Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Email-account gehackt, Betreffszeile: New message

Email-account gehackt, Betreffszeile: New message


Log-Analyse und Auswertung: Email-account gehackt, Betreffszeile: New message

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 01.02.2016, 12:59   #1
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Hallo werte Helfer,

danke schon mal für Eure Hilfe. Nun zu meinem Problem:

Ich denke mein email-account wurde gehackt und zwar in aller Regelmäßigkeit so alle 5-6 Wochen. Das nervt natürlich. Das hacken erfolgt trotzdem, obwohl ich in aller Regelmäßigkeit Passwörter mit über 20Stellen (GroßkleinSonderzeicchenZahlen) verwende.
Mein Provider schiebt die Schuld auf mich. Ich denke eher der Provider hat ein Problem.
Mein Provider ist 1&1 und ich nutze einen email-account, den ich mit Outlook 2010 als IMAP-Synchronisation verwalte.

Als Antivirus nutze ich AVIRA und AVAST.

Mein System ist Win10 Home 64bit.

Da ich mich bei Euch schon ein wenig umgesehen habe, habe ich das von empfohlene Tool FRST64 heruntergeladen und die Untersuchung ausgeführt. Die beiden Textdokumente FRST und Addition füge ich hier als Anlage mal bei.

LG

Andreas

Alt 01.02.2016, 14:35   #2
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte TDSS-Killer ausführen:





Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer.
__________________
Alt 01.02.2016, 16:09   #3
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Logdatei_Teil_1


