e8  \Device\Harddisk0\DR0\Partition5 - ok
16:11:32.0748 0x01e8  ================ Scan generic autorun ======================
16:11:32.0826 0x01e8  [ D12A47CAEF1B206C4D146071F4B98414, A7C07586329DA3522C23D968B7F4299A89AA91E76EF4D81D990005080DB3A136 ] C:\Windows\system32\igfxtray.exe
16:11:32.0857 0x01e8  IgfxTray - ok
16:11:32.0919 0x01e8  [ BA965C365535211EC17EF3D6C763C9D8, 8B62E63ABDD5A2F32A01291B7799968D63101F1AF9D9F593E8D221BE32F7EA8D ] C:\Windows\system32\hkcmd.exe
16:11:32.0982 0x01e8  HotKeysCmds - ok
16:11:33.0044 0x01e8  [ 0F4FA8D2DDF1A52C3643E6B615842295, 26EE396963B7F379FFC44164256A5C26EB58FE6D2D6B4CB775E83CEEBB396D71 ] C:\Windows\system32\igfxpers.exe
16:11:33.0123 0x01e8  Persistence - ok
16:11:33.0248 0x01e8  [ EF5712B507FD449C062782A5CF39F4C3, 720FCB02E5B5344BCB54117135CB416E30A603BCB55A9C3173809AD502353B72 ] C:\Program Files\IDT\WDM\sttray64.exe
16:11:33.0388 0x01e8  SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
16:11:33.0388 0x01e8  SysTrayApp ( UnsignedFile.Multi.Generic ) - warning
16:11:33.0591 0x01e8  [ 88DA2E50CBCD4C062632EE34923C5913, A0EEFC404049798B2319C90F8FB3A9A42323204DB89182F7A968B8723F913B79 ] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
16:11:33.0841 0x01e8  SimplePass - ok
16:11:33.0873 0x01e8  [ B5F08FCC816B933D8EC1FACCE62B2A12, 950A1764E90EE11BCC033C30BD823855AA92E62479AF6ECA762F491FF670A125 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
16:11:33.0888 0x01e8  OPBHOBroker - ok
16:11:33.0919 0x01e8  [ 1C8F76268DE368A288C6AFB2F00F348F, CB25D1332C694CD460038FC2A5CD1D223AEECBBEDD1768B0F6727219EEF16ABA ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
16:11:33.0935 0x01e8  OPBHOBrokerDesktop - ok
16:11:33.0935 0x01e8  SynTPEnh - ok
16:11:33.0998 0x01e8  [ 56C262B2CFDE9A101455CE6A60762C6C, 66504DC72530E788962CF7D88EE14804098CE52675BA3143A291694D31036E10 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
16:11:34.0013 0x01e8  AccelerometerSysTrayApplet - ok
16:11:34.0107 0x01e8  [ E2043ABD9E13E1B7BF74B1D05E15AA47, B59953E4F2392858601551A4FA2024742B99E6AF48D71C3155548C97E25A1FA9 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
16:11:34.0185 0x01e8  HPMessageService - ok
16:11:34.0279 0x01e8  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:11:34.0294 0x01e8  Avira SystrayStartTrigger - ok
16:11:34.0544 0x01e8  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
16:11:34.0607 0x01e8  avgnt - ok
16:11:35.0044 0x01e8  [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
16:11:35.0576 0x01e8  CCleaner Monitoring - ok
16:11:35.0669 0x01e8  Skype - ok
16:11:35.0716 0x01e8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
16:11:35.0716 0x01e8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
16:11:35.0763 0x01e8  Win FW state via NFP2: enabled ( trusted )
16:11:35.0763 0x01e8  ============================================================
16:11:35.0763 0x01e8  Scan finished
16:11:35.0763 0x01e8  ============================================================
16:11:35.0779 0x0bc0  Detected object count: 7
16:11:35.0779 0x0bc0  Actual detected object count: 7
16:12:11.0232 0x0bc0  Cachedrv server ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0  Cachedrv server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0232 0x0bc0  fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0  fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0232 0x0bc0  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0248 0x0bc0  omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0  omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0248 0x0bc0  STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0  STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0248 0x0bc0  Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0  Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:12:11.0248 0x0bc0  SysTrayApp ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0  SysTrayApp ( UnsignedFile.Multi.Generic ) - User select action: Skip

M-K-D-B · 11.12.2015, 20:20

Servus,

bekomme ich auf meine Frage auch noch eine Antwort?

togaanbl · 11.12.2015, 20:54

Keine Probleme mehr mit Browsern.

M-K-D-B · 11.12.2015, 21:00

Servus,

ok, dann entfernen wir noch die letzten Reste und kontrollieren noch:

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET.

togaanbl · 11.12.2015, 21:42

Hier die Fixlist und HitmanPro - Eset folgt morgen:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Anni Blask (2015-12-11 21:23:01) Run:1
Gestartet von C:\Users\Anni Blask\Downloads
Geladene Profile: Anni Blask &  (Verfügbare Profile: Anni Blask)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 3.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:23:13 ====

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.10.251
www.hitmanpro.com

   Computer name . . . . : ANNI
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : Anni\Anni Blask
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2015-12-11 21:33:43
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 18s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 2.533.294
   Files scanned . . . . : 15.646
   Remnants scanned  . . : 383.303 files / 2.134.345 keys

Suspicious files ____________________________________________________________

   C:\Users\Anni Blask\Downloads\FRST64(1).exe
      Size . . . . . . . : 2.369.024 bytes
      Age  . . . . . . . : 0.2 days (2015-12-11 15:54:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : BB9216588A16099C06BCD7D14C5D2B53FA56F93CDED4E9DB98F1064AD8D398A3
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -19.1s C:\Users\Anni Blask\Downloads\FRST64.exe
          0.0s C:\Users\Anni Blask\Downloads\FRST64(1).exe
         25.7s C:\Users\Anni Blask\Downloads\tdsskiller.exe

   C:\Users\Anni Blask\Downloads\FRST64.exe
      Size . . . . . . . : 2.369.024 bytes
      Age  . . . . . . . : 0.2 days (2015-12-11 15:54:29)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : BB9216588A16099C06BCD7D14C5D2B53FA56F93CDED4E9DB98F1064AD8D398A3
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Anni Blask\Downloads\FRST64.exe
         19.1s C:\Users\Anni Blask\Downloads\FRST64(1).exe
         44.8s C:\Users\Anni Blask\Downloads\tdsskiller.exe

M-K-D-B · 12.12.2015, 11:09

Ok, dann warte ich noch auf ESET.

togaanbl · 12.12.2015, 13:13

Eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=init
# utc_time=2015-12-11 05:51:46
# local_time=2015-12-11 06:51:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27155
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=updated
# utc_time=2015-12-11 06:04:57
# local_time=2015-12-11 07:04:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=init
# utc_time=2015-12-12 08:29:39
# local_time=2015-12-12 09:29:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27161
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=updated
# utc_time=2015-12-12 08:30:57
# local_time=2015-12-12 09:30:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# engine=27161
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-12 12:04:36
# local_time=2015-12-12 01:04:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1702083 40360660 0 0
# scanned=262481
# found=0
# cleaned=0
# scan_time=12818

M-K-D-B · 12.12.2015, 16:06

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	MSE

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

M-K-D-B · 15.12.2015, 17:54

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.