Code:
ATTFilter
14:58:24.0965 0x1c78  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:58:24.0965 0x1c78  UEFI system
14:58:35.0287 0x1c78  ============================================================
14:58:35.0288 0x1c78  Current date / time: 2016/02/01 14:58:35.0287
14:58:35.0288 0x1c78  SystemInfo:
14:58:35.0288 0x1c78  
14:58:35.0288 0x1c78  OS Version: 10.0.10586 ServicePack: 0.0
14:58:35.0288 0x1c78  Product type: Workstation
14:58:35.0288 0x1c78  ComputerName: ASS-CO
14:58:35.0289 0x1c78  UserName: ASS-CO.de
14:58:35.0289 0x1c78  Windows directory: C:\WINDOWS
14:58:35.0289 0x1c78  System windows directory: C:\WINDOWS
14:58:35.0289 0x1c78  Running under WOW64
14:58:35.0289 0x1c78  Processor architecture: Intel x64
14:58:35.0289 0x1c78  Number of processors: 4
14:58:35.0289 0x1c78  Page size: 0x1000
14:58:35.0289 0x1c78  Boot type: Normal boot
14:58:35.0289 0x1c78  ============================================================
14:58:35.0468 0x1c78  KLMD registered as C:\WINDOWS\system32\drivers\95324488.sys
14:58:36.0018 0x1c78  System UUID: {51086F8E-64F3-1B55-BD3E-6A4CF8A66B4E}
14:58:36.0960 0x1c78  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:37.0033 0x1c78  ============================================================
14:58:37.0033 0x1c78  \Device\Harddisk0\DR0:
14:58:37.0034 0x1c78  GPT partitions:
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C0DCF6BC-C34D-4C1B-8072-5410D2A12D61}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {481A908E-1B9E-4215-A984-671DE666217F}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BA8A2EB6-1674-4867-B4EE-0CD046FC07E8}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {EA7ACFC9-5B75-44AD-AB3D-D43EF611EE9B}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C86D517E-40D8-49B9-983A-751D2EB73BC4}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x2361B458
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6ED7211A-C510-402C-A3E7-C253443EE841}, Name: , StartLBA 0x23987800, BlocksNum 0x19E800
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7E66F5DD-21EA-4BED-A3E1-AEAD61CFCE49}, Name: Basic data partition, StartLBA 0x23B26000, BlocksNum 0x124F8000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {13901E70-DD81-48ED-8DF6-CE56291B7793}, Name: Basic data partition, StartLBA 0x3601E000, BlocksNum 0xC350000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition9: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {09764A24-6349-4151-BA2D-3216DB9CF657}, Name: Basic data partition, StartLBA 0x4236E000, BlocksNum 0x124F8000
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition10: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C4B092A5-D146-4C5E-B719-CECA5E93F61A}, Name: Basic data partition, StartLBA 0x54866000, BlocksNum 0x1869F800
14:58:37.0035 0x1c78  \Device\Harddisk0\DR0\Partition11: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C3D1234A-C091-4276-9CB3-13C96F7E26DD}, Name: Basic data partition, StartLBA 0x6CF06000, BlocksNum 0x77FE000
14:58:37.0035 0x1c78  MBR partitions:
14:58:37.0035 0x1c78  ============================================================
14:58:37.0062 0x1c78  C: <-> \Device\Harddisk0\DR0\Partition5
14:58:37.0100 0x1c78  D: <-> \Device\Harddisk0\DR0\Partition11
14:58:37.0146 0x1c78  F: <-> \Device\Harddisk0\DR0\Partition7
14:58:37.0148 0x1c78  G: <-> \Device\Harddisk0\DR0\Partition8
14:58:37.0173 0x1c78  H: <-> \Device\Harddisk0\DR0\Partition9
14:58:37.0192 0x1c78  I: <-> \Device\Harddisk0\DR0\Partition10
14:58:37.0192 0x1c78  ============================================================
14:58:37.0192 0x1c78  Initialize success
14:58:37.0192 0x1c78  ============================================================
14:59:06.0474 0x14f8  ============================================================
14:59:06.0475 0x14f8  Scan started
14:59:06.0475 0x14f8  Mode: Manual; 
14:59:06.0475 0x14f8  ============================================================
14:59:06.0475 0x14f8  KSN ping started
14:59:08.0865 0x14f8  KSN ping finished: true
14:59:10.0925 0x14f8  ================ Scan system memory ========================
14:59:10.0925 0x14f8  System memory - ok
14:59:10.0927 0x14f8  ================ Scan services =============================
14:59:11.0079 0x14f8  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:59:11.0090 0x14f8  1394ohci - ok
14:59:11.0129 0x14f8  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:59:11.0135 0x14f8  3ware - ok
14:59:11.0179 0x14f8  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:59:11.0201 0x14f8  ACPI - ok
14:59:11.0215 0x14f8  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:59:11.0221 0x14f8  acpiex - ok
14:59:11.0230 0x14f8  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:59:11.0232 0x14f8  acpipagr - ok
14:59:11.0241 0x14f8  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:59:11.0244 0x14f8  AcpiPmi - ok
14:59:11.0254 0x14f8  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:59:11.0256 0x14f8  acpitime - ok
14:59:11.0283 0x14f8  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:59:11.0288 0x14f8  AdobeARMservice - ok
14:59:11.0346 0x14f8  [ 10A03D78A40260464DDFD04B5F66ACDC, 19EA03A8003BFACF94D6E26528822F0623395AC95A387603ADA32186BAD36F39 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:59:11.0355 0x14f8  AdobeFlashPlayerUpdateSvc - ok
14:59:11.0413 0x14f8  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:59:11.0451 0x14f8  ADP80XX - ok
14:59:11.0497 0x14f8  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:59:11.0518 0x14f8  AFD - ok
14:59:11.0531 0x14f8  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
14:59:11.0535 0x14f8  agp440 - ok
14:59:11.0553 0x14f8  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:59:11.0562 0x14f8  ahcache - ok
14:59:11.0572 0x14f8  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:59:11.0609 0x14f8  AJRouter - ok
14:59:11.0622 0x14f8  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
14:59:11.0627 0x14f8  ALG - ok
14:59:11.0640 0x14f8  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:59:11.0646 0x14f8  AmdK8 - ok
14:59:11.0659 0x14f8  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:59:11.0665 0x14f8  AmdPPM - ok
14:59:11.0677 0x14f8  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:59:11.0682 0x14f8  amdsata - ok
14:59:11.0700 0x14f8  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:59:11.0710 0x14f8  amdsbs - ok
14:59:11.0721 0x14f8  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:59:11.0724 0x14f8  amdxata - ok
14:59:11.0793 0x14f8  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
14:59:11.0827 0x14f8  AntiVirMailService - ok
14:59:11.0853 0x14f8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:59:11.0873 0x14f8  AntiVirSchedulerService - ok
14:59:11.0898 0x14f8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:59:11.0915 0x14f8  AntiVirService - ok
14:59:11.0983 0x14f8  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
14:59:12.0035 0x14f8  AntiVirWebService - ok
14:59:12.0053 0x14f8  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:59:12.0059 0x14f8  AppID - ok
14:59:12.0083 0x14f8  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:59:12.0087 0x14f8  AppIDSvc - ok
14:59:12.0099 0x14f8  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:59:12.0104 0x14f8  Appinfo - ok
14:59:12.0130 0x14f8  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:59:12.0135 0x14f8  Apple Mobile Device Service - ok
14:59:12.0178 0x14f8  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:59:12.0196 0x14f8  AppReadiness - ok
14:59:12.0299 0x14f8  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:59:12.0377 0x14f8  AppXSvc - ok
14:59:12.0397 0x14f8  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:59:12.0404 0x14f8  arcsas - ok
14:59:12.0415 0x14f8  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
14:59:12.0417 0x14f8  aswHwid - ok
14:59:12.0430 0x14f8  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
14:59:12.0435 0x14f8  aswMonFlt - ok
14:59:12.0448 0x14f8  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
14:59:12.0453 0x14f8  aswRdr - ok
14:59:12.0464 0x14f8  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
14:59:12.0468 0x14f8  aswRvrt - ok
14:59:12.0516 0x14f8  [ 0BCDF7DF06B4407A7EB0443AADB3DD27, 3D33FFBECFE4766FE66B1269B7B218D03D7ED9E58A9C27E8D8B84474F30DBB19 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
14:59:12.0554 0x14f8  aswSnx - ok
14:59:12.0591 0x14f8  [ 619CA9F210F0F36F8162E5B7BFDDA5CD, D0D87549BD32F575E518B510085F86D434C3B948733391A6F7959918D761F29B ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
14:59:12.0608 0x14f8  aswSP - ok
14:59:12.0625 0x14f8  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
14:59:12.0632 0x14f8  aswStm - ok
14:59:12.0651 0x14f8  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
14:59:12.0662 0x14f8  aswVmm - ok
14:59:12.0673 0x14f8  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:59:12.0676 0x14f8  AsyncMac - ok
14:59:12.0686 0x14f8  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:59:12.0688 0x14f8  atapi - ok
14:59:12.0712 0x14f8  [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:59:12.0726 0x14f8  AudioEndpointBuilder - ok
14:59:12.0786 0x14f8  [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:59:12.0827 0x14f8  Audiosrv - ok
14:59:12.0857 0x14f8  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:59:12.0868 0x14f8  avast! Antivirus - ok
14:59:12.0883 0x14f8  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:59:12.0890 0x14f8  avgntflt - ok
14:59:12.0906 0x14f8  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:59:12.0913 0x14f8  avipbb - ok
14:59:12.0930 0x14f8  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
14:59:12.0939 0x14f8  Avira.OE.ServiceHost - ok
14:59:12.0951 0x14f8  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:59:12.0954 0x14f8  avkmgr - ok
14:59:12.0967 0x14f8  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
14:59:12.0971 0x14f8  avnetflt - ok
14:59:12.0985 0x14f8  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:59:12.0992 0x14f8  AxInstSV - ok
14:59:13.0023 0x14f8  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:59:13.0043 0x14f8  b06bdrv - ok
14:59:13.0058 0x14f8  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:59:13.0062 0x14f8  BasicDisplay - ok
14:59:13.0073 0x14f8  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:59:13.0077 0x14f8  BasicRender - ok
14:59:13.0091 0x14f8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
14:59:13.0094 0x14f8  bcmfn - ok
14:59:13.0104 0x14f8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:59:13.0106 0x14f8  bcmfn2 - ok
14:59:13.0141 0x14f8  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:59:13.0156 0x14f8  BDESVC - ok
14:59:13.0167 0x14f8  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:59:13.0169 0x14f8  Beep - ok
14:59:13.0208 0x14f8  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
14:59:13.0238 0x14f8  BFE - ok
14:59:13.0290 0x14f8  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
14:59:13.0347 0x14f8  BITS - ok
14:59:13.0380 0x14f8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:59:13.0396 0x14f8  Bonjour Service - ok
14:59:13.0409 0x14f8  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:59:13.0414 0x14f8  bowser - ok
14:59:13.0453 0x14f8  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:59:13.0476 0x14f8  BrokerInfrastructure - ok
14:59:13.0492 0x14f8  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
14:59:13.0498 0x14f8  Browser - ok
14:59:13.0508 0x14f8  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:59:13.0512 0x14f8  BthAvrcpTg - ok
14:59:13.0524 0x14f8  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:59:13.0528 0x14f8  BthHFEnum - ok
14:59:13.0540 0x14f8  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:59:13.0544 0x14f8  bthhfhid - ok
14:59:13.0576 0x14f8  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:59:13.0590 0x14f8  BthHFSrv - ok
14:59:13.0602 0x14f8  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:59:13.0606 0x14f8  BTHMODEM - ok
14:59:13.0649 0x14f8  [ 40811857B266F02D75DE654AE92D98C9, 964A50FA4A6B0D62B9D8135B2FB9D7222216F99230849CD5478278B06ACD9A5B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
14:59:13.0686 0x14f8  BTHPORT - ok
14:59:13.0700 0x14f8  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:59:13.0706 0x14f8  bthserv - ok
14:59:13.0719 0x14f8  [ F001B81D47CEBF96E60CE971FFCC45C4, EE419B557C52B0F1704B5D58E7FA9A996B33E78CC02EA4CA1D28CAB8CFD77D95 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
14:59:13.0724 0x14f8  BTHUSB - ok
14:59:13.0734 0x14f8  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:59:13.0738 0x14f8  buttonconverter - ok
14:59:13.0752 0x14f8  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:59:13.0757 0x14f8  CapImg - ok
14:59:13.0770 0x14f8  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:59:13.0775 0x14f8  cdfs - ok
14:59:13.0796 0x14f8  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:59:13.0809 0x14f8  CDPSvc - ok
14:59:13.0825 0x14f8  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:59:13.0832 0x14f8  cdrom - ok
14:59:13.0848 0x14f8  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:59:13.0858 0x14f8  CertPropSvc - ok
14:59:13.0870 0x14f8  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:59:13.0874 0x14f8  circlass - ok
14:59:13.0907 0x14f8  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:59:13.0922 0x14f8  CLFS - ok
14:59:13.0954 0x14f8  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:59:13.0978 0x14f8  ClipSVC - ok
14:59:14.0010 0x14f8  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
14:59:14.0015 0x14f8  CLVirtualDrive - ok
14:59:14.0027 0x14f8  [ 39F71BF21E7F8EBE9B4810BC95EE26D6, 6134013F918D41A1AA8C814217A272F2C428FA3FE97DB66501FA50A488B0C991 ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
14:59:14.0031 0x14f8  clwvd - ok
14:59:14.0044 0x14f8  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:59:14.0048 0x14f8  CmBatt - ok
14:59:14.0094 0x14f8  [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:59:14.0115 0x14f8  CNG - ok
14:59:14.0127 0x14f8  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:59:14.0131 0x14f8  cnghwassist - ok
14:59:14.0178 0x14f8  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
14:59:14.0181 0x14f8  CompositeBus - ok
14:59:14.0190 0x14f8  COMSysApp - ok
14:59:14.0202 0x14f8  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:59:14.0205 0x14f8  condrv - ok
14:59:14.0296 0x14f8  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:59:14.0325 0x14f8  CoreMessagingRegistrar - ok
14:59:14.0385 0x14f8  [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:59:14.0404 0x14f8  cphs - ok
14:59:14.0420 0x14f8  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:59:14.0426 0x14f8  CryptSvc - ok
14:59:14.0464 0x14f8  [ 9FF6436D65CD8C798691373E28FBFB3B, 7A9ACD14679FB82E71EF4C47E43DAD931EC4FD727A5656AF8A3CC3B95D67EB5B ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
14:59:14.0469 0x14f8  CyberLink PowerDVD 10 MS Monitor Service - ok
14:59:14.0488 0x14f8  [ 06B5C625CB915E9A7A1F08A43E332FA1, 66F0BFE088B44ED3D36E62DC05200CD09F135FF63C447846C603D6246FABB9BE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
14:59:14.0500 0x14f8  CyberLink PowerDVD 10 MS Service - ok
14:59:14.0511 0x14f8  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:59:14.0515 0x14f8  dam - ok
14:59:14.0569 0x14f8  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:59:14.0607 0x14f8  DcomLaunch - ok
14:59:14.0625 0x14f8  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:59:14.0637 0x14f8  DcpSvc - ok
14:59:14.0666 0x14f8  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:59:14.0686 0x14f8  defragsvc - ok
14:59:14.0718 0x14f8  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:59:14.0739 0x14f8  DeviceAssociationService - ok
14:59:14.0753 0x14f8  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:59:14.0766 0x14f8  DeviceInstall - ok
14:59:14.0776 0x14f8  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:59:14.0782 0x14f8  DevQueryBroker - ok
14:59:14.0796 0x14f8  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:59:14.0803 0x14f8  Dfsc - ok
14:59:14.0830 0x14f8  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:59:14.0847 0x14f8  Dhcp - ok
14:59:14.0858 0x14f8  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:59:14.0862 0x14f8  diagnosticshub.standardcollector.service - ok
14:59:14.0927 0x14f8  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:59:14.0985 0x14f8  DiagTrack - ok
14:59:15.0025 0x14f8  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
14:59:15.0040 0x14f8  DigitalWave.Update.Service - ok
14:59:15.0054 0x14f8  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:59:15.0060 0x14f8  disk - ok
14:59:15.0089 0x14f8  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:59:15.0108 0x14f8  DmEnrollmentSvc - ok
14:59:15.0119 0x14f8  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:59:15.0122 0x14f8  dmvsc - ok
14:59:15.0133 0x14f8  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:59:15.0138 0x14f8  dmwappushservice - ok
14:59:15.0172 0x14f8  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:59:15.0186 0x14f8  Dnscache - ok
14:59:15.0209 0x14f8  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:59:15.0222 0x14f8  dot3svc - ok
14:59:15.0239 0x14f8  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
14:59:15.0249 0x14f8  DPS - ok
14:59:15.0258 0x14f8  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
14:59:15.0262 0x2b48  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
14:59:15.0263 0x14f8  drmkaud - ok
14:59:15.0280 0x14f8  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:59:15.0291 0x14f8  DsmSvc - ok
14:59:15.0309 0x14f8  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:59:15.0317 0x14f8  DsSvc - ok
14:59:15.0412 0x14f8  [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:59:15.0484 0x14f8  DXGKrnl - ok
14:59:15.0501 0x14f8  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
14:59:15.0509 0x14f8  Eaphost - ok
14:59:15.0542 0x14f8  [ 04A83E99978F4BBB063074FF99D9E5D6, 0FAAFBD958D5A563EC9656F875B6ABE7B320EA85A92C062FE934E8EDFE38135F ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
14:59:15.0549 0x14f8  EaseUS Agent - ok
14:59:15.0564 0x2674  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
14:59:15.0712 0x14f8  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:59:15.0856 0x14f8  ebdrv - ok
14:59:15.0874 0x14f8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
14:59:15.0883 0x14f8  EFS - ok
14:59:15.0895 0x14f8  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:59:15.0899 0x14f8  EhStorClass - ok
14:59:15.0912 0x14f8  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:59:15.0918 0x14f8  EhStorTcgDrv - ok
14:59:15.0932 0x14f8  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:59:15.0939 0x14f8  embeddedmode - ok
14:59:15.0960 0x14f8  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:59:15.0975 0x14f8  EntAppSvc - ok
14:59:15.0985 0x14f8  [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
14:59:15.0990 0x14f8  epmntdrv - ok
14:59:16.0000 0x14f8  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:59:16.0005 0x14f8  ErrDev - ok
14:59:16.0022 0x14f8  [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
14:59:16.0026 0x14f8  EUBAKUP - ok
14:59:16.0037 0x14f8  [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
14:59:16.0040 0x14f8  EUBKMON - ok
14:59:16.0051 0x14f8  [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
14:59:16.0053 0x14f8  EUDSKACS - ok
14:59:16.0070 0x14f8  [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
14:59:16.0078 0x14f8  EUFDDISK - ok
14:59:16.0087 0x14f8  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
14:59:16.0092 0x14f8  EuGdiDrv - ok
14:59:16.0162 0x14f8  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
14:59:16.0180 0x14f8  EventSystem - ok
14:59:16.0201 0x14f8  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:59:16.0213 0x14f8  exfat - ok
14:59:16.0235 0x14f8  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:59:16.0248 0x14f8  fastfat - ok
14:59:16.0293 0x14f8  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:59:16.0322 0x14f8  Fax - ok
14:59:16.0336 0x14f8  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:59:16.0339 0x14f8  fdc - ok
14:59:16.0348 0x14f8  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:59:16.0353 0x14f8  fdPHost - ok
14:59:16.0374 0x14f8  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:59:16.0380 0x14f8  FDResPub - ok
14:59:16.0394 0x14f8  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:59:16.0403 0x14f8  fhsvc - ok
14:59:16.0416 0x14f8  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:59:16.0420 0x14f8  FileCrypt - ok
14:59:16.0432 0x14f8  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:59:16.0437 0x14f8  FileInfo - ok
14:59:16.0448 0x14f8  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:59:16.0451 0x14f8  Filetrace - ok
14:59:16.0460 0x14f8  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:59:16.0463 0x14f8  flpydisk - ok
14:59:16.0490 0x14f8  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:59:16.0506 0x14f8  FltMgr - ok
14:59:16.0576 0x14f8  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:59:16.0636 0x14f8  FontCache - ok
14:59:16.0661 0x14f8  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:59:16.0665 0x14f8  FontCache3.0.0.0 - ok
14:59:16.0676 0x14f8  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:59:16.0681 0x14f8  FsDepends - ok
14:59:16.0691 0x14f8  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:59:16.0694 0x14f8  Fs_Rec - ok
14:59:16.0728 0x14f8  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:59:16.0752 0x14f8  fvevol - ok
14:59:16.0764 0x14f8  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
14:59:16.0769 0x14f8  gagp30kx - ok
14:59:16.0780 0x14f8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:59:16.0783 0x14f8  GEARAspiWDM - ok
14:59:16.0792 0x14f8  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:59:16.0796 0x14f8  gencounter - ok
14:59:16.0806 0x14f8  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:59:16.0809 0x14f8  genericusbfn - ok
14:59:16.0833 0x14f8  [ BE50C7FD9C390FA277516B166D16725F, F4295AABDEA348C182C9D690427BB8FC99F4F6CE16E29C310079B8C70DED9A21 ] GladFileMonSvc  C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
14:59:16.0840 0x14f8  GladFileMonSvc - ok
14:59:16.0870 0x14f8  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:59:16.0879 0x14f8  GPIOClx0101 - ok
14:59:16.0937 0x14f8  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:59:16.0987 0x14f8  gpsvc - ok
14:59:16.0998 0x14f8  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:59:17.0000 0x14f8  GpuEnergyDrv - ok
14:59:17.0024 0x14f8  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:59:17.0030 0x14f8  gupdate - ok
14:59:17.0041 0x14f8  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:59:17.0047 0x14f8  gupdatem - ok
14:59:17.0059 0x14f8  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:59:17.0063 0x14f8  HDAudBus - ok
14:59:17.0074 0x14f8  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:59:17.0077 0x14f8  HidBatt - ok
14:59:17.0090 0x14f8  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:59:17.0096 0x14f8  HidBth - ok
14:59:17.0107 0x14f8  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:59:17.0111 0x14f8  hidi2c - ok
14:59:17.0122 0x14f8  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
14:59:17.0126 0x14f8  hidinterrupt - ok
14:59:17.0135 0x14f8  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:59:17.0139 0x14f8  HidIr - ok
14:59:17.0149 0x14f8  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:59:17.0155 0x14f8  hidserv - ok
14:59:17.0165 0x14f8  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:59:17.0168 0x14f8  HidUsb - ok
14:59:17.0188 0x14f8  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:59:17.0203 0x14f8  HomeGroupListener - ok
14:59:17.0230 0x14f8  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:59:17.0252 0x14f8  HomeGroupProvider - ok
14:59:17.0264 0x14f8  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:59:17.0268 0x14f8  HpSAMD - ok
14:59:17.0283 0x14f8  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:59:17.0287 0x14f8  HTCMonitorService - ok
14:59:17.0298 0x14f8  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
14:59:17.0301 0x14f8  htcnprot - ok
14:59:17.0315 0x14f8  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys
14:59:17.0322 0x14f8  HtcVCom32 - ok
14:59:17.0372 0x14f8  [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:59:17.0410 0x14f8  HTTP - ok
14:59:17.0422 0x14f8  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:59:17.0425 0x14f8  hwpolicy - ok
14:59:17.0435 0x14f8  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:59:17.0437 0x14f8  hyperkbd - ok
14:59:17.0450 0x14f8  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:59:17.0456 0x14f8  i8042prt - ok
14:59:17.0467 0x14f8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
14:59:17.0472 0x14f8  iai2c - ok
14:59:17.0488 0x14f8  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
14:59:17.0495 0x14f8  iaLPSS2i_I2C - ok
14:59:17.0505 0x14f8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:59:17.0509 0x14f8  iaLPSSi_GPIO - ok
14:59:17.0522 0x14f8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:59:17.0528 0x14f8  iaLPSSi_I2C - ok
14:59:17.0565 0x14f8  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:59:17.0591 0x14f8  iaStorAV - ok
14:59:17.0617 0x14f8  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:59:17.0635 0x14f8  iaStorV - ok
14:59:17.0674 0x14f8  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
14:59:17.0692 0x14f8  ibbus - ok
14:59:17.0707 0x14f8  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:59:17.0715 0x14f8  ICCS - ok
14:59:17.0731 0x14f8  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
14:59:17.0742 0x2b48  Object send P2P result: true
14:59:17.0742 0x2b48  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
14:59:17.0746 0x14f8  icssvc - ok
Code:
ATTFilter
14:59:17.0755 0x14f8  IEEtwCollectorService - ok
14:59:17.0990 0x14f8  [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:59:18.0086 0x2674  Object send P2P result: true
14:59:18.0087 0x2674  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
14:59:18.0122 0x14f8  igfx - ok
14:59:18.0151 0x14f8  [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:59:18.0167 0x14f8  igfxCUIService1.0.0.0 - ok
14:59:18.0214 0x14f8  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:59:18.0253 0x14f8  IKEEXT - ok
14:59:18.0271 0x14f8  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
14:59:18.0276 0x14f8  intaud_WaveExtensible - ok
14:59:18.0451 0x14f8  [ F45DDE64E87418F62BA75EFDB776F9B5, BE981697E58F4268DDBC0A2439EC182309EEA71897F6ECEB15BC767B9B7DE572 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:59:18.0589 0x14f8  IntcAzAudAddService - ok
14:59:18.0624 0x14f8  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:59:18.0642 0x14f8  IntcDAud - ok
14:59:18.0689 0x14f8  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
14:59:18.0715 0x14f8  Intel(R) Capability Licensing Service Interface - ok
14:59:18.0753 0x14f8  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
14:59:18.0784 0x14f8  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:59:18.0796 0x14f8  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:59:18.0800 0x14f8  intelide - ok
14:59:18.0812 0x14f8  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:59:18.0815 0x14f8  intelpep - ok
14:59:18.0830 0x14f8  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:59:18.0837 0x14f8  intelppm - ok
14:59:18.0847 0x14f8  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
14:59:18.0850 0x14f8  IoQos - ok
14:59:18.0863 0x14f8  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:59:18.0867 0x14f8  IpFilterDriver - ok
14:59:18.0926 0x14f8  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:59:18.0963 0x14f8  iphlpsvc - ok
14:59:18.0977 0x14f8  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:59:18.0981 0x14f8  IPMIDRV - ok
14:59:18.0997 0x14f8  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:59:19.0003 0x14f8  IPNAT - ok
14:59:19.0034 0x14f8  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:59:19.0058 0x14f8  iPod Service - ok
14:59:19.0068 0x14f8  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
14:59:19.0071 0x14f8  IRENUM - ok
14:59:19.0080 0x14f8  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:59:19.0083 0x14f8  isapnp - ok
14:59:19.0104 0x14f8  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:59:19.0116 0x14f8  iScsiPrt - ok
14:59:19.0128 0x14f8  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
14:59:19.0131 0x14f8  iwdbus - ok
14:59:19.0142 0x14f8  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:59:19.0147 0x14f8  kbdclass - ok
14:59:19.0157 0x14f8  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:59:19.0160 0x14f8  kbdhid - ok
14:59:19.0169 0x14f8  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
14:59:19.0172 0x14f8  kdnic - ok
14:59:19.0183 0x14f8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:59:19.0191 0x14f8  KeyIso - ok
14:59:19.0204 0x14f8  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:59:19.0210 0x14f8  KSecDD - ok
14:59:19.0225 0x14f8  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:59:19.0232 0x14f8  KSecPkg - ok
14:59:19.0242 0x14f8  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:59:19.0245 0x14f8  ksthunk - ok
14:59:19.0270 0x14f8  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:59:19.0289 0x14f8  KtmRm - ok
14:59:19.0309 0x14f8  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:59:19.0327 0x14f8  LanmanServer - ok
14:59:19.0346 0x14f8  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:59:19.0365 0x14f8  LanmanWorkstation - ok
14:59:19.0394 0x14f8  [ AA97872166AB4201540FB92C0BD6683F, 20AEB2BD7AE35167902B8FDACE060756E0952EBADC795A5E82AF7E2CDDE9DFFE ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
14:59:19.0397 0x14f8  Lexware_Update_Service - ok
14:59:19.0407 0x14f8  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
14:59:19.0414 0x14f8  lfsvc - ok
14:59:19.0425 0x14f8  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
14:59:19.0431 0x14f8  LicenseManager - ok
14:59:19.0442 0x14f8  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
14:59:19.0446 0x14f8  lltdio - ok
14:59:19.0466 0x14f8  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:59:19.0482 0x14f8  lltdsvc - ok
14:59:19.0492 0x14f8  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:59:19.0499 0x14f8  lmhosts - ok
14:59:19.0515 0x14f8  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:59:19.0522 0x14f8  LSI_SAS - ok
14:59:19.0534 0x14f8  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
14:59:19.0540 0x14f8  LSI_SAS2i - ok
14:59:19.0553 0x14f8  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
14:59:19.0559 0x14f8  LSI_SAS3i - ok
14:59:19.0571 0x14f8  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:59:19.0576 0x14f8  LSI_SSS - ok
14:59:19.0617 0x14f8  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
14:59:19.0647 0x14f8  LSM - ok
14:59:19.0661 0x14f8  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:59:19.0668 0x14f8  luafv - ok
14:59:19.0679 0x14f8  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
14:59:19.0688 0x14f8  MapsBroker - ok
14:59:19.0701 0x14f8  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:59:19.0706 0x14f8  megasas - ok
14:59:19.0735 0x14f8  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:59:19.0756 0x14f8  megasr - ok
14:59:19.0798 0x14f8  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:59:19.0807 0x14f8  MessagingService - ok
14:59:19.0978 0x14f8  Microsoft SharePoint Workspace Audit Service - ok
14:59:20.0013 0x14f8  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
14:59:20.0040 0x14f8  mlx4_bus - ok
14:59:20.0052 0x14f8  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
14:59:20.0056 0x14f8  MMCSS - ok
14:59:20.0066 0x14f8  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:59:20.0069 0x14f8  Modem - ok
14:59:20.0080 0x14f8  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:59:20.0083 0x14f8  monitor - ok
14:59:20.0095 0x14f8  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:59:20.0099 0x14f8  mouclass - ok
14:59:20.0109 0x14f8  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:59:20.0113 0x14f8  mouhid - ok
14:59:20.0125 0x14f8  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:59:20.0131 0x14f8  mountmgr - ok
14:59:20.0150 0x14f8  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:59:20.0158 0x14f8  MozillaMaintenance - ok
14:59:20.0169 0x14f8  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:59:20.0174 0x14f8  mpsdrv - ok
14:59:20.0214 0x2b48  Object send P2P result: true
14:59:20.0214 0x2b48  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
14:59:20.0217 0x14f8  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:59:20.0254 0x14f8  MpsSvc - ok
14:59:20.0270 0x14f8  [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:59:20.0277 0x14f8  MRxDAV - ok
14:59:20.0302 0x14f8  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:59:20.0319 0x14f8  mrxsmb - ok
14:59:20.0339 0x14f8  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:59:20.0350 0x14f8  mrxsmb10 - ok
14:59:20.0369 0x14f8  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:59:20.0378 0x14f8  mrxsmb20 - ok
14:59:20.0392 0x14f8  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
14:59:20.0399 0x14f8  MsBridge - ok
14:59:20.0413 0x14f8  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:59:20.0425 0x14f8  MSDTC - ok
14:59:20.0443 0x14f8  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:59:20.0446 0x14f8  Msfs - ok
14:59:20.0458 0x14f8  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:59:20.0462 0x14f8  msgpiowin32 - ok
14:59:20.0471 0x14f8  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:59:20.0473 0x14f8  mshidkmdf - ok
14:59:20.0482 0x14f8  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:59:20.0484 0x14f8  mshidumdf - ok
14:59:20.0494 0x14f8  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:59:20.0497 0x14f8  msisadrv - ok
14:59:20.0512 0x14f8  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:59:20.0522 0x14f8  MSiSCSI - ok
14:59:20.0531 0x14f8  msiserver - ok
14:59:20.0543 0x14f8  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
14:59:20.0546 0x14f8  MSKSSRV - ok
14:59:20.0560 0x14f8  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
14:59:20.0564 0x14f8  MsLldp - ok
14:59:20.0574 0x14f8  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
14:59:20.0577 0x14f8  MSPCLOCK - ok
14:59:20.0596 0x14f8  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
14:59:20.0598 0x14f8  MSPQM - ok
14:59:20.0606 0x2674  Object send P2P result: true
14:59:20.0633 0x14f8  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:59:20.0647 0x14f8  MsRPC - ok
14:59:20.0662 0x14f8  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:59:20.0666 0x14f8  mssmbios - ok
14:59:20.0676 0x14f8  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
14:59:20.0679 0x14f8  MSTEE - ok
14:59:20.0689 0x14f8  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:59:20.0692 0x14f8  MTConfig - ok
14:59:20.0705 0x14f8  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:59:20.0711 0x14f8  Mup - ok
14:59:20.0722 0x14f8  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:59:20.0727 0x14f8  mvumis - ok
14:59:20.0761 0x14f8  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:59:20.0780 0x14f8  NativeWifiP - ok
14:59:20.0809 0x14f8  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:59:20.0823 0x14f8  NcaSvc - ok
14:59:20.0850 0x14f8  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:59:20.0869 0x14f8  NcbService - ok
14:59:20.0880 0x14f8  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:59:20.0890 0x14f8  NcdAutoSetup - ok
14:59:20.0902 0x14f8  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
14:59:20.0907 0x14f8  ndfltr - ok
14:59:20.0957 0x14f8  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:59:20.0997 0x14f8  NDIS - ok
14:59:21.0010 0x14f8  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
14:59:21.0014 0x14f8  NdisCap - ok
14:59:21.0028 0x14f8  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:59:21.0034 0x14f8  NdisImPlatform - ok
14:59:21.0043 0x14f8  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:59:21.0047 0x14f8  NdisTapi - ok
14:59:21.0057 0x14f8  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
14:59:21.0062 0x14f8  Ndisuio - ok
14:59:21.0073 0x14f8  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:59:21.0076 0x14f8  NdisVirtualBus - ok
14:59:21.0093 0x14f8  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
14:59:21.0103 0x14f8  NdisWan - ok
14:59:21.0122 0x14f8  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:59:21.0129 0x14f8  ndiswanlegacy - ok
14:59:21.0141 0x14f8  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
14:59:21.0145 0x14f8  ndproxy - ok
14:59:21.0158 0x14f8  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:59:21.0164 0x14f8  Ndu - ok
14:59:21.0175 0x14f8  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
14:59:21.0179 0x14f8  NetBIOS - ok
14:59:21.0203 0x14f8  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:59:21.0214 0x14f8  NetBT - ok
14:59:21.0253 0x14f8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:59:21.0261 0x14f8  Netlogon - ok
14:59:21.0280 0x14f8  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
14:59:21.0296 0x14f8  Netman - ok
14:59:21.0325 0x14f8  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:59:21.0350 0x14f8  netprofm - ok
14:59:21.0367 0x14f8  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
14:59:21.0381 0x14f8  NetSetupSvc - ok
14:59:21.0437 0x14f8  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:59:21.0468 0x14f8  NetTcpPortSharing - ok
14:59:21.0521 0x14f8  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
14:59:21.0539 0x14f8  NgcCtnrSvc - ok
14:59:21.0582 0x14f8  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
14:59:21.0612 0x14f8  NgcSvc - ok
14:59:21.0636 0x14f8  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:59:21.0655 0x14f8  NlaSvc - ok
14:59:21.0666 0x14f8  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:59:21.0671 0x14f8  Npfs - ok
14:59:21.0681 0x14f8  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:59:21.0684 0x14f8  npsvctrig - ok
14:59:21.0694 0x14f8  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:59:21.0703 0x14f8  nsi - ok
14:59:21.0713 0x14f8  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:59:21.0716 0x14f8  nsiproxy - ok
14:59:21.0839 0x14f8  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
14:59:21.0915 0x14f8  NTFS - ok
14:59:21.0944 0x14f8  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:59:21.0947 0x14f8  Null - ok
14:59:21.0962 0x14f8  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:59:21.0969 0x14f8  nvraid - ok
14:59:21.0984 0x14f8  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:59:21.0993 0x14f8  nvstor - ok
14:59:22.0005 0x14f8  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
14:59:22.0011 0x14f8  nv_agp - ok
14:59:22.0034 0x14f8  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
14:59:22.0047 0x14f8  OneSyncSvc - ok
14:59:22.0099 0x14f8  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:59:22.0107 0x14f8  ose64 - ok
14:59:22.0312 0x14f8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:59:22.0515 0x14f8  osppsvc - ok
14:59:22.0555 0x14f8  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:59:22.0574 0x14f8  p2pimsvc - ok
14:59:22.0623 0x14f8  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:59:22.0646 0x14f8  p2psvc - ok
14:59:22.0674 0x14f8  [ D61B764B27BF05CCCADCC5E1E7B73A21, 14636C5D470E4E87B8C6ED4E34906072D8D631E566DECADF5E2FFC0535DF8989 ] PAC7302         C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
14:59:22.0693 0x2b48  Object send P2P result: true
14:59:22.0694 0x2b48  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
14:59:22.0695 0x14f8  PAC7302 - ok
14:59:22.0709 0x14f8  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:59:22.0715 0x14f8  Parport - ok
14:59:22.0727 0x14f8  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:59:22.0733 0x14f8  partmgr - ok
14:59:22.0746 0x14f8  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
14:59:22.0753 0x14f8  PassThru Service - ok
14:59:22.0782 0x14f8  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:59:22.0807 0x14f8  PcaSvc - ok
14:59:22.0829 0x14f8  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:59:22.0842 0x14f8  pci - ok
14:59:22.0853 0x14f8  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:59:22.0855 0x14f8  pciide - ok
14:59:22.0870 0x14f8  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:59:22.0877 0x14f8  pcmcia - ok
14:59:22.0888 0x14f8  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:59:22.0892 0x14f8  pcw - ok
14:59:22.0905 0x14f8  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:59:22.0911 0x14f8  pdc - ok
14:59:23.0025 0x14f8  [ A279FC9BE4D1DA5DA3E79B5EAE0FDCF4, 0CC9A413E2BFE30421A74610300F6AD29769EF45557137F6FD7B7FAF0E0A241C ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
14:59:23.0131 0x14f8  PDF Architect 3 - ok
14:59:23.0179 0x14f8  [ 29D993E6AABC958032ED9620D232C521, 68F6581BB8A856561BAD22B5EB5CAB25B3F9473228B553D133ECFB4BDCEB2A3F ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
14:59:23.0213 0x14f8  PDF Architect 3 CrashHandler - ok
14:59:23.0249 0x14f8  [ 9EC3A20048C2E53B98E3617B7D6EB1DE, 8C2A11FFE65C062E8091135ECE4E392C2F18BB48C565E47DA08BF344B2587061 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
14:59:23.0277 0x14f8  PDF Architect 3 Creator - ok
14:59:23.0346 0x14f8  [ 20C9518D18927FA01F42309CC6BF433E, 112CB468C682E179CE16275E9748A035BCBF5E5970A095E3C83C9C14865D6548 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
14:59:23.0394 0x14f8  PDF Architect Helper Service - ok
14:59:23.0437 0x14f8  [ EB69C64D06CB162602F7C3E389255334, 091D14BDD2585A40EF316547F1E0EDA007833A00ECDC062827E40FC2CCBF9DFF ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
14:59:23.0467 0x14f8  PDF Architect Service - ok
14:59:23.0501 0x14f8  [ A32028F7CDC08C44E91A2E83E42463C8, EB5C74EB309950407F22FCE4F59963313D9BCCA49BF4DA1B13421CC1C1015E6F ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
14:59:23.0510 0x14f8  PDFProFiltSrvPP - ok
14:59:23.0553 0x14f8  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:59:23.0582 0x14f8  PEAUTH - ok
14:59:23.0601 0x14f8  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
14:59:23.0606 0x14f8  PEGAGFN - ok
14:59:23.0617 0x14f8  [ 7BB4BD4E20221B6BFC0038851CF3A4F0, 29EECB0C2A8BFC315C5212AD26B871B02DF7B76B5097FF45BA5E5C78891F357C ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
14:59:23.0620 0x14f8  PegaRadioSwitch - ok
14:59:23.0634 0x14f8  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
14:59:23.0639 0x14f8  percsas2i - ok
14:59:23.0651 0x14f8  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
14:59:23.0655 0x14f8  percsas3i - ok
14:59:23.0707 0x14f8  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:59:23.0715 0x14f8  PerfHost - ok
14:59:23.0742 0x14f8  [ C182C1477F8D730D84CC74A213F72D11, 6E9197332544B39776D37A6C6283DC26CC139723C36FA79422F3FA9CD3CC8C5E ] PGFNEXSrv       C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
14:59:23.0748 0x14f8  PGFNEXSrv - ok
14:59:23.0788 0x14f8  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
14:59:23.0822 0x14f8  PhoneSvc - ok
14:59:23.0844 0x14f8  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:59:23.0860 0x14f8  PimIndexMaintenanceSvc - ok
14:59:23.0949 0x14f8  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
14:59:24.0006 0x14f8  pla - ok
14:59:24.0025 0x14f8  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:59:24.0037 0x14f8  PlugPlay - ok
14:59:24.0046 0x14f8  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:59:24.0055 0x14f8  PNRPAutoReg - ok
14:59:24.0077 0x14f8  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:59:24.0094 0x14f8  PNRPsvc - ok
14:59:24.0118 0x14f8  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:59:24.0136 0x14f8  PolicyAgent - ok
14:59:24.0155 0x14f8  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
14:59:24.0168 0x14f8  Power - ok
14:59:24.0180 0x14f8  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
14:59:24.0186 0x14f8  PptpMiniport - ok
14:59:24.0351 0x14f8  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:59:24.0470 0x14f8  PrintNotify - ok
14:59:24.0491 0x14f8  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:59:24.0497 0x14f8  Processor - ok
14:59:24.0519 0x14f8  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:59:24.0538 0x14f8  ProfSvc - ok
14:59:24.0554 0x14f8  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
14:59:24.0561 0x14f8  Psched - ok
14:59:24.0571 0x14f8  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\WINDOWS\system32\pwdrvio.sys
14:59:24.0579 0x14f8  pwdrvio - ok
14:59:24.0590 0x14f8  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\WINDOWS\system32\pwdspio.sys
14:59:24.0598 0x14f8  pwdspio - ok
14:59:24.0619 0x14f8  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:59:24.0637 0x14f8  QWAVE - ok
14:59:24.0647 0x14f8  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:59:24.0651 0x14f8  QWAVEdrv - ok
14:59:24.0660 0x14f8  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:59:24.0664 0x14f8  RasAcd - ok
14:59:24.0676 0x14f8  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
14:59:24.0681 0x14f8  RasAgileVpn - ok
14:59:24.0693 0x14f8  [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:59:24.0704 0x14f8  RasAuto - ok
14:59:24.0716 0x14f8  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
14:59:24.0722 0x14f8  Rasl2tp - ok
14:59:24.0757 0x14f8  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:59:24.0788 0x14f8  RasMan - ok
14:59:24.0801 0x14f8  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:59:24.0806 0x14f8  RasPppoe - ok
14:59:24.0817 0x14f8  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
14:59:24.0823 0x14f8  RasSstp - ok
14:59:24.0857 0x14f8  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:59:24.0874 0x14f8  rdbss - ok
14:59:24.0890 0x14f8  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:59:24.0893 0x14f8  rdpbus - ok
14:59:24.0908 0x14f8  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:59:24.0917 0x14f8  RDPDR - ok
14:59:24.0935 0x14f8  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:59:24.0939 0x14f8  RdpVideoMiniport - ok
14:59:24.0957 0x14f8  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:59:24.0967 0x14f8  rdyboost - ok
14:59:25.0027 0x14f8  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
14:59:25.0062 0x14f8  ReFSv1 - ok
14:59:25.0091 0x14f8  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:59:25.0115 0x14f8  RemoteAccess - ok
14:59:25.0131 0x14f8  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:59:25.0144 0x14f8  RemoteRegistry - ok
14:59:25.0179 0x2b48  Object send P2P result: true
14:59:25.0192 0x14f8  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
14:59:25.0235 0x14f8  RetailDemo - ok
14:59:25.0273 0x14f8  [ 27A3A6BF6EE99AB61BF6F1147542F6AA, EA77F391067BF597E2E9A5A915CED91694B34624CD7BC87531C1610659C28748 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
14:59:25.0287 0x14f8  RichVideo64 - ok
14:59:25.0300 0x14f8  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:59:25.0310 0x14f8  RpcEptMapper - ok
14:59:25.0319 0x14f8  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:59:25.0326 0x14f8  RpcLocator - ok
14:59:25.0373 0x14f8  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:59:25.0408 0x14f8  RpcSs - ok
14:59:25.0423 0x14f8  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
14:59:25.0428 0x14f8  rspndr - ok
14:59:25.0461 0x14f8  [ 8CF15A5A9FC24323E2B63DDF9788C74E, 4E91D45DB6E811B5DC75DD96EEE8813414F243D82AA789F7C2D464463B4DE7F4 ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
14:59:25.0484 0x14f8  RtkBtFilter - ok
14:59:25.0524 0x14f8  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
14:59:25.0555 0x14f8  RTL8168 - ok
14:59:25.0582 0x14f8  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
14:59:25.0597 0x14f8  RTSUER - ok
14:59:25.0736 0x14f8  [ 52BFDF19FBFDC7C8E811C73350CA2B52, E8385F78C133B06D6A7F488DAB7308A7D3ED7181C7CE02D150912CA9ABFC4C94 ] RTWlanE         C:\WINDOWS\System32\drivers\rtwlane.sys
14:59:25.0853 0x14f8  RTWlanE - ok
14:59:25.0877 0x14f8  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:59:25.0880 0x14f8  s3cap - ok
14:59:25.0892 0x14f8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:59:25.0900 0x14f8  SamSs - ok
14:59:25.0912 0x14f8  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:59:25.0918 0x14f8  sbp2port - ok
14:59:25.0936 0x14f8  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:59:25.0952 0x14f8  SCardSvr - ok
14:59:25.0967 0x14f8  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:59:25.0981 0x14f8  ScDeviceEnum - ok
14:59:25.0991 0x14f8  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:59:25.0995 0x14f8  scfilter - ok
14:59:26.0042 0x14f8  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:59:26.0084 0x14f8  Schedule - ok
14:59:26.0101 0x14f8  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:59:26.0111 0x14f8  SCPolicySvc - ok
14:59:26.0143 0x14f8  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:59:26.0155 0x14f8  sdbus - ok
14:59:26.0170 0x14f8  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
14:59:26.0183 0x14f8  SDRSVC - ok
14:59:26.0196 0x14f8  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:59:26.0202 0x14f8  sdstor - ok
14:59:26.0212 0x14f8  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:59:26.0222 0x14f8  seclogon - ok
14:59:26.0234 0x14f8  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
14:59:26.0244 0x14f8  SENS - ok
14:59:26.0301 0x14f8  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:59:26.0353 0x14f8  SensorDataService - ok
14:59:26.0377 0x14f8  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
14:59:26.0397 0x14f8  SensorService - ok
14:59:26.0413 0x14f8  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:59:26.0427 0x14f8  SensrSvc - ok
14:59:26.0440 0x14f8  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:59:26.0445 0x14f8  SerCx - ok
14:59:26.0459 0x14f8  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:59:26.0467 0x14f8  SerCx2 - ok
14:59:26.0486 0x14f8  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:59:26.0490 0x14f8  Serenum - ok
14:59:26.0514 0x14f8  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:59:26.0519 0x14f8  Serial - ok
14:59:26.0529 0x14f8  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:59:26.0533 0x14f8  sermouse - ok
14:59:26.0620 0x14f8  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:59:26.0642 0x14f8  SessionEnv - ok
14:59:26.0652 0x14f8  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:59:26.0655 0x14f8  sfloppy - ok
14:59:26.0696 0x14f8  [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:59:26.0717 0x14f8  SharedAccess - ok
14:59:26.0806 0x14f8  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:59:26.0835 0x14f8  ShellHWDetection - ok
14:59:26.0847 0x14f8  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:59:26.0851 0x14f8  SiSRaid2 - ok
14:59:26.0862 0x14f8  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:59:26.0867 0x14f8  SiSRaid4 - ok
14:59:26.0896 0x14f8  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:59:26.0909 0x14f8  SkypeUpdate - ok
14:59:26.0919 0x14f8  [ 629F6CDD71F284EB2A519B2C95CCCD78, E521374890C19F36EFA7C2B5240DCDE6316A31F4C454957D50878BD28BD437F0 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
14:59:26.0923 0x14f8  SmbDrv - ok
14:59:26.0933 0x14f8  [ 426AEE15F4E6C900C0C30E29B2D86361, D5916F590BD2E1F3CC474D6E10C2AE8F858C2A439ADF93CB61AD55875124DB43 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
14:59:26.0937 0x14f8  SmbDrvI - ok
14:59:26.0963 0x14f8  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
14:59:26.0972 0x14f8  smphost - ok
14:59:27.0002 0x14f8  [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
14:59:27.0030 0x14f8  SmsRouter - ok
14:59:27.0051 0x14f8  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:59:27.0060 0x14f8  SNMPTRAP - ok
14:59:27.0098 0x14f8  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:59:27.0117 0x14f8  spaceport - ok
14:59:27.0129 0x14f8  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:59:27.0135 0x14f8  SpbCx - ok
14:59:27.0175 0x14f8  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:59:27.0208 0x14f8  Spooler - ok
14:59:27.0510 0x14f8  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:59:27.0744 0x14f8  sppsvc - ok
14:59:27.0791 0x14f8  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:59:27.0807 0x14f8  srv - ok
14:59:27.0842 0x14f8  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:59:27.0867 0x14f8  srv2 - ok
14:59:27.0887 0x14f8  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:59:27.0897 0x14f8  srvnet - ok
14:59:27.0932 0x14f8  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:59:27.0947 0x14f8  SSDPSRV - ok
14:59:27.0965 0x14f8  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:59:27.0981 0x14f8  SstpSvc - ok
14:59:28.0017 0x14f8  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
14:59:28.0043 0x14f8  ss_conn_service - ok
14:59:28.0170 0x14f8  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
14:59:28.0280 0x14f8  StateRepository - ok
14:59:28.0296 0x14f8  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:59:28.0299 0x14f8  stexstor - ok
14:59:28.0308 0x14f8  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
14:59:28.0312 0x14f8  StillCam - ok
14:59:28.0361 0x14f8  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:59:28.0392 0x14f8  stisvc - ok
14:59:28.0409 0x14f8  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:59:28.0414 0x14f8  storahci - ok
14:59:28.0425 0x14f8  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
14:59:28.0430 0x14f8  storflt - ok
14:59:28.0441 0x14f8  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:59:28.0446 0x14f8  stornvme - ok
14:59:28.0459 0x14f8  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
14:59:28.0464 0x14f8  storqosflt - ok
14:59:28.0495 0x14f8  [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:59:28.0524 0x14f8  StorSvc - ok
14:59:28.0537 0x14f8  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
14:59:28.0540 0x14f8  storufs - ok
14:59:28.0551 0x14f8  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:59:28.0555 0x14f8  storvsc - ok
14:59:28.0566 0x14f8  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:59:28.0576 0x14f8  svsvc - ok
14:59:28.0586 0x14f8  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:59:28.0589 0x14f8  swenum - ok
14:59:28.0616 0x14f8  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
14:59:28.0640 0x14f8  swprv - ok
14:59:28.0651 0x14f8  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:59:28.0656 0x14f8  Synth3dVsc - ok
14:59:28.0688 0x14f8  [ 1DEB6BC29F9B183528A21BA522AC3278, 8518527A9DDFD8B58AED1A7C1A1CFB4153DA34B634117AC91A94993EC5F76A80 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:59:28.0711 0x14f8  SynTP - ok
14:59:28.0762 0x14f8  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:59:28.0807 0x14f8  SysMain - ok
14:59:28.0845 0x14f8  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:59:28.0868 0x14f8  SystemEventsBroker - ok
14:59:28.0883 0x14f8  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:59:28.0897 0x14f8  TabletInputService - ok
14:59:28.0919 0x14f8  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:59:28.0939 0x14f8  TapiSrv - ok
14:59:29.0048 0x14f8  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:59:29.0145 0x14f8  Tcpip - ok
14:59:29.0248 0x14f8  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
14:59:29.0320 0x14f8  Tcpip6 - ok
14:59:29.0349 0x14f8  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:59:29.0353 0x14f8  tcpipreg - ok
14:59:29.0372 0x14f8  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:59:29.0378 0x14f8  tdx - ok
14:59:29.0388 0x14f8  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:59:29.0392 0x14f8  terminpt - ok
14:59:29.0439 0x14f8  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
14:59:29.0482 0x14f8  TermService - ok
14:59:29.0496 0x14f8  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:59:29.0507 0x14f8  Themes - ok
14:59:29.0526 0x14f8  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:59:29.0545 0x14f8  TieringEngineService - ok
14:59:29.0575 0x14f8  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
14:59:29.0600 0x14f8  tiledatamodelsvc - ok
14:59:29.0635 0x14f8  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
14:59:29.0651 0x14f8  TimeBroker - ok
14:59:29.0679 0x14f8  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
14:59:29.0689 0x14f8  TPM - ok
14:59:29.0703 0x14f8  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:59:29.0716 0x14f8  TrkWks - ok
14:59:29.0729 0x14f8  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:59:29.0734 0x14f8  TrustedInstaller - ok
14:59:29.0749 0x14f8  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
14:59:29.0755 0x14f8  tsusbflt - ok
14:59:29.0767 0x14f8  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:59:29.0770 0x14f8  TsUsbGD - ok
14:59:29.0784 0x14f8  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
14:59:29.0791 0x14f8  tunnel - ok
14:59:29.0803 0x14f8  [ 72E24CD1662577B38779B5E768C48FEE, 66BFD18CEDEEF358B04B81C65BC12606632FB1B2DAD4EC8405962DE1054D08CA ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
14:59:29.0808 0x14f8  TXEIx64 - ok
14:59:29.0821 0x14f8  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
14:59:29.0834 0x14f8  tzautoupdate - ok
14:59:29.0845 0x14f8  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
14:59:29.0850 0x14f8  uagp35 - ok
14:59:29.0863 0x14f8  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:59:29.0868 0x14f8  UASPStor - ok
14:59:29.0879 0x14f8  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
14:59:29.0883 0x14f8  UcmCx0101 - ok
14:59:29.0895 0x14f8  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:59:29.0899 0x14f8  UcmUcsi - ok
14:59:29.0932 0x14f8  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
14:59:29.0941 0x14f8  Ucx01000 - ok
14:59:29.0951 0x14f8  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
14:59:29.0955 0x14f8  UdeCx - ok
14:59:29.0976 0x14f8  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:59:29.0989 0x14f8  udfs - ok
14:59:30.0000 0x14f8  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:59:30.0003 0x14f8  UEFI - ok
14:59:30.0021 0x14f8  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
14:59:30.0033 0x14f8  Ufx01000 - ok
14:59:30.0046 0x14f8  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
14:59:30.0051 0x14f8  UfxChipidea - ok
14:59:30.0065 0x14f8  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
14:59:30.0072 0x14f8  ufxsynopsys - ok
14:59:30.0094 0x14f8  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:59:30.0105 0x14f8  UI0Detect - ok
14:59:30.0117 0x14f8  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
14:59:30.0122 0x14f8  uliagpkx - ok
14:59:30.0133 0x14f8  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:59:30.0137 0x14f8  umbus - ok
14:59:30.0147 0x14f8  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:59:30.0150 0x14f8  UmPass - ok
14:59:30.0182 0x14f8  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:59:30.0201 0x14f8  UmRdpService - ok
14:59:30.0259 0x14f8  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
14:59:30.0309 0x14f8  UnistoreSvc - ok
14:59:30.0353 0x14f8  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:59:30.0376 0x14f8  upnphost - ok
14:59:30.0386 0x14f8  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
14:59:30.0390 0x14f8  UrsChipidea - ok
14:59:30.0400 0x14f8  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
14:59:30.0405 0x14f8  UrsCx01000 - ok
14:59:30.0416 0x14f8  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
14:59:30.0420 0x14f8  UrsSynopsys - ok
14:59:30.0434 0x14f8  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
14:59:30.0439 0x14f8  USBAAPL64 - ok
14:59:30.0454 0x14f8  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:59:30.0462 0x14f8  usbaudio - ok
14:59:30.0477 0x14f8  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:59:30.0485 0x14f8  usbccgp - ok
__________________
Alt 01.02.2016, 16:16   #4
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Logdatei_Teil_3


Code:
ATTFilter
14:59:30.0498 0x14f8  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:59:30.0504 0x14f8  usbcir - ok
14:59:30.0517 0x14f8  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:59:30.0523 0x14f8  usbehci - ok
14:59:30.0560 0x14f8  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:59:30.0579 0x14f8  usbhub - ok
14:59:30.0625 0x14f8  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:59:30.0648 0x14f8  USBHUB3 - ok
14:59:30.0659 0x14f8  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:59:30.0663 0x14f8  usbohci - ok
14:59:30.0673 0x14f8  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:59:30.0676 0x14f8  usbprint - ok
14:59:30.0688 0x14f8  [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
14:59:30.0693 0x14f8  usbser - ok
14:59:30.0707 0x14f8  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:59:30.0714 0x14f8  USBSTOR - ok
14:59:30.0725 0x14f8  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:59:30.0729 0x14f8  usbuhci - ok
14:59:30.0746 0x14f8  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
14:59:30.0756 0x14f8  usbvideo - ok
14:59:30.0792 0x14f8  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:59:30.0808 0x14f8  USBXHCI - ok
14:59:30.0818 0x14f8  [ FECB9A2BDE6DB505C346490C3746FEEA, F2CFAC58DE3F467B74B660F68F44EE72AEDAE33499DCF92C7AACD108803C62A9 ] usb_rndisx      C:\WINDOWS\System32\drivers\usb8023x.sys
14:59:30.0822 0x14f8  usb_rndisx - ok
14:59:30.0889 0x14f8  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
14:59:30.0949 0x14f8  UserDataSvc - ok
14:59:31.0037 0x14f8  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
14:59:31.0077 0x14f8  UserManager - ok
14:59:31.0103 0x14f8  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
14:59:31.0124 0x14f8  UsoSvc - ok
14:59:31.0136 0x14f8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:59:31.0144 0x14f8  VaultSvc - ok
14:59:31.0154 0x14f8  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:59:31.0159 0x14f8  vdrvroot - ok
14:59:31.0193 0x14f8  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
14:59:31.0223 0x14f8  vds - ok
14:59:31.0241 0x14f8  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:59:31.0250 0x14f8  VerifierExt - ok
14:59:31.0294 0x14f8  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:59:31.0321 0x14f8  vhdmp - ok
14:59:31.0334 0x14f8  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
14:59:31.0338 0x14f8  vhf - ok
14:59:31.0350 0x14f8  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:59:31.0356 0x14f8  vmbus - ok
14:59:31.0366 0x14f8  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:59:31.0369 0x14f8  VMBusHID - ok
14:59:31.0398 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:59:31.0421 0x14f8  vmicguestinterface - ok
14:59:31.0447 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
14:59:31.0465 0x14f8  vmicheartbeat - ok
14:59:31.0492 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:59:31.0511 0x14f8  vmickvpexchange - ok
14:59:31.0541 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
14:59:31.0560 0x14f8  vmicrdv - ok
14:59:31.0587 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
14:59:31.0606 0x14f8  vmicshutdown - ok
14:59:31.0641 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
14:59:31.0660 0x14f8  vmictimesync - ok
14:59:31.0687 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
14:59:31.0706 0x14f8  vmicvmsession - ok
14:59:31.0732 0x14f8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
14:59:31.0751 0x14f8  vmicvss - ok
14:59:31.0763 0x14f8  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:59:31.0768 0x14f8  volmgr - ok
14:59:31.0800 0x14f8  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
14:59:31.0816 0x14f8  volmgrx - ok
14:59:31.0853 0x14f8  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
14:59:31.0871 0x14f8  volsnap - ok
14:59:31.0883 0x14f8  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:59:31.0888 0x14f8  vpci - ok
14:59:31.0904 0x14f8  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
14:59:31.0912 0x14f8  vsmraid - ok
14:59:31.0976 0x14f8  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
14:59:32.0035 0x14f8  VSS - ok
14:59:32.0070 0x14f8  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:59:32.0084 0x14f8  VSTXRAID - ok
14:59:32.0095 0x14f8  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:59:32.0098 0x14f8  vwifibus - ok
14:59:32.0110 0x14f8  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
14:59:32.0115 0x14f8  vwififlt - ok
14:59:32.0126 0x14f8  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
14:59:32.0129 0x14f8  vwifimp - ok
14:59:32.0160 0x14f8  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
14:59:32.0187 0x14f8  W32Time - ok
14:59:32.0198 0x14f8  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:59:32.0202 0x14f8  WacomPen - ok
14:59:32.0244 0x14f8  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
14:59:32.0270 0x14f8  WalletService - ok
14:59:32.0283 0x14f8  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:59:32.0288 0x14f8  wanarp - ok
14:59:32.0297 0x14f8  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:59:32.0302 0x14f8  wanarpv6 - ok
14:59:32.0364 0x0758  Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
14:59:32.0396 0x14f8  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:59:32.0458 0x14f8  wbengine - ok
14:59:32.0498 0x14f8  [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:59:32.0528 0x14f8  WbioSrvc - ok
14:59:32.0563 0x14f8  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:59:32.0592 0x14f8  Wcmsvc - ok
14:59:32.0621 0x14f8  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
14:59:32.0646 0x14f8  wcncsvc - ok
14:59:32.0658 0x14f8  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:59:32.0669 0x14f8  WcsPlugInService - ok
14:59:32.0680 0x14f8  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:59:32.0685 0x14f8  WdBoot - ok
14:59:32.0726 0x14f8  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:59:32.0756 0x14f8  Wdf01000 - ok
14:59:32.0778 0x14f8  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:59:32.0790 0x14f8  WdFilter - ok
14:59:32.0804 0x14f8  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:59:32.0816 0x14f8  WdiServiceHost - ok
14:59:32.0827 0x14f8  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
14:59:32.0840 0x14f8  WdiSystemHost - ok
14:59:32.0875 0x14f8  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
14:59:32.0901 0x14f8  wdiwifi - ok
14:59:32.0918 0x14f8  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:59:32.0924 0x14f8  WdNisDrv - ok
14:59:32.0933 0x14f8  WdNisSvc - ok
14:59:32.0954 0x14f8  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:59:32.0971 0x14f8  WebClient - ok
14:59:33.0000 0x14f8  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:59:33.0017 0x14f8  Wecsvc - ok
14:59:33.0028 0x14f8  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:59:33.0038 0x14f8  WEPHOSTSVC - ok
14:59:33.0051 0x14f8  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
14:59:33.0064 0x14f8  wercplsupport - ok
14:59:33.0079 0x14f8  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:59:33.0092 0x14f8  WerSvc - ok
14:59:33.0107 0x14f8  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
14:59:33.0115 0x14f8  WFPLWFS - ok
14:59:33.0130 0x14f8  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:59:33.0142 0x14f8  WiaRpc - ok
14:59:33.0166 0x14f8  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:59:33.0170 0x14f8  WIMMount - ok
14:59:33.0177 0x14f8  WinDefend - ok
14:59:33.0205 0x14f8  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
14:59:33.0211 0x14f8  WindowsTrustedRT - ok
14:59:33.0221 0x14f8  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:59:33.0225 0x14f8  WindowsTrustedRTProxy - ok
14:59:33.0265 0x14f8  [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:59:33.0301 0x14f8  WinHttpAutoProxySvc - ok
14:59:33.0314 0x14f8  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
14:59:33.0317 0x14f8  WinMad - ok
14:59:33.0352 0x14f8  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:59:33.0362 0x14f8  Winmgmt - ok
14:59:33.0483 0x14f8  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:59:33.0593 0x14f8  WinRM - ok
14:59:33.0638 0x14f8  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
14:59:33.0643 0x14f8  WINUSB - ok
14:59:33.0656 0x14f8  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
14:59:33.0660 0x14f8  WinVerbs - ok
14:59:33.0777 0x14f8  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
14:59:33.0864 0x14f8  WlanSvc - ok
14:59:33.0961 0x14f8  [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
14:59:34.0040 0x14f8  wlidsvc - ok
14:59:34.0054 0x14f8  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
14:59:34.0057 0x14f8  WmiAcpi - ok
14:59:34.0079 0x14f8  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:59:34.0088 0x14f8  wmiApSrv - ok
14:59:34.0096 0x14f8  WMPNetworkSvc - ok
14:59:34.0115 0x14f8  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
14:59:34.0124 0x14f8  Wof - ok
14:59:34.0210 0x14f8  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:59:34.0285 0x14f8  workfolderssvc - ok
14:59:34.0302 0x14f8  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:59:34.0307 0x14f8  wpcfltr - ok
14:59:34.0322 0x14f8  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:59:34.0335 0x14f8  WPDBusEnum - ok
14:59:34.0346 0x14f8  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:59:34.0350 0x14f8  WpdUpFltr - ok
14:59:34.0363 0x14f8  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
14:59:34.0377 0x14f8  WpnService - ok
14:59:34.0389 0x14f8  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:59:34.0392 0x14f8  ws2ifsl - ok
14:59:34.0411 0x14f8  [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:59:34.0429 0x14f8  wscsvc - ok
14:59:34.0440 0x14f8  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
14:59:34.0443 0x14f8  WSDPrintDevice - ok
14:59:34.0458 0x14f8  WSearch - ok
14:59:34.0620 0x14f8  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
14:59:34.0772 0x14f8  WSService - ok
14:59:34.0906 0x14f8  [ C46159A366C6AA90F1B742999745FA36, AE55797A1C703726359B0B609BEDB7F3C59BE3E81FF736987CD8E5E23195B42E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:59:34.0996 0x14f8  wuauserv - ok
14:59:35.0016 0x14f8  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:59:35.0022 0x14f8  WudfPf - ok
14:59:35.0040 0x14f8  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
14:59:35.0050 0x14f8  WUDFRd - ok
14:59:35.0065 0x14f8  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:59:35.0079 0x14f8  wudfsvc - ok
14:59:35.0114 0x14f8  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:59:35.0122 0x14f8  WUDFWpdFs - ok
14:59:35.0178 0x14f8  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:59:35.0231 0x14f8  WwanSvc - ok
14:59:35.0279 0x14f8  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
14:59:35.0325 0x14f8  XblAuthManager - ok
14:59:35.0378 0x14f8  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
14:59:35.0427 0x14f8  XblGameSave - ok
14:59:35.0448 0x14f8  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
14:59:35.0458 0x14f8  xboxgip - ok
14:59:35.0507 0x14f8  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
14:59:35.0552 0x14f8  XboxNetApiSvc - ok
14:59:35.0567 0x14f8  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
14:59:35.0571 0x14f8  xinputhid - ok
14:59:35.0577 0x14f8  ================ Scan global ===============================
14:59:35.0623 0x14f8  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
14:59:35.0664 0x14f8  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
14:59:35.0703 0x14f8  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
14:59:35.0741 0x0758  Object send P2P result: true
14:59:35.0742 0x0758  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
14:59:35.0752 0x14f8  [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
14:59:35.0774 0x14f8  [ Global ] - ok
14:59:35.0775 0x14f8  ================ Scan MBR ==================================
14:59:35.0792 0x14f8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:59:35.0872 0x14f8  \Device\Harddisk0\DR0 - ok
14:59:35.0873 0x14f8  ================ Scan VBR ==================================
14:59:35.0880 0x14f8  [ B217A32B5F8DAE2736B8B8B95610F542 ] \Device\Harddisk0\DR0\Partition1
14:59:35.0926 0x14f8  \Device\Harddisk0\DR0\Partition1 - ok
14:59:35.0933 0x14f8  [ 5B5E61635DA3B62040CF2FF00471ED71 ] \Device\Harddisk0\DR0\Partition2
14:59:35.0952 0x14f8  \Device\Harddisk0\DR0\Partition2 - ok
14:59:35.0959 0x14f8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:59:35.0959 0x14f8  \Device\Harddisk0\DR0\Partition3 - ok
14:59:35.0968 0x14f8  [ 0ABA2A788E2A06BD6677AA1214BEE087 ] \Device\Harddisk0\DR0\Partition4
14:59:35.0987 0x14f8  \Device\Harddisk0\DR0\Partition4 - ok
14:59:35.0994 0x14f8  [ 7D35943F8D8BBC4792417A62BEE4E844 ] \Device\Harddisk0\DR0\Partition5
14:59:36.0045 0x14f8  \Device\Harddisk0\DR0\Partition5 - ok
14:59:36.0071 0x14f8  [ E1C1932A638C90F62A583364AC00F2FF ] \Device\Harddisk0\DR0\Partition6
14:59:36.0083 0x14f8  \Device\Harddisk0\DR0\Partition6 - ok
14:59:36.0089 0x14f8  [ 845A652928A6C7A6786B7F7013F008E6 ] \Device\Harddisk0\DR0\Partition7
14:59:36.0139 0x14f8  \Device\Harddisk0\DR0\Partition7 - ok
14:59:36.0146 0x14f8  [ 8174D599EFEE97C0E97DB30FC20DA906 ] \Device\Harddisk0\DR0\Partition8
14:59:36.0159 0x14f8  \Device\Harddisk0\DR0\Partition8 - ok
14:59:36.0166 0x14f8  [ E54A5E77FCF0F43DEC3195D6DAA7070F ] \Device\Harddisk0\DR0\Partition9
14:59:36.0184 0x14f8  \Device\Harddisk0\DR0\Partition9 - ok
14:59:36.0190 0x14f8  [ E13A9539827D336D91D16C94BA4E657D ] \Device\Harddisk0\DR0\Partition10
14:59:36.0212 0x14f8  \Device\Harddisk0\DR0\Partition10 - ok
14:59:36.0220 0x14f8  [ 620CB0D9B1076A810A8024C5577B2EFE ] \Device\Harddisk0\DR0\Partition11
14:59:36.0245 0x14f8  \Device\Harddisk0\DR0\Partition11 - ok
14:59:36.0246 0x14f8  ================ Scan generic autorun ======================
14:59:36.0850 0x14f8  [ 7068A2E090D56297A476C289CD2ABA41, 48FA908A5352B777FA0AB546AADEBD47DCA117FDFDF1D75E2A2D3E2F0B3DD83B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:59:37.0388 0x14f8  RtHDVCpl - ok
14:59:37.0488 0x14f8  [ 668469AF43FD603610A56D91DC201F30, C6385B462CE5EEA5F6EB63B5646F413AE21DE4EFBA4C914E6FD7AEFAF487C11F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:59:37.0536 0x14f8  RtHDVBg_Dolby - ok
14:59:37.0562 0x14f8  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
14:59:37.0569 0x14f8  BCSSync - ok
14:59:37.0570 0x14f8  SynTPEnh - ok
14:59:37.0587 0x14f8  [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
14:59:37.0594 0x14f8  iTunesHelper - ok
14:59:37.0618 0x14f8  [ 72334F906C2E2B002CDD2FF9022FD957, 991F7C606E122BBD388BA37E56B37CC6D2DCA304784E4CE06018D698C57F320F ] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
14:59:37.0630 0x14f8  PAC7302_Monitor - ok
14:59:37.0650 0x14f8  [ 4E9AF25BA5E8219310E384AEA5B0EED8, 743062F755E7A88BA394E96CA26A988CCFDF73B441B779B3149D54A769CBC411 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
14:59:37.0656 0x14f8  CLMLServer_For_P2G8 - ok
14:59:37.0690 0x14f8  [ 806222C9B0B8606061830527296328ED, 93E241CA93177D63120A97BF72B91A1EA3D14BE4ADB210181AF975074268183F ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
14:59:37.0708 0x14f8  CLVirtualDrive - ok
14:59:37.0728 0x14f8  [ 0966408A384E8B0FE57B0008E18D561C, 045AB5798CAFA7D27E7D02F780B3508EBF34C0991C8EF166A61CF869D9399B70 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
14:59:37.0733 0x14f8  RemoteControl10 - ok
14:59:37.0752 0x14f8  [ 249348AC5BF38938B713756DBA286956, 5F8A441D9DD617A28F6BB8522957A718FDBFF4D031EE7D5796D77BA720FB6694 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
14:59:37.0762 0x14f8  YouCam Service - ok
14:59:37.0836 0x14f8  [ 4E8C895616B22D8A7AFA6AC52E02E996, 41589C10705E36B08A661E48BB8058D5E80671A7522C3B9441F29C9345AC8EF7 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
14:59:37.0879 0x14f8  BrMfcWnd - ok
14:59:37.0894 0x14f8  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
14:59:37.0901 0x14f8  ControlCenter3 - ok
14:59:37.0960 0x14f8  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:59:37.0988 0x14f8  avgnt - ok
14:59:38.0088 0x14f8  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe
14:59:38.0157 0x14f8  ISUSPM - ok
14:59:38.0199 0x14f8  [ 5ABDB69094C3595524165649B5DA6ADA, B644C7CAF439C76E7F476FB15A0AFA09CF3C7B81C1E4F19B821E732D2E2D3B0D ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
14:59:38.0203 0x14f8  PaperPort PTD - ok
14:59:38.0212 0x14f8  [ 4492AFBDBC42D5E3EA219A9092976861, D0B4BA8A468EE82568D1672DB6B3294DACF8D5D182373629C4E090195B714B1C ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
14:59:38.0215 0x14f8  IndexSearch - ok
14:59:38.0277 0x14f8  [ 9C68BA857191DE7B45651D6773036870, 1BB1A2B56F071BAAF60551877F8215BB6F011E8E21AD5F81BF80FCFBE45A5F36 ] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe
14:59:38.0291 0x14f8  PPort14reminder - ok
14:59:38.0348 0x0758  Object send P2P result: true
14:59:38.0348 0x0758  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
14:59:38.0628 0x14f8  [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:59:38.0857 0x14f8  AvastUI.exe - ok
14:59:38.0946 0x14f8  [ D19951000FC9E45A62BE182B79D7FF3A, 1156E8D9B1A13350F57F010C48EE30138CB04C69B3F9FFBD6F6F2B8D4C8AC148 ] C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe
14:59:38.0972 0x14f8  PDFCreHook - ok
14:59:38.0986 0x14f8  [ 3D77D293E0A533F24A3FD21BA3293D0D, 43A88384C71160032A1E5A740DBA1E25E36ACE4C6FA7FE6204292C5D07B60052 ] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe
14:59:38.0993 0x14f8  PDF7 Registry Controller - ok
14:59:39.0005 0x14f8  [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
14:59:39.0011 0x14f8  Avira Systray - ok
14:59:39.0047 0x14f8  [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
14:59:39.0063 0x14f8  QuickTime Task - ok
14:59:39.0169 0x14f8  [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
14:59:39.0242 0x14f8  EaseUS EPM tray - ok
14:59:39.0388 0x14f8  [ DEF92CF2964226C10D3F91453471328B, 62F4B119154E382B93244319D47A6C75FA093E8EB29BD47C625CB6C56D0B1D15 ] C:\Program Files (x86)\Forum Verlag\Unternehmensbewertung direkt\ForumUpdater.exe
14:59:39.0485 0x14f8  Forum Updater - ok
14:59:39.0515 0x14f8  [ 7EE1757A50F7C13C0A1BFE58763A2AD3, 322091A9F2287A6782143D2D5D962E7A7C08467D749F0811DBE8F14856B5B817 ] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
14:59:39.0527 0x14f8  LexwareInfoService - ok
14:59:39.0596 0x14f8  [ 2677033DA8C3447B00DA64C7D338A07B, 0409976C64F42038DE60006497AFD1CAC3B7DB440C338F80E06B3FB269E6CAD3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:59:39.0618 0x14f8  SunJavaUpdateSched - ok
14:59:39.0991 0x14f8  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:59:40.0295 0x14f8  OneDriveSetup - ok
14:59:40.0646 0x14f8  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:59:40.0822 0x0758  Object send P2P result: true
14:59:40.0828 0x0758  Object required for P2P: [ AA97872166AB4201540FB92C0BD6683F ] Lexware_Update_Service
14:59:40.0947 0x14f8  OneDriveSetup - ok
14:59:41.0184 0x14f8  [ 781DCED079ABD884DF8CA22B6FA30F05, 392C39D4E26AAE801786EE9A2671FDFFF18991A27046853B13ACA90E4B2D3998 ] C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:59:41.0293 0x14f8  Spotify Web Helper - ok
14:59:41.0443 0x14f8  [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
14:59:41.0563 0x14f8  MyDriveConnect.exe - ok
14:59:41.0643 0x14f8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe
14:59:41.0649 0x14f8  Dropbox Update - ok
14:59:41.0693 0x14f8  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:59:41.0713 0x14f8  OneDrive - ok
14:59:41.0756 0x14f8  [ 527CF721F78B2DF6A1570F93899A0AA8, 1F08074DA90593E7EDC63C072B784BE438C5EC94FE992433053D6B75CDEE78EB ] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
14:59:41.0795 0x14f8  OfficeSyncProcess - ok
14:59:41.0903 0x14f8  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
14:59:41.0913 0x14f8  Uninstall C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 - ok
14:59:41.0915 0x14f8  Waiting for KSN requests completion. In queue: 383
14:59:42.0917 0x14f8  Waiting for KSN requests completion. In queue: 383
14:59:43.0308 0x0758  Object send P2P result: true
14:59:43.0313 0x0758  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
14:59:43.0917 0x14f8  Waiting for KSN requests completion. In queue: 352
14:59:44.0460 0x0974  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
14:59:44.0918 0x14f8  Waiting for KSN requests completion. In queue: 288
14:59:45.0919 0x14f8  Waiting for KSN requests completion. In queue: 288
14:59:46.0096 0x0758  Object send P2P result: true
14:59:46.0119 0x0758  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
14:59:46.0919 0x14f8  Waiting for KSN requests completion. In queue: 136
14:59:46.0958 0x0974  Object send P2P result: true
14:59:46.0971 0x0974  Object required for P2P: [ 8A312D5764B4FC4C55CEDDEED4652CF1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:59:47.0919 0x14f8  Waiting for KSN requests completion. In queue: 57
14:59:48.0630 0x0758  Object send P2P result: true
14:59:48.0635 0x0758  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
14:59:48.0920 0x14f8  Waiting for KSN requests completion. In queue: 34
14:59:49.0920 0x14f8  Waiting for KSN requests completion. In queue: 34
14:59:50.0921 0x14f8  Waiting for KSN requests completion. In queue: 34
14:59:51.0119 0x0758  Object send P2P result: true
14:59:51.0921 0x14f8  Waiting for KSN requests completion. In queue: 17
14:59:52.0823 0x0974  Object send P2P result: true
14:59:52.0825 0x0974  Object required for P2P: [ 781DCED079ABD884DF8CA22B6FA30F05 ] C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:59:52.0922 0x14f8  Waiting for KSN requests completion. In queue: 6
14:59:53.0923 0x14f8  Waiting for KSN requests completion. In queue: 6
14:59:54.0923 0x14f8  Waiting for KSN requests completion. In queue: 6
14:59:55.0303 0x0974  Object send P2P result: true
14:59:55.0304 0x0974  Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
14:59:55.0924 0x14f8  Waiting for KSN requests completion. In queue: 5
14:59:56.0925 0x14f8  Waiting for KSN requests completion. In queue: 5
14:59:57.0772 0x0974  Object send P2P result: true
14:59:57.0772 0x0974  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:59:57.0925 0x14f8  Waiting for KSN requests completion. In queue: 3
14:59:58.0925 0x14f8  Waiting for KSN requests completion. In queue: 3
14:59:59.0926 0x14f8  Waiting for KSN requests completion. In queue: 3
15:00:00.0252 0x0974  Object send P2P result: true
15:00:00.0252 0x0974  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
15:00:00.0926 0x14f8  Waiting for KSN requests completion. In queue: 1
15:00:01.0926 0x14f8  Waiting for KSN requests completion. In queue: 1
15:00:02.0730 0x0974  Object send P2P result: true
15:00:03.0043 0x14f8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
15:00:03.0067 0x14f8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
15:00:03.0074 0x14f8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
15:00:03.0083 0x14f8  Win FW state via NFP2: enabled ( trusted )
15:00:05.0489 0x14f8  ============================================================
15:00:05.0489 0x14f8  Scan finished
15:00:05.0489 0x14f8  ============================================================
15:00:05.0507 0x1070  Detected object count: 0
15:00:05.0507 0x1070  Actual detected object count: 0
15:19:38.0690 0x13fc  ============================================================
15:19:38.0690 0x13fc  Scan started
15:19:38.0690 0x13fc  Mode: Manual; SigCheck; TDLFS; 
15:19:38.0690 0x13fc  ============================================================
15:19:38.0690 0x13fc  KSN ping started
15:19:42.0401 0x13fc  KSN ping finished: true
15:19:42.0796 0x13fc  ================ Scan system memory ========================
15:19:42.0796 0x13fc  System memory - ok
15:19:42.0797 0x13fc  ================ Scan services =============================
15:19:42.0922 0x13fc  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:19:43.0150 0x13fc  1394ohci - ok
15:19:43.0164 0x13fc  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:19:43.0243 0x13fc  3ware - ok
15:19:43.0273 0x13fc  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:19:43.0403 0x13fc  ACPI - ok
15:19:43.0418 0x13fc  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:19:43.0499 0x13fc  acpiex - ok
15:19:43.0508 0x13fc  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:19:43.0581 0x13fc  acpipagr - ok
15:19:43.0590 0x13fc  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:19:43.0651 0x13fc  AcpiPmi - ok
15:19:43.0662 0x13fc  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:19:43.0720 0x13fc  acpitime - ok
15:19:43.0735 0x13fc  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:19:43.0761 0x13fc  AdobeARMservice - ok
15:19:43.0830 0x13fc  [ 10A03D78A40260464DDFD04B5F66ACDC, 19EA03A8003BFACF94D6E26528822F0623395AC95A387603ADA32186BAD36F39 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:19:43.0861 0x13fc  AdobeFlashPlayerUpdateSvc - ok
15:19:43.0918 0x13fc  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:19:44.0058 0x13fc  ADP80XX - ok
15:19:44.0095 0x13fc  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:19:44.0215 0x13fc  AFD - ok
15:19:44.0229 0x13fc  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
15:19:44.0285 0x13fc  agp440 - ok
15:19:44.0302 0x13fc  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:19:44.0384 0x13fc  ahcache - ok
15:19:44.0394 0x13fc  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
15:19:44.0435 0x13fc  AJRouter - ok
15:19:44.0447 0x13fc  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
15:19:44.0490 0x13fc  ALG - ok
15:19:44.0503 0x13fc  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:19:44.0566 0x13fc  AmdK8 - ok
15:19:44.0579 0x13fc  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:19:44.0640 0x13fc  AmdPPM - ok
15:19:44.0652 0x13fc  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:19:44.0719 0x13fc  amdsata - ok
15:19:44.0738 0x13fc  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:19:44.0821 0x13fc  amdsbs - ok
15:19:44.0831 0x13fc  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:19:44.0904 0x13fc  amdxata - ok
15:19:44.0967 0x13fc  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:19:45.0125 0x13fc  AntiVirMailService - ok
15:19:45.0127 0x13fc  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
15:19:47.0606 0x13fc  Object send P2P result: true
15:19:47.0631 0x13fc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:19:47.0669 0x13fc  AntiVirSchedulerService - ok
15:19:47.0670 0x13fc  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
15:19:50.0142 0x13fc  Object send P2P result: true
15:19:50.0169 0x13fc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:19:50.0205 0x13fc  AntiVirService - ok
15:19:50.0206 0x13fc  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
15:19:53.0056 0x13fc  Object send P2P result: true
15:19:53.0146 0x13fc  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:19:53.0221 0x13fc  AntiVirWebService - ok
15:19:53.0224 0x13fc  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
15:19:55.0703 0x13fc  Object send P2P result: true
15:19:55.0719 0x13fc  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:19:55.0812 0x13fc  AppID - ok
15:19:55.0823 0x13fc  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:19:55.0878 0x13fc  AppIDSvc - ok
15:19:55.0890 0x13fc  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:19:55.0940 0x13fc  Appinfo - ok
15:19:55.0959 0x13fc  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:19:55.0981 0x13fc  Apple Mobile Device Service - ok
15:19:56.0010 0x13fc  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:19:56.0084 0x13fc  AppReadiness - ok
15:19:56.0199 0x13fc  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:19:56.0380 0x13fc  AppXSvc - ok
15:19:56.0400 0x13fc  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:19:56.0464 0x13fc  arcsas - ok
15:19:56.0476 0x13fc  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
15:19:56.0565 0x13fc  aswHwid - ok
15:19:56.0579 0x13fc  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
15:19:56.0650 0x13fc  aswMonFlt - ok
15:19:56.0667 0x13fc  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
15:19:56.0741 0x13fc  aswRdr - ok
15:19:56.0754 0x13fc  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
15:19:56.0796 0x13fc  aswRvrt - ok
15:19:56.0847 0x13fc  [ 0BCDF7DF06B4407A7EB0443AADB3DD27, 3D33FFBECFE4766FE66B1269B7B218D03D7ED9E58A9C27E8D8B84474F30DBB19 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
15:19:56.0965 0x13fc  aswSnx - ok
15:19:56.0998 0x13fc  [ 619CA9F210F0F36F8162E5B7BFDDA5CD, D0D87549BD32F575E518B510085F86D434C3B948733391A6F7959918D761F29B ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
15:19:57.0039 0x13fc  aswSP - ok
15:19:57.0057 0x13fc  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
15:19:57.0084 0x13fc  aswStm - ok
15:19:57.0103 0x13fc  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
15:19:57.0192 0x13fc  aswVmm - ok
15:19:57.0203 0x13fc  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
15:19:57.0270 0x13fc  AsyncMac - ok
15:19:57.0281 0x13fc  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:19:57.0331 0x13fc  atapi - ok
15:19:57.0349 0x13fc  [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:19:57.0438 0x13fc  AudioEndpointBuilder - ok
15:19:57.0489 0x13fc  [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:19:57.0588 0x13fc  Audiosrv - ok
15:19:57.0612 0x13fc  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:19:57.0643 0x13fc  avast! Antivirus - ok
15:19:57.0658 0x13fc  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:19:57.0712 0x13fc  avgntflt - ok
15:19:57.0726 0x13fc  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:19:57.0768 0x13fc  avipbb - ok
15:19:57.0768 0x13fc  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
15:20:00.0253 0x13fc  Object send P2P result: true
15:20:00.0270 0x13fc  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
15:20:00.0297 0x13fc  Avira.OE.ServiceHost - ok
15:20:00.0308 0x13fc  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:20:00.0345 0x13fc  avkmgr - ok
15:20:00.0357 0x13fc  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
15:20:00.0394 0x13fc  avnetflt - ok
15:20:00.0394 0x13fc  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
15:20:03.0657 0x13fc  Object send P2P result: true
15:20:03.0669 0x13fc  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:20:03.0717 0x13fc  AxInstSV - ok
15:20:03.0746 0x13fc  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:20:03.0924 0x13fc  b06bdrv - ok
15:20:03.0937 0x13fc  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:20:03.0999 0x13fc  BasicDisplay - ok
15:20:04.0026 0x13fc  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:20:04.0095 0x13fc  BasicRender - ok
15:20:04.0113 0x13fc  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
15:20:04.0149 0x13fc  bcmfn - ok
15:20:04.0158 0x13fc  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:20:04.0220 0x13fc  bcmfn2 - ok
15:20:04.0242 0x13fc  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:20:04.0303 0x13fc  BDESVC - ok
15:20:04.0312 0x13fc  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:20:04.0381 0x13fc  Beep - ok
15:20:04.0419 0x13fc  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
15:20:04.0506 0x13fc  BFE - ok
15:20:04.0560 0x13fc  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:20:04.0668 0x13fc  BITS - ok
15:20:04.0696 0x13fc  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:20:04.0730 0x13fc  Bonjour Service - ok
15:20:04.0745 0x13fc  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:20:04.0839 0x13fc  bowser - ok
15:20:04.0871 0x13fc  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:20:04.0942 0x13fc  BrokerInfrastructure - ok
15:20:04.0957 0x13fc  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
15:20:05.0002 0x13fc  Browser - ok
15:20:05.0013 0x13fc  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:20:05.0066 0x13fc  BthAvrcpTg - ok
15:20:05.0077 0x13fc  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:20:05.0141 0x13fc  BthHFEnum - ok
15:20:05.0151 0x13fc  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:20:05.0226 0x13fc  bthhfhid - ok
15:20:05.0247 0x13fc  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
15:20:05.0303 0x13fc  BthHFSrv - ok
15:20:05.0315 0x13fc  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:20:05.0411 0x13fc  BTHMODEM - ok
15:20:05.0457 0x13fc  [ 40811857B266F02D75DE654AE92D98C9, 964A50FA4A6B0D62B9D8135B2FB9D7222216F99230849CD5478278B06ACD9A5B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
15:20:05.0603 0x13fc  BTHPORT - ok
15:20:05.0617 0x13fc  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
Code:
ATTFilter
15:20:05.0659 0x13fc  bthserv - ok
15:20:05.0670 0x13fc  [ F001B81D47CEBF96E60CE971FFCC45C4, EE419B557C52B0F1704B5D58E7FA9A996B33E78CC02EA4CA1D28CAB8CFD77D95 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
15:20:05.0743 0x13fc  BTHUSB - ok
15:20:05.0755 0x13fc  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
15:20:05.0818 0x13fc  buttonconverter - ok
15:20:05.0832 0x13fc  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
15:20:05.0958 0x13fc  CapImg - ok
15:20:05.0970 0x13fc  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:20:06.0055 0x13fc  cdfs - ok
15:20:06.0073 0x13fc  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
15:20:06.0134 0x13fc  CDPSvc - ok
15:20:06.0149 0x13fc  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:20:06.0238 0x13fc  cdrom - ok
15:20:06.0255 0x13fc  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:20:06.0311 0x13fc  CertPropSvc - ok
15:20:06.0321 0x13fc  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:20:06.0377 0x13fc  circlass - ok
15:20:06.0402 0x13fc  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:20:06.0471 0x13fc  CLFS - ok
15:20:06.0505 0x13fc  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
15:20:06.0565 0x13fc  ClipSVC - ok
15:20:06.0596 0x13fc  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
15:20:06.0647 0x13fc  CLVirtualDrive - ok
15:20:06.0658 0x13fc  [ 39F71BF21E7F8EBE9B4810BC95EE26D6, 6134013F918D41A1AA8C814217A272F2C428FA3FE97DB66501FA50A488B0C991 ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
15:20:06.0706 0x13fc  clwvd - ok
15:20:06.0716 0x13fc  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:20:06.0791 0x13fc  CmBatt - ok
15:20:06.0825 0x13fc  [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:20:06.0938 0x13fc  CNG - ok
15:20:06.0950 0x13fc  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:20:07.0006 0x13fc  cnghwassist - ok
15:20:07.0053 0x13fc  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
15:20:07.0104 0x13fc  CompositeBus - ok
15:20:07.0112 0x13fc  COMSysApp - ok
15:20:07.0125 0x13fc  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:20:07.0171 0x13fc  condrv - ok
15:20:07.0208 0x13fc  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
15:20:07.0276 0x13fc  CoreMessagingRegistrar - ok
15:20:07.0339 0x13fc  [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
15:20:07.0382 0x13fc  cphs - ok
15:20:07.0403 0x13fc  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:20:07.0448 0x13fc  CryptSvc - ok
15:20:07.0466 0x13fc  [ 9FF6436D65CD8C798691373E28FBFB3B, 7A9ACD14679FB82E71EF4C47E43DAD931EC4FD727A5656AF8A3CC3B95D67EB5B ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
15:20:07.0488 0x13fc  CyberLink PowerDVD 10 MS Monitor Service - ok
15:20:07.0507 0x13fc  [ 06B5C625CB915E9A7A1F08A43E332FA1, 66F0BFE088B44ED3D36E62DC05200CD09F135FF63C447846C603D6246FABB9BE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
15:20:07.0541 0x13fc  CyberLink PowerDVD 10 MS Service - ok
15:20:07.0554 0x13fc  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:20:07.0603 0x13fc  dam - ok
15:20:07.0652 0x13fc  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:20:07.0774 0x13fc  DcomLaunch - ok
15:20:07.0794 0x13fc  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
15:20:07.0859 0x13fc  DcpSvc - ok
15:20:07.0888 0x13fc  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:20:07.0968 0x13fc  defragsvc - ok
15:20:07.0996 0x13fc  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:20:08.0061 0x13fc  DeviceAssociationService - ok
15:20:08.0074 0x13fc  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:20:08.0133 0x13fc  DeviceInstall - ok
15:20:08.0143 0x13fc  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
15:20:08.0182 0x13fc  DevQueryBroker - ok
15:20:08.0196 0x13fc  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:20:08.0255 0x13fc  Dfsc - ok
15:20:08.0278 0x13fc  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:20:08.0340 0x13fc  Dhcp - ok
15:20:08.0352 0x13fc  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:20:08.0391 0x13fc  diagnosticshub.standardcollector.service - ok
15:20:08.0468 0x13fc  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
15:20:08.0578 0x13fc  DiagTrack - ok
15:20:08.0609 0x13fc  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
15:20:08.0642 0x13fc  DigitalWave.Update.Service - ok
15:20:08.0656 0x13fc  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:20:08.0711 0x13fc  disk - ok
15:20:08.0731 0x13fc  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
15:20:08.0797 0x13fc  DmEnrollmentSvc - ok
15:20:08.0809 0x13fc  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:20:08.0865 0x13fc  dmvsc - ok
15:20:08.0876 0x13fc  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
15:20:08.0921 0x13fc  dmwappushservice - ok
15:20:08.0941 0x13fc  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:20:08.0999 0x13fc  Dnscache - ok
15:20:09.0023 0x13fc  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:20:09.0081 0x13fc  dot3svc - ok
15:20:09.0096 0x13fc  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
15:20:09.0169 0x13fc  DPS - ok
15:20:09.0179 0x13fc  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
15:20:09.0240 0x13fc  drmkaud - ok
15:20:09.0255 0x13fc  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:20:09.0306 0x13fc  DsmSvc - ok
15:20:09.0321 0x13fc  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
15:20:09.0368 0x13fc  DsSvc - ok
15:20:09.0451 0x13fc  [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:20:09.0660 0x13fc  DXGKrnl - ok
15:20:09.0678 0x13fc  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:20:09.0726 0x13fc  Eaphost - ok
15:20:09.0749 0x13fc  [ 04A83E99978F4BBB063074FF99D9E5D6, 0FAAFBD958D5A563EC9656F875B6ABE7B320EA85A92C062FE934E8EDFE38135F ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
15:20:09.0767 0x13fc  EaseUS Agent - ok
15:20:09.0918 0x13fc  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:20:10.0230 0x13fc  ebdrv - ok
15:20:10.0251 0x13fc  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
15:20:10.0286 0x13fc  EFS - ok
15:20:10.0298 0x13fc  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:20:10.0365 0x13fc  EhStorClass - ok
15:20:10.0378 0x13fc  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:20:10.0436 0x13fc  EhStorTcgDrv - ok
15:20:10.0450 0x13fc  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
15:20:10.0495 0x13fc  embeddedmode - ok
15:20:10.0516 0x13fc  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
15:20:10.0574 0x13fc  EntAppSvc - ok
15:20:10.0585 0x13fc  [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
15:20:10.0649 0x13fc  epmntdrv - ok
15:20:10.0659 0x13fc  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:20:10.0713 0x13fc  ErrDev - ok
15:20:10.0729 0x13fc  [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
15:20:10.0789 0x13fc  EUBAKUP - ok
15:20:10.0800 0x13fc  [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
15:20:10.0837 0x13fc  EUBKMON - ok
15:20:10.0846 0x13fc  [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
15:20:10.0896 0x13fc  EUDSKACS - ok
15:20:10.0912 0x13fc  [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
15:20:10.0954 0x13fc  EUFDDISK - ok
15:20:10.0963 0x13fc  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
15:20:10.0999 0x13fc  EuGdiDrv - ok
15:20:11.0030 0x13fc  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
15:20:11.0095 0x13fc  EventSystem - ok
15:20:11.0117 0x13fc  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:20:11.0217 0x13fc  exfat - ok
15:20:11.0241 0x13fc  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:20:11.0342 0x13fc  fastfat - ok
15:20:11.0376 0x13fc  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:20:11.0454 0x13fc  Fax - ok
15:20:11.0465 0x13fc  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:20:11.0549 0x13fc  fdc - ok
15:20:11.0559 0x13fc  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:20:11.0605 0x13fc  fdPHost - ok
15:20:11.0614 0x13fc  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:20:11.0662 0x13fc  FDResPub - ok
15:20:11.0675 0x13fc  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:20:11.0726 0x13fc  fhsvc - ok
15:20:11.0739 0x13fc  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
15:20:11.0826 0x13fc  FileCrypt - ok
15:20:11.0839 0x13fc  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:20:11.0886 0x13fc  FileInfo - ok
15:20:11.0895 0x13fc  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:20:11.0979 0x13fc  Filetrace - ok
15:20:11.0991 0x13fc  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:20:12.0046 0x13fc  flpydisk - ok
15:20:12.0068 0x13fc  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:20:12.0145 0x13fc  FltMgr - ok
15:20:12.0217 0x13fc  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:20:12.0363 0x13fc  FontCache - ok
15:20:12.0378 0x13fc  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:20:12.0410 0x13fc  FontCache3.0.0.0 - ok
15:20:12.0421 0x13fc  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:20:12.0466 0x13fc  FsDepends - ok
15:20:12.0476 0x13fc  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:20:12.0520 0x13fc  Fs_Rec - ok
15:20:12.0552 0x13fc  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:20:12.0641 0x13fc  fvevol - ok
15:20:12.0654 0x13fc  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
15:20:12.0728 0x13fc  gagp30kx - ok
15:20:12.0738 0x13fc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:20:12.0790 0x13fc  GEARAspiWDM - ok
15:20:12.0800 0x13fc  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:20:12.0852 0x13fc  gencounter - ok
15:20:12.0863 0x13fc  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
15:20:12.0917 0x13fc  genericusbfn - ok
15:20:12.0939 0x13fc  [ BE50C7FD9C390FA277516B166D16725F, F4295AABDEA348C182C9D690427BB8FC99F4F6CE16E29C310079B8C70DED9A21 ] GladFileMonSvc  C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
15:20:12.0960 0x13fc  GladFileMonSvc - ok
15:20:12.0979 0x13fc  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:20:13.0039 0x13fc  GPIOClx0101 - ok
15:20:13.0100 0x13fc  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:20:13.0237 0x13fc  gpsvc - ok
15:20:13.0251 0x13fc  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
15:20:13.0348 0x13fc  GpuEnergyDrv - ok
15:20:13.0362 0x13fc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:13.0386 0x13fc  gupdate - ok
15:20:13.0398 0x13fc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:13.0422 0x13fc  gupdatem - ok
15:20:13.0433 0x13fc  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:20:13.0489 0x13fc  HDAudBus - ok
15:20:13.0499 0x13fc  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:20:13.0549 0x13fc  HidBatt - ok
15:20:13.0562 0x13fc  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:20:13.0619 0x13fc  HidBth - ok
15:20:13.0631 0x13fc  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:20:13.0698 0x13fc  hidi2c - ok
15:20:13.0709 0x13fc  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
15:20:13.0763 0x13fc  hidinterrupt - ok
15:20:13.0773 0x13fc  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:20:13.0825 0x13fc  HidIr - ok
15:20:13.0836 0x13fc  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:20:13.0891 0x13fc  hidserv - ok
15:20:13.0901 0x13fc  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:20:13.0952 0x13fc  HidUsb - ok
15:20:13.0972 0x13fc  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:20:14.0029 0x13fc  HomeGroupListener - ok
15:20:14.0055 0x13fc  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:20:14.0123 0x13fc  HomeGroupProvider - ok
15:20:14.0136 0x13fc  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:20:14.0219 0x13fc  HpSAMD - ok
15:20:14.0233 0x13fc  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
15:20:14.0254 0x13fc  HTCMonitorService - ok
15:20:14.0265 0x13fc  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
15:20:14.0303 0x13fc  htcnprot - ok
15:20:14.0316 0x13fc  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys
15:20:14.0402 0x13fc  HtcVCom32 - ok
15:20:14.0452 0x13fc  [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:20:14.0570 0x13fc  HTTP - ok
15:20:14.0572 0x13fc  Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
15:20:17.0688 0x13fc  Object send P2P result: true
15:20:17.0699 0x13fc  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:20:17.0753 0x13fc  hwpolicy - ok
15:20:17.0762 0x13fc  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:20:17.0821 0x13fc  hyperkbd - ok
15:20:17.0833 0x13fc  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:20:17.0897 0x13fc  i8042prt - ok
15:20:17.0910 0x13fc  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
15:20:17.0964 0x13fc  iai2c - ok
15:20:17.0965 0x13fc  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
15:20:20.0462 0x13fc  Object send P2P result: true
15:20:20.0477 0x13fc  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
15:20:20.0535 0x13fc  iaLPSS2i_I2C - ok
15:20:20.0535 0x13fc  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
15:20:23.0015 0x13fc  Object send P2P result: true
15:20:23.0025 0x13fc  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:20:23.0073 0x13fc  iaLPSSi_GPIO - ok
15:20:23.0085 0x13fc  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:20:23.0128 0x13fc  iaLPSSi_I2C - ok
15:20:23.0160 0x13fc  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:20:23.0253 0x13fc  iaStorAV - ok
15:20:23.0280 0x13fc  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:20:23.0383 0x13fc  iaStorV - ok
15:20:23.0410 0x13fc  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
15:20:23.0492 0x13fc  ibbus - ok
15:20:23.0508 0x13fc  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:20:23.0535 0x13fc  ICCS - ok
15:20:23.0549 0x13fc  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
15:20:23.0626 0x13fc  icssvc - ok
15:20:23.0635 0x13fc  IEEtwCollectorService - ok
15:20:23.0793 0x13fc  [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
15:20:23.0987 0x13fc  igfx - ok
15:20:24.0023 0x13fc  [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
15:20:24.0061 0x13fc  igfxCUIService1.0.0.0 - ok
15:20:24.0120 0x13fc  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:20:24.0218 0x13fc  IKEEXT - ok
15:20:24.0239 0x13fc  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
15:20:24.0307 0x13fc  intaud_WaveExtensible - ok
15:20:24.0479 0x13fc  [ F45DDE64E87418F62BA75EFDB776F9B5, BE981697E58F4268DDBC0A2439EC182309EEA71897F6ECEB15BC767B9B7DE572 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:20:24.0760 0x13fc  IntcAzAudAddService - ok
15:20:24.0795 0x13fc  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:20:24.0836 0x13fc  IntcDAud - ok
15:20:24.0876 0x13fc  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
15:20:24.0937 0x13fc  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
15:20:24.0937 0x13fc  Detect skipped due to KSN trusted
15:20:24.0937 0x13fc  Intel(R) Capability Licensing Service Interface - ok
15:20:24.0975 0x13fc  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
15:20:25.0032 0x13fc  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:20:25.0047 0x13fc  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:20:25.0094 0x13fc  intelide - ok
15:20:25.0104 0x13fc  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:20:25.0167 0x13fc  intelpep - ok
15:20:25.0180 0x13fc  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:20:25.0292 0x13fc  intelppm - ok
15:20:25.0302 0x13fc  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
15:20:25.0369 0x13fc  IoQos - ok
15:20:25.0381 0x13fc  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:20:25.0454 0x13fc  IpFilterDriver - ok
15:20:25.0498 0x13fc  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:20:25.0616 0x13fc  iphlpsvc - ok
15:20:25.0630 0x13fc  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:20:25.0688 0x13fc  IPMIDRV - ok
15:20:25.0702 0x13fc  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:20:25.0763 0x13fc  IPNAT - ok
15:20:25.0795 0x13fc  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:20:25.0840 0x13fc  iPod Service - ok
15:20:25.0850 0x13fc  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:20:25.0904 0x13fc  IRENUM - ok
15:20:25.0913 0x13fc  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:20:25.0998 0x13fc  isapnp - ok
15:20:26.0018 0x13fc  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:20:26.0079 0x13fc  iScsiPrt - ok
15:20:26.0089 0x13fc  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
15:20:26.0158 0x13fc  iwdbus - ok
15:20:26.0169 0x13fc  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:20:26.0217 0x13fc  kbdclass - ok
15:20:26.0227 0x13fc  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:20:26.0304 0x13fc  kbdhid - ok
15:20:26.0314 0x13fc  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
15:20:26.0365 0x13fc  kdnic - ok
15:20:26.0376 0x13fc  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:20:26.0409 0x13fc  KeyIso - ok
15:20:26.0423 0x13fc  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:20:26.0480 0x13fc  KSecDD - ok
15:20:26.0495 0x13fc  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:20:26.0558 0x13fc  KSecPkg - ok
15:20:26.0567 0x13fc  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
15:20:26.0619 0x13fc  ksthunk - ok
15:20:26.0642 0x13fc  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:20:26.0706 0x13fc  KtmRm - ok
15:20:26.0725 0x13fc  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:20:26.0786 0x13fc  LanmanServer - ok
15:20:26.0805 0x13fc  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:20:26.0866 0x13fc  LanmanWorkstation - ok
15:20:26.0913 0x13fc  [ AA97872166AB4201540FB92C0BD6683F, 20AEB2BD7AE35167902B8FDACE060756E0952EBADC795A5E82AF7E2CDDE9DFFE ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
15:20:26.0934 0x13fc  Lexware_Update_Service - ok
15:20:26.0935 0x13fc  Object required for P2P: [ AA97872166AB4201540FB92C0BD6683F ] Lexware_Update_Service
15:20:29.0425 0x13fc  Object send P2P result: true
15:20:29.0435 0x13fc  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
15:20:29.0477 0x13fc  lfsvc - ok
15:20:29.0487 0x13fc  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
15:20:29.0530 0x13fc  LicenseManager - ok
15:20:29.0542 0x13fc  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
15:20:29.0606 0x13fc  lltdio - ok
15:20:29.0626 0x13fc  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:20:29.0687 0x13fc  lltdsvc - ok
15:20:29.0697 0x13fc  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:20:29.0737 0x13fc  lmhosts - ok
15:20:29.0756 0x13fc  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:20:29.0804 0x13fc  LSI_SAS - ok
15:20:29.0816 0x13fc  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
15:20:29.0907 0x13fc  LSI_SAS2i - ok
15:20:29.0919 0x13fc  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
15:20:29.0977 0x13fc  LSI_SAS3i - ok
15:20:29.0989 0x13fc  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:20:30.0075 0x13fc  LSI_SSS - ok
15:20:30.0111 0x13fc  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
15:20:30.0207 0x13fc  LSM - ok
15:20:30.0221 0x13fc  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:20:30.0338 0x13fc  luafv - ok
15:20:30.0350 0x13fc  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
15:20:30.0406 0x13fc  MapsBroker - ok
15:20:30.0417 0x13fc  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:20:30.0461 0x13fc  megasas - ok
15:20:30.0491 0x13fc  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:20:30.0588 0x13fc  megasr - ok
15:20:30.0601 0x13fc  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
15:20:30.0648 0x13fc  MessagingService - ok
15:20:30.0685 0x13fc  Microsoft SharePoint Workspace Audit Service - ok
15:20:30.0722 0x13fc  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
15:20:30.0787 0x13fc  mlx4_bus - ok
15:20:30.0801 0x13fc  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
15:20:30.0861 0x13fc  MMCSS - ok
15:20:30.0870 0x13fc  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:20:30.0974 0x13fc  Modem - ok
15:20:30.0985 0x13fc  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:20:31.0041 0x13fc  monitor - ok
15:20:31.0053 0x13fc  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:20:31.0098 0x13fc  mouclass - ok
15:20:31.0107 0x13fc  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:20:31.0200 0x13fc  mouhid - ok
15:20:31.0212 0x13fc  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:20:31.0266 0x13fc  mountmgr - ok
15:20:31.0280 0x13fc  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:20:31.0308 0x13fc  MozillaMaintenance - ok
15:20:31.0320 0x13fc  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:20:31.0382 0x13fc  mpsdrv - ok
15:20:31.0422 0x13fc  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:20:31.0513 0x13fc  MpsSvc - ok
15:20:31.0532 0x13fc  [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:20:31.0604 0x13fc  MRxDAV - ok
15:20:31.0630 0x13fc  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:20:31.0705 0x13fc  mrxsmb - ok
15:20:31.0726 0x13fc  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:20:31.0827 0x13fc  mrxsmb10 - ok
15:20:31.0845 0x13fc  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:20:31.0928 0x13fc  mrxsmb20 - ok
15:20:31.0941 0x13fc  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
15:20:32.0004 0x13fc  MsBridge - ok
15:20:32.0019 0x13fc  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:20:32.0066 0x13fc  MSDTC - ok
15:20:32.0066 0x13fc  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
15:20:35.0321 0x13fc  Object send P2P result: true
15:20:35.0339 0x13fc  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:20:35.0400 0x13fc  Msfs - ok
15:20:35.0411 0x13fc  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:20:35.0459 0x13fc  msgpiowin32 - ok
15:20:35.0467 0x13fc  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:20:35.0516 0x13fc  mshidkmdf - ok
15:20:35.0525 0x13fc  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:20:35.0596 0x13fc  mshidumdf - ok
15:20:35.0605 0x13fc  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:20:35.0651 0x13fc  msisadrv - ok
15:20:35.0666 0x13fc  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:20:35.0716 0x13fc  MSiSCSI - ok
15:20:35.0785 0x13fc  msiserver - ok
15:20:35.0807 0x13fc  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
15:20:35.0924 0x13fc  MSKSSRV - ok
15:20:35.0944 0x13fc  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
15:20:36.0018 0x13fc  MsLldp - ok
15:20:36.0029 0x13fc  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
15:20:36.0090 0x13fc  MSPCLOCK - ok
15:20:36.0098 0x13fc  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
15:20:36.0147 0x13fc  MSPQM - ok
15:20:36.0169 0x13fc  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:20:36.0234 0x13fc  MsRPC - ok
15:20:36.0249 0x13fc  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:20:36.0301 0x13fc  mssmbios - ok
15:20:36.0311 0x13fc  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
15:20:36.0371 0x13fc  MSTEE - ok
15:20:36.0382 0x13fc  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:20:36.0434 0x13fc  MTConfig - ok
15:20:36.0448 0x13fc  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:20:36.0508 0x13fc  Mup - ok
15:20:36.0520 0x13fc  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:20:36.0574 0x13fc  mvumis - ok
15:20:36.0609 0x13fc  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:20:36.0718 0x13fc  NativeWifiP - ok
15:20:36.0736 0x13fc  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:20:36.0789 0x13fc  NcaSvc - ok
15:20:36.0819 0x13fc  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:20:36.0891 0x13fc  NcbService - ok
15:20:36.0907 0x13fc  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:20:36.0990 0x13fc  NcdAutoSetup - ok
15:20:37.0005 0x13fc  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
15:20:37.0068 0x13fc  ndfltr - ok
15:20:37.0120 0x13fc  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:20:37.0271 0x13fc  NDIS - ok
15:20:37.0288 0x13fc  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
15:20:37.0350 0x13fc  NdisCap - ok
15:20:37.0365 0x13fc  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
15:20:37.0432 0x13fc  NdisImPlatform - ok
15:20:37.0442 0x13fc  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:20:37.0513 0x13fc  NdisTapi - ok
15:20:37.0525 0x13fc  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
15:20:37.0585 0x13fc  Ndisuio - ok
15:20:37.0598 0x13fc  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:20:37.0670 0x13fc  NdisVirtualBus - ok
15:20:37.0688 0x13fc  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
15:20:37.0803 0x13fc  NdisWan - ok
15:20:37.0826 0x13fc  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:20:37.0890 0x13fc  ndiswanlegacy - ok
15:20:37.0901 0x13fc  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
15:20:37.0987 0x13fc  ndproxy - ok
15:20:38.0000 0x13fc  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:20:38.0062 0x13fc  Ndu - ok
15:20:38.0074 0x13fc  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
15:20:38.0156 0x13fc  NetBIOS - ok
15:20:38.0180 0x13fc  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:20:38.0260 0x13fc  NetBT - ok
15:20:38.0274 0x13fc  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:20:38.0309 0x13fc  Netlogon - ok
15:20:38.0328 0x13fc  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
15:20:38.0389 0x13fc  Netman - ok
15:20:38.0419 0x13fc  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:20:38.0494 0x13fc  netprofm - ok
15:20:38.0512 0x13fc  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
15:20:38.0593 0x13fc  NetSetupSvc - ok
15:20:38.0616 0x13fc  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:38.0648 0x13fc  NetTcpPortSharing - ok
15:20:38.0672 0x13fc  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
15:20:38.0732 0x13fc  NgcCtnrSvc - ok
15:20:38.0765 0x13fc  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
15:20:38.0848 0x13fc  NgcSvc - ok
15:20:38.0872 0x13fc  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:20:38.0940 0x13fc  NlaSvc - ok
15:20:38.0951 0x13fc  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:20:39.0032 0x13fc  Npfs - ok
15:20:39.0041 0x13fc  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:20:39.0097 0x13fc  npsvctrig - ok
15:20:39.0107 0x13fc  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:20:39.0157 0x13fc  nsi - ok
15:20:39.0169 0x13fc  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:20:39.0219 0x13fc  nsiproxy - ok
15:20:39.0327 0x13fc  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
15:20:39.0524 0x13fc  NTFS - ok
15:20:39.0539 0x13fc  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:20:39.0590 0x13fc  Null - ok
15:20:39.0605 0x13fc  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:20:39.0666 0x13fc  nvraid - ok
15:20:39.0681 0x13fc  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:20:39.0744 0x13fc  nvstor - ok
15:20:39.0757 0x13fc  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
15:20:39.0818 0x13fc  nv_agp - ok
15:20:39.0839 0x13fc  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
15:20:39.0907 0x13fc  OneSyncSvc - ok
15:20:39.0941 0x13fc  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:20:39.0976 0x13fc  ose64 - ok
15:20:40.0198 0x13fc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:20:40.0434 0x13fc  osppsvc - ok
15:20:40.0471 0x13fc  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:20:40.0533 0x13fc  p2pimsvc - ok
15:20:40.0558 0x13fc  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:20:40.0633 0x13fc  p2psvc - ok
15:20:40.0663 0x13fc  [ D61B764B27BF05CCCADCC5E1E7B73A21, 14636C5D470E4E87B8C6ED4E34906072D8D631E566DECADF5E2FFC0535DF8989 ] PAC7302         C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
15:20:40.0777 0x13fc  PAC7302 - ok
15:20:40.0790 0x13fc  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:20:40.0853 0x13fc  Parport - ok
15:20:40.0866 0x13fc  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:20:40.0927 0x13fc  partmgr - ok
15:20:40.0941 0x13fc  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:20:40.0967 0x13fc  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
15:20:40.0967 0x13fc  Detect skipped due to KSN trusted
15:20:40.0967 0x13fc  PassThru Service - ok
15:20:40.0998 0x13fc  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:20:41.0055 0x13fc  PcaSvc - ok
15:20:41.0078 0x13fc  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:20:41.0143 0x13fc  pci - ok
15:20:41.0154 0x13fc  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:20:41.0196 0x13fc  pciide - ok
15:20:41.0250 0x13fc  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:20:41.0301 0x13fc  pcmcia - ok
15:20:41.0312 0x13fc  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:20:41.0357 0x13fc  pcw - ok
15:20:41.0370 0x13fc  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:20:41.0444 0x13fc  pdc - ok
15:20:41.0579 0x13fc  [ A279FC9BE4D1DA5DA3E79B5EAE0FDCF4, 0CC9A413E2BFE30421A74610300F6AD29769EF45557137F6FD7B7FAF0E0A241C ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
15:20:41.0710 0x13fc  PDF Architect 3 - ok
15:20:41.0763 0x13fc  [ 29D993E6AABC958032ED9620D232C521, 68F6581BB8A856561BAD22B5EB5CAB25B3F9473228B553D133ECFB4BDCEB2A3F ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
15:20:41.0827 0x13fc  PDF Architect 3 CrashHandler - ok
15:20:41.0869 0x13fc  [ 9EC3A20048C2E53B98E3617B7D6EB1DE, 8C2A11FFE65C062E8091135ECE4E392C2F18BB48C565E47DA08BF344B2587061 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
15:20:41.0922 0x13fc  PDF Architect 3 Creator - ok
15:20:41.0992 0x13fc  [ 20C9518D18927FA01F42309CC6BF433E, 112CB468C682E179CE16275E9748A035BCBF5E5970A095E3C83C9C14865D6548 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
15:20:42.0073 0x13fc  PDF Architect Helper Service - ok
15:20:42.0117 0x13fc  [ EB69C64D06CB162602F7C3E389255334, 091D14BDD2585A40EF316547F1E0EDA007833A00ECDC062827E40FC2CCBF9DFF ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
15:20:42.0175 0x13fc  PDF Architect Service - ok
15:20:42.0279 0x13fc  [ A32028F7CDC08C44E91A2E83E42463C8, EB5C74EB309950407F22FCE4F59963313D9BCCA49BF4DA1B13421CC1C1015E6F ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
15:20:42.0314 0x13fc  PDFProFiltSrvPP - ok
15:20:42.0356 0x13fc  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:20:42.0471 0x13fc  PEAUTH - ok
15:20:42.0483 0x13fc  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
15:20:42.0517 0x13fc  PEGAGFN - ok
15:20:42.0526 0x13fc  [ 7BB4BD4E20221B6BFC0038851CF3A4F0, 29EECB0C2A8BFC315C5212AD26B871B02DF7B76B5097FF45BA5E5C78891F357C ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
15:20:42.0581 0x13fc  PegaRadioSwitch - ok
15:20:42.0595 0x13fc  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
15:20:42.0652 0x13fc  percsas2i - ok
15:20:42.0662 0x13fc  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
15:20:42.0709 0x13fc  percsas3i - ok
15:20:42.0762 0x13fc  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:20:42.0803 0x13fc  PerfHost - ok
15:20:42.0827 0x13fc  [ C182C1477F8D730D84CC74A213F72D11, 6E9197332544B39776D37A6C6283DC26CC139723C36FA79422F3FA9CD3CC8C5E ] PGFNEXSrv       C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
15:20:42.0850 0x13fc  PGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
15:20:42.0980 0x13fc  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
15:20:45.0866 0x13fc  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
15:20:45.0959 0x13fc  PhoneSvc - ok
15:20:45.0981 0x13fc  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
15:20:46.0049 0x13fc  PimIndexMaintenanceSvc - ok
15:20:46.0133 0x13fc  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
15:20:46.0275 0x13fc  pla - ok
15:20:46.0293 0x13fc  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:20:46.0350 0x13fc  PlugPlay - ok
15:20:46.0363 0x13fc  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:20:46.0404 0x13fc  PNRPAutoReg - ok
15:20:46.0425 0x13fc  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:20:46.0485 0x13fc  PNRPsvc - ok
15:20:46.0512 0x13fc  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:20:46.0581 0x13fc  PolicyAgent - ok
15:20:46.0600 0x13fc  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
15:20:46.0653 0x13fc  Power - ok
15:20:46.0666 0x13fc  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
15:20:46.0750 0x13fc  PptpMiniport - ok
15:20:46.0913 0x13fc  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:20:47.0163 0x13fc  PrintNotify - ok
15:20:47.0187 0x13fc  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:20:47.0246 0x13fc  Processor - ok
15:20:47.0270 0x13fc  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:20:47.0331 0x13fc  ProfSvc - ok
15:20:47.0347 0x13fc  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
15:20:47.0402 0x13fc  Psched - ok
15:20:47.0413 0x13fc  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\WINDOWS\system32\pwdrvio.sys
15:20:47.0462 0x13fc  pwdrvio - ok
15:20:47.0471 0x13fc  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\WINDOWS\system32\pwdspio.sys
15:20:47.0516 0x13fc  pwdspio - ok
15:20:47.0535 0x13fc  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:20:47.0593 0x13fc  QWAVE - ok
15:20:47.0603 0x13fc  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:20:47.0669 0x13fc  QWAVEdrv - ok
15:20:47.0678 0x13fc  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:20:47.0757 0x13fc  RasAcd - ok
15:20:47.0770 0x13fc  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
15:20:47.0842 0x13fc  RasAgileVpn - ok
15:20:47.0855 0x13fc  [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:20:47.0906 0x13fc  RasAuto - ok
15:20:47.0918 0x13fc  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
15:20:47.0980 0x13fc  Rasl2tp - ok
15:20:48.0017 0x13fc  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:20:48.0105 0x13fc  RasMan - ok
15:20:48.0119 0x13fc  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:20:48.0205 0x13fc  RasPppoe - ok
15:20:48.0216 0x13fc  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
15:20:48.0276 0x13fc  RasSstp - ok
15:20:48.0301 0x13fc  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:20:48.0386 0x13fc  rdbss - ok
15:20:48.0403 0x13fc  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:20:48.0468 0x13fc  rdpbus - ok
15:20:48.0482 0x13fc  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:20:48.0567 0x13fc  RDPDR - ok
15:20:48.0586 0x13fc  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:20:48.0629 0x13fc  RdpVideoMiniport - ok
15:20:48.0647 0x13fc  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:20:48.0704 0x13fc  rdyboost - ok
15:20:48.0750 0x13fc  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
15:20:48.0873 0x13fc  ReFSv1 - ok
15:20:48.0904 0x13fc  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:20:48.0981 0x13fc  RemoteAccess - ok
15:20:48.0999 0x13fc  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:20:49.0059 0x13fc  RemoteRegistry - ok
15:20:49.0108 0x13fc  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
15:20:49.0237 0x13fc  RetailDemo - ok
15:20:49.0265 0x13fc  [ 27A3A6BF6EE99AB61BF6F1147542F6AA, EA77F391067BF597E2E9A5A915CED91694B34624CD7BC87531C1610659C28748 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
15:20:49.0300 0x13fc  RichVideo64 - ok
15:20:49.0312 0x13fc  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:20:49.0357 0x13fc  RpcEptMapper - ok
15:20:49.0366 0x13fc  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:20:49.0408 0x13fc  RpcLocator - ok
15:20:49.0451 0x13fc  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

Alt 01.02.2016, 16:17   #5
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Code:
ATTFilter
15:20:49.0544 0x13fc  RpcSs - ok
15:20:49.0559 0x13fc  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
15:20:49.0633 0x13fc  rspndr - ok
15:20:49.0663 0x13fc  [ 8CF15A5A9FC24323E2B63DDF9788C74E, 4E91D45DB6E811B5DC75DD96EEE8813414F243D82AA789F7C2D464463B4DE7F4 ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
15:20:49.0707 0x13fc  RtkBtFilter - ok
15:20:49.0748 0x13fc  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
15:20:49.0833 0x13fc  RTL8168 - ok
15:20:49.0859 0x13fc  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
15:20:49.0933 0x13fc  RTSUER - ok
15:20:50.0080 0x13fc  [ 52BFDF19FBFDC7C8E811C73350CA2B52, E8385F78C133B06D6A7F488DAB7308A7D3ED7181C7CE02D150912CA9ABFC4C94 ] RTWlanE         C:\WINDOWS\System32\drivers\rtwlane.sys
15:20:50.0342 0x13fc  RTWlanE - ok
15:20:50.0361 0x13fc  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:20:50.0425 0x13fc  s3cap - ok
15:20:50.0436 0x13fc  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:20:50.0470 0x13fc  SamSs - ok
15:20:50.0483 0x13fc  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:20:50.0546 0x13fc  sbp2port - ok
15:20:50.0565 0x13fc  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:20:50.0628 0x13fc  SCardSvr - ok
15:20:50.0648 0x13fc  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:20:50.0706 0x13fc  ScDeviceEnum - ok
15:20:50.0719 0x13fc  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:20:50.0765 0x13fc  scfilter - ok
15:20:50.0817 0x13fc  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:20:50.0938 0x13fc  Schedule - ok
15:20:50.0959 0x13fc  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:20:51.0018 0x13fc  SCPolicySvc - ok
15:20:51.0039 0x13fc  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:20:51.0107 0x13fc  sdbus - ok
15:20:51.0124 0x13fc  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
15:20:51.0183 0x13fc  SDRSVC - ok
15:20:51.0198 0x13fc  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:20:51.0271 0x13fc  sdstor - ok
15:20:51.0282 0x13fc  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:20:51.0325 0x13fc  seclogon - ok
15:20:51.0337 0x13fc  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
15:20:51.0392 0x13fc  SENS - ok
15:20:51.0451 0x13fc  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
15:20:51.0603 0x13fc  SensorDataService - ok
15:20:51.0628 0x13fc  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
15:20:51.0695 0x13fc  SensorService - ok
15:20:51.0712 0x13fc  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:20:51.0767 0x13fc  SensrSvc - ok
15:20:51.0779 0x13fc  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:20:51.0847 0x13fc  SerCx - ok
15:20:51.0862 0x13fc  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:20:51.0917 0x13fc  SerCx2 - ok
15:20:51.0926 0x13fc  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:20:51.0985 0x13fc  Serenum - ok
15:20:51.0998 0x13fc  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:20:52.0053 0x13fc  Serial - ok
15:20:52.0063 0x13fc  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:20:52.0114 0x13fc  sermouse - ok
15:20:52.0152 0x13fc  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:20:52.0220 0x13fc  SessionEnv - ok
15:20:52.0231 0x13fc  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:20:52.0283 0x13fc  sfloppy - ok
15:20:52.0319 0x13fc  [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:20:52.0393 0x13fc  SharedAccess - ok
15:20:52.0429 0x13fc  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:20:52.0525 0x13fc  ShellHWDetection - ok
15:20:52.0537 0x13fc  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:20:52.0590 0x13fc  SiSRaid2 - ok
15:20:52.0601 0x13fc  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:20:52.0648 0x13fc  SiSRaid4 - ok
15:20:52.0668 0x13fc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:20:52.0709 0x13fc  SkypeUpdate - ok
15:20:52.0721 0x13fc  [ 629F6CDD71F284EB2A519B2C95CCCD78, E521374890C19F36EFA7C2B5240DCDE6316A31F4C454957D50878BD28BD437F0 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
15:20:52.0742 0x13fc  SmbDrv - ok
15:20:52.0754 0x13fc  [ 426AEE15F4E6C900C0C30E29B2D86361, D5916F590BD2E1F3CC474D6E10C2AE8F858C2A439ADF93CB61AD55875124DB43 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
15:20:52.0776 0x13fc  SmbDrvI - ok
15:20:52.0789 0x13fc  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
15:20:52.0852 0x13fc  smphost - ok
15:20:52.0883 0x13fc  [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
15:20:52.0968 0x13fc  SmsRouter - ok
15:20:52.0990 0x13fc  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:20:53.0037 0x13fc  SNMPTRAP - ok
15:20:53.0066 0x13fc  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:20:53.0152 0x13fc  spaceport - ok
15:20:53.0165 0x13fc  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:20:53.0234 0x13fc  SpbCx - ok
15:20:53.0272 0x13fc  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:20:53.0363 0x13fc  Spooler - ok
15:20:53.0633 0x13fc  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:20:54.0014 0x13fc  sppsvc - ok
15:20:54.0025 0x13fc  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
15:20:57.0274 0x13fc  Object send P2P result: true
15:20:57.0304 0x13fc  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:20:57.0390 0x13fc  srv - ok
15:20:57.0428 0x13fc  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:20:57.0556 0x13fc  srv2 - ok
15:20:57.0575 0x13fc  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:20:57.0651 0x13fc  srvnet - ok
15:20:57.0670 0x13fc  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:20:57.0749 0x13fc  SSDPSRV - ok
15:20:57.0768 0x13fc  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:20:57.0832 0x13fc  SstpSvc - ok
15:20:57.0869 0x13fc  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
15:20:57.0919 0x13fc  ss_conn_service - ok
15:20:58.0054 0x13fc  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
15:20:58.0284 0x13fc  StateRepository - ok
15:20:58.0301 0x13fc  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:20:58.0343 0x13fc  stexstor - ok
15:20:58.0353 0x13fc  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
15:20:58.0402 0x13fc  StillCam - ok
15:20:58.0436 0x13fc  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:20:58.0519 0x13fc  stisvc - ok
15:20:58.0534 0x13fc  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:20:58.0584 0x13fc  storahci - ok
15:20:58.0597 0x13fc  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
15:20:58.0668 0x13fc  storflt - ok
15:20:58.0701 0x13fc  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:20:58.0759 0x13fc  stornvme - ok
15:20:58.0771 0x13fc  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
15:20:58.0833 0x13fc  storqosflt - ok
15:20:58.0865 0x13fc  [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:20:58.0960 0x13fc  StorSvc - ok
15:20:58.0972 0x13fc  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
15:20:59.0024 0x13fc  storufs - ok
15:20:59.0034 0x13fc  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:20:59.0077 0x13fc  storvsc - ok
15:20:59.0086 0x13fc  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:20:59.0136 0x13fc  svsvc - ok
15:20:59.0145 0x13fc  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
15:20:59.0187 0x13fc  swenum - ok
15:20:59.0214 0x13fc  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
15:20:59.0294 0x13fc  swprv - ok
15:20:59.0308 0x13fc  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
15:20:59.0370 0x13fc  Synth3dVsc - ok
15:20:59.0402 0x13fc  [ 1DEB6BC29F9B183528A21BA522AC3278, 8518527A9DDFD8B58AED1A7C1A1CFB4153DA34B634117AC91A94993EC5F76A80 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:20:59.0449 0x13fc  SynTP - ok
15:20:59.0502 0x13fc  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:20:59.0619 0x13fc  SysMain - ok
15:20:59.0622 0x13fc  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
15:21:02.0103 0x13fc  Object send P2P result: true
15:21:02.0127 0x13fc  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:21:02.0193 0x13fc  SystemEventsBroker - ok
15:21:02.0209 0x13fc  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:21:02.0258 0x13fc  TabletInputService - ok
15:21:02.0281 0x13fc  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:21:02.0345 0x13fc  TapiSrv - ok
15:21:02.0468 0x13fc  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:21:02.0727 0x13fc  Tcpip - ok
15:21:02.0831 0x13fc  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
15:21:03.0049 0x13fc  Tcpip6 - ok
15:21:03.0074 0x13fc  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:21:03.0144 0x13fc  tcpipreg - ok
15:21:03.0164 0x13fc  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:21:03.0215 0x13fc  tdx - ok
15:21:03.0226 0x13fc  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:21:03.0274 0x13fc  terminpt - ok
15:21:03.0324 0x13fc  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
15:21:03.0434 0x13fc  TermService - ok
15:21:03.0448 0x13fc  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
15:21:03.0512 0x13fc  Themes - ok
15:21:03.0539 0x13fc  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
15:21:03.0609 0x13fc  TieringEngineService - ok
15:21:03.0645 0x13fc  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
15:21:03.0738 0x13fc  tiledatamodelsvc - ok
15:21:03.0761 0x13fc  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
15:21:03.0838 0x13fc  TimeBroker - ok
15:21:03.0857 0x13fc  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
15:21:03.0921 0x13fc  TPM - ok
15:21:03.0936 0x13fc  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:21:03.0991 0x13fc  TrkWks - ok
15:21:04.0006 0x13fc  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:21:04.0047 0x13fc  TrustedInstaller - ok
15:21:04.0064 0x13fc  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
15:21:04.0141 0x13fc  tsusbflt - ok
15:21:04.0153 0x13fc  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:21:04.0202 0x13fc  TsUsbGD - ok
15:21:04.0217 0x13fc  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
15:21:04.0285 0x13fc  tunnel - ok
15:21:04.0296 0x13fc  [ 72E24CD1662577B38779B5E768C48FEE, 66BFD18CEDEEF358B04B81C65BC12606632FB1B2DAD4EC8405962DE1054D08CA ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
15:21:04.0358 0x13fc  TXEIx64 - ok
15:21:04.0372 0x13fc  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
15:21:04.0439 0x13fc  tzautoupdate - ok
15:21:04.0450 0x13fc  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
15:21:04.0510 0x13fc  uagp35 - ok
15:21:04.0522 0x13fc  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:21:04.0569 0x13fc  UASPStor - ok
15:21:04.0580 0x13fc  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
15:21:04.0646 0x13fc  UcmCx0101 - ok
15:21:04.0658 0x13fc  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
15:21:04.0708 0x13fc  UcmUcsi - ok
15:21:04.0725 0x13fc  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
15:21:04.0793 0x13fc  Ucx01000 - ok
15:21:04.0803 0x13fc  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
15:21:04.0854 0x13fc  UdeCx - ok
15:21:04.0875 0x13fc  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:21:04.0957 0x13fc  udfs - ok
15:21:04.0968 0x13fc  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:21:05.0039 0x13fc  UEFI - ok
15:21:05.0058 0x13fc  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
15:21:05.0118 0x13fc  Ufx01000 - ok
15:21:05.0130 0x13fc  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
15:21:05.0194 0x13fc  UfxChipidea - ok
15:21:05.0209 0x13fc  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
15:21:05.0261 0x13fc  ufxsynopsys - ok
15:21:05.0282 0x13fc  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
15:21:05.0332 0x13fc  UI0Detect - ok
15:21:05.0343 0x13fc  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
15:21:05.0389 0x13fc  uliagpkx - ok
15:21:05.0401 0x13fc  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:21:05.0467 0x13fc  umbus - ok
15:21:05.0478 0x13fc  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:21:05.0527 0x13fc  UmPass - ok
15:21:05.0547 0x13fc  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:21:05.0604 0x13fc  UmRdpService - ok
15:21:05.0662 0x13fc  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
15:21:05.0896 0x13fc  UnistoreSvc - ok
15:21:05.0978 0x13fc  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:21:06.0062 0x13fc  upnphost - ok
15:21:06.0074 0x13fc  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
15:21:06.0118 0x13fc  UrsChipidea - ok
15:21:06.0130 0x13fc  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
15:21:06.0192 0x13fc  UrsCx01000 - ok
15:21:06.0203 0x13fc  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
15:21:06.0251 0x13fc  UrsSynopsys - ok
15:21:06.0263 0x13fc  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:21:06.0306 0x13fc  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:21:06.0306 0x13fc  Detect skipped due to KSN trusted
15:21:06.0306 0x13fc  USBAAPL64 - ok
15:21:06.0322 0x13fc  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:21:06.0406 0x13fc  usbaudio - ok
15:21:06.0422 0x13fc  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:21:06.0512 0x13fc  usbccgp - ok
15:21:06.0526 0x13fc  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:21:06.0584 0x13fc  usbcir - ok
15:21:06.0599 0x13fc  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:21:06.0652 0x13fc  usbehci - ok
15:21:06.0682 0x13fc  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:21:06.0766 0x13fc  usbhub - ok
15:21:06.0799 0x13fc  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:21:06.0890 0x13fc  USBHUB3 - ok
15:21:06.0902 0x13fc  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:21:06.0959 0x13fc  usbohci - ok
15:21:06.0972 0x13fc  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:21:07.0054 0x13fc  usbprint - ok
15:21:07.0068 0x13fc  [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
15:21:07.0142 0x13fc  usbser - ok
15:21:07.0161 0x13fc  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:21:07.0223 0x13fc  USBSTOR - ok
15:21:07.0235 0x13fc  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:21:07.0293 0x13fc  usbuhci - ok
15:21:07.0314 0x13fc  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
15:21:07.0411 0x13fc  usbvideo - ok
15:21:07.0438 0x13fc  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:21:07.0571 0x13fc  USBXHCI - ok
15:21:07.0584 0x13fc  [ FECB9A2BDE6DB505C346490C3746FEEA, F2CFAC58DE3F467B74B660F68F44EE72AEDAE33499DCF92C7AACD108803C62A9 ] usb_rndisx      C:\WINDOWS\System32\drivers\usb8023x.sys
15:21:07.0645 0x13fc  usb_rndisx - ok
15:21:07.0715 0x13fc  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
15:21:07.0852 0x13fc  UserDataSvc - ok
15:21:07.0918 0x13fc  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
15:21:08.0063 0x13fc  UserManager - ok
15:21:08.0096 0x13fc  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
15:21:08.0184 0x13fc  UsoSvc - ok
15:21:08.0199 0x13fc  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:21:08.0237 0x13fc  VaultSvc - ok
15:21:08.0250 0x13fc  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:21:08.0301 0x13fc  vdrvroot - ok
15:21:08.0339 0x13fc  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
15:21:08.0437 0x13fc  vds - ok
15:21:08.0457 0x13fc  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:21:08.0529 0x13fc  VerifierExt - ok
15:21:08.0567 0x13fc  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:21:08.0662 0x13fc  vhdmp - ok
15:21:08.0674 0x13fc  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
15:21:08.0726 0x13fc  vhf - ok
15:21:08.0739 0x13fc  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:21:08.0798 0x13fc  vmbus - ok
15:21:08.0808 0x13fc  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:21:08.0858 0x13fc  VMBusHID - ok
15:21:08.0887 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:21:08.0957 0x13fc  vmicguestinterface - ok
15:21:08.0985 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
15:21:09.0054 0x13fc  vmicheartbeat - ok
15:21:09.0081 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:21:09.0146 0x13fc  vmickvpexchange - ok
15:21:09.0172 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
15:21:09.0239 0x13fc  vmicrdv - ok
15:21:09.0268 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
15:21:09.0337 0x13fc  vmicshutdown - ok
15:21:09.0365 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
15:21:09.0433 0x13fc  vmictimesync - ok
15:21:09.0461 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
15:21:09.0532 0x13fc  vmicvmsession - ok
15:21:09.0561 0x13fc  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
15:21:09.0627 0x13fc  vmicvss - ok
15:21:09.0641 0x13fc  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:21:09.0689 0x13fc  volmgr - ok
15:21:09.0714 0x13fc  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:21:09.0796 0x13fc  volmgrx - ok
15:21:09.0822 0x13fc  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:21:09.0900 0x13fc  volsnap - ok
15:21:09.0914 0x13fc  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:21:09.0962 0x13fc  vpci - ok
15:21:09.0980 0x13fc  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:21:10.0049 0x13fc  vsmraid - ok
15:21:10.0118 0x13fc  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
15:21:10.0261 0x13fc  VSS - ok
15:21:10.0264 0x13fc  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
15:21:12.0814 0x13fc  Object send P2P result: true
15:21:12.0838 0x13fc  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:21:12.0909 0x13fc  VSTXRAID - ok
15:21:12.0921 0x13fc  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:21:12.0985 0x13fc  vwifibus - ok
15:21:12.0999 0x13fc  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
15:21:13.0090 0x13fc  vwififlt - ok
15:21:13.0101 0x13fc  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
15:21:13.0157 0x13fc  vwifimp - ok
15:21:13.0187 0x13fc  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
15:21:13.0289 0x13fc  W32Time - ok
15:21:13.0302 0x13fc  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:21:13.0366 0x13fc  WacomPen - ok
15:21:13.0395 0x13fc  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
15:21:13.0488 0x13fc  WalletService - ok
15:21:13.0502 0x13fc  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:21:13.0564 0x13fc  wanarp - ok
15:21:13.0575 0x13fc  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:21:13.0633 0x13fc  wanarpv6 - ok
15:21:13.0722 0x13fc  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:21:13.0867 0x13fc  wbengine - ok
15:21:13.0904 0x13fc  [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:21:13.0987 0x13fc  WbioSrvc - ok
15:21:14.0024 0x13fc  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:21:14.0125 0x13fc  Wcmsvc - ok
15:21:14.0155 0x13fc  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:21:14.0241 0x13fc  wcncsvc - ok
15:21:14.0254 0x13fc  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:21:14.0300 0x13fc  WcsPlugInService - ok
15:21:14.0311 0x13fc  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:21:14.0383 0x13fc  WdBoot - ok
15:21:14.0423 0x13fc  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:21:14.0518 0x13fc  Wdf01000 - ok
15:21:14.0542 0x13fc  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:21:14.0606 0x13fc  WdFilter - ok
15:21:14.0620 0x13fc  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:21:14.0678 0x13fc  WdiServiceHost - ok
15:21:14.0690 0x13fc  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:21:14.0747 0x13fc  WdiSystemHost - ok
15:21:14.0784 0x13fc  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
15:21:14.0901 0x13fc  wdiwifi - ok
15:21:14.0917 0x13fc  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:21:14.0970 0x13fc  WdNisDrv - ok
15:21:14.0980 0x13fc  WdNisSvc - ok
15:21:15.0004 0x13fc  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:21:15.0070 0x13fc  WebClient - ok
15:21:15.0090 0x13fc  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:21:15.0150 0x13fc  Wecsvc - ok
15:21:15.0161 0x13fc  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:21:15.0212 0x13fc  WEPHOSTSVC - ok
15:21:15.0226 0x13fc  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:21:15.0286 0x13fc  wercplsupport - ok
15:21:15.0301 0x13fc  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:21:15.0364 0x13fc  WerSvc - ok
15:21:15.0379 0x13fc  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
15:21:15.0467 0x13fc  WFPLWFS - ok
15:21:15.0480 0x13fc  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:21:15.0528 0x13fc  WiaRpc - ok
15:21:15.0541 0x13fc  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:21:15.0598 0x13fc  WIMMount - ok
15:21:15.0604 0x13fc  WinDefend - ok
15:21:15.0631 0x13fc  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
15:21:15.0681 0x13fc  WindowsTrustedRT - ok
15:21:15.0691 0x13fc  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
15:21:15.0734 0x13fc  WindowsTrustedRTProxy - ok
15:21:15.0775 0x13fc  [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:21:15.0867 0x13fc  WinHttpAutoProxySvc - ok
15:21:15.0879 0x13fc  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
15:21:15.0934 0x13fc  WinMad - ok
15:21:15.0980 0x13fc  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:21:16.0031 0x13fc  Winmgmt - ok
15:21:16.0145 0x13fc  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:21:16.0356 0x13fc  WinRM - ok
15:21:16.0384 0x13fc  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
15:21:16.0438 0x13fc  WINUSB - ok
15:21:16.0451 0x13fc  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
15:21:16.0482 0x13fc  WinVerbs - ok
15:21:16.0594 0x13fc  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:21:16.0789 0x13fc  WlanSvc - ok
15:21:16.0884 0x13fc  [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:21:17.0059 0x13fc  wlidsvc - ok
15:21:17.0075 0x13fc  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:21:17.0133 0x13fc  WmiAcpi - ok
15:21:17.0156 0x13fc  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:21:17.0203 0x13fc  wmiApSrv - ok
15:21:17.0212 0x13fc  WMPNetworkSvc - ok
15:21:17.0231 0x13fc  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:21:17.0288 0x13fc  Wof - ok
15:21:17.0373 0x13fc  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:21:17.0535 0x13fc  workfolderssvc - ok
15:21:17.0552 0x13fc  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:21:17.0630 0x13fc  wpcfltr - ok
15:21:17.0669 0x13fc  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:21:17.0718 0x13fc  WPDBusEnum - ok
15:21:17.0730 0x13fc  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:21:17.0790 0x13fc  WpdUpFltr - ok
15:21:17.0801 0x13fc  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
15:21:17.0848 0x13fc  WpnService - ok
15:21:17.0859 0x13fc  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:21:17.0911 0x13fc  ws2ifsl - ok
15:21:17.0928 0x13fc  [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:21:17.0987 0x13fc  wscsvc - ok
15:21:17.0998 0x13fc  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
15:21:18.0047 0x13fc  WSDPrintDevice - ok
15:21:18.0057 0x13fc  WSearch - ok
15:21:18.0226 0x13fc  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
15:21:18.0459 0x13fc  WSService - ok
15:21:18.0578 0x13fc  [ C46159A366C6AA90F1B742999745FA36, AE55797A1C703726359B0B609BEDB7F3C59BE3E81FF736987CD8E5E23195B42E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:21:18.0824 0x13fc  wuauserv - ok
15:21:18.0843 0x13fc  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:21:18.0899 0x13fc  WudfPf - ok
15:21:18.0916 0x13fc  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
15:21:18.0984 0x13fc  WUDFRd - ok
15:21:19.0000 0x13fc  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
15:21:19.0050 0x13fc  wudfsvc - ok
15:21:19.0067 0x13fc  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:21:19.0131 0x13fc  WUDFWpdFs - ok
15:21:19.0188 0x13fc  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:21:19.0339 0x13fc  WwanSvc - ok
15:21:19.0388 0x13fc  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
15:21:19.0498 0x13fc  XblAuthManager - ok
15:21:19.0551 0x13fc  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
15:21:19.0667 0x13fc  XblGameSave - ok
15:21:19.0688 0x13fc  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
15:21:19.0777 0x13fc  xboxgip - ok
15:21:19.0826 0x13fc  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
15:21:19.0975 0x13fc  XboxNetApiSvc - ok
15:21:19.0989 0x13fc  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
15:21:20.0047 0x13fc  xinputhid - ok
15:21:20.0054 0x13fc  ================ Scan global ===============================
15:21:20.0071 0x13fc  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
15:21:20.0090 0x13fc  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
15:21:20.0114 0x13fc  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
15:21:20.0143 0x13fc  [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
15:21:20.0166 0x13fc  [ Global ] - ok
15:21:20.0167 0x13fc  ================ Scan MBR ==================================
15:21:20.0172 0x13fc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:21:20.0332 0x13fc  \Device\Harddisk0\DR0 - ok
15:21:20.0333 0x13fc  ================ Scan VBR ==================================
15:21:20.0338 0x13fc  [ B217A32B5F8DAE2736B8B8B95610F542 ] \Device\Harddisk0\DR0\Partition1
15:21:20.0342 0x13fc  \Device\Harddisk0\DR0\Partition1 - ok
15:21:20.0350 0x13fc  [ 5B5E61635DA3B62040CF2FF00471ED71 ] \Device\Harddisk0\DR0\Partition2
15:21:20.0352 0x13fc  \Device\Harddisk0\DR0\Partition2 - ok
15:21:20.0359 0x13fc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:21:20.0360 0x13fc  \Device\Harddisk0\DR0\Partition3 - ok
15:21:20.0369 0x13fc  [ 0ABA2A788E2A06BD6677AA1214BEE087 ] \Device\Harddisk0\DR0\Partition4
15:21:20.0371 0x13fc  \Device\Harddisk0\DR0\Partition4 - ok
15:21:20.0378 0x13fc  [ 7D35943F8D8BBC4792417A62BEE4E844 ] \Device\Harddisk0\DR0\Partition5
15:21:20.0383 0x13fc  \Device\Harddisk0\DR0\Partition5 - ok
15:21:20.0389 0x13fc  [ E1C1932A638C90F62A583364AC00F2FF ] \Device\Harddisk0\DR0\Partition6
15:21:20.0392 0x13fc  \Device\Harddisk0\DR0\Partition6 - ok
15:21:20.0399 0x13fc  [ 845A652928A6C7A6786B7F7013F008E6 ] \Device\Harddisk0\DR0\Partition7
15:21:20.0402 0x13fc  \Device\Harddisk0\DR0\Partition7 - ok
15:21:20.0409 0x13fc  [ 8174D599EFEE97C0E97DB30FC20DA906 ] \Device\Harddisk0\DR0\Partition8
15:21:20.0412 0x13fc  \Device\Harddisk0\DR0\Partition8 - ok
15:21:20.0419 0x13fc  [ E54A5E77FCF0F43DEC3195D6DAA7070F ] \Device\Harddisk0\DR0\Partition9
15:21:20.0422 0x13fc  \Device\Harddisk0\DR0\Partition9 - ok
15:21:20.0429 0x13fc  [ E13A9539827D336D91D16C94BA4E657D ] \Device\Harddisk0\DR0\Partition10
15:21:20.0432 0x13fc  \Device\Harddisk0\DR0\Partition10 - ok
15:21:20.0440 0x13fc  [ 620CB0D9B1076A810A8024C5577B2EFE ] \Device\Harddisk0\DR0\Partition11
15:21:20.0443 0x13fc  \Device\Harddisk0\DR0\Partition11 - ok
15:21:20.0444 0x13fc  ================ Scan generic autorun ======================
15:21:21.0003 0x13fc  [ 7068A2E090D56297A476C289CD2ABA41, 48FA908A5352B777FA0AB546AADEBD47DCA117FDFDF1D75E2A2D3E2F0B3DD83B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:21:21.0648 0x13fc  RtHDVCpl - ok
15:21:21.0729 0x13fc  [ 668469AF43FD603610A56D91DC201F30, C6385B462CE5EEA5F6EB63B5646F413AE21DE4EFBA4C914E6FD7AEFAF487C11F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:21:21.0802 0x13fc  RtHDVBg_Dolby - ok
15:21:21.0822 0x13fc  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
15:21:21.0852 0x13fc  BCSSync - ok
15:21:21.0853 0x13fc  SynTPEnh - ok
15:21:21.0869 0x13fc  [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
15:21:21.0893 0x13fc  iTunesHelper - ok
15:21:21.0911 0x13fc  [ 72334F906C2E2B002CDD2FF9022FD957, 991F7C606E122BBD388BA37E56B37CC6D2DCA304784E4CE06018D698C57F320F ] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
15:21:21.0961 0x13fc  PAC7302_Monitor - ok
15:21:21.0973 0x13fc  [ 4E9AF25BA5E8219310E384AEA5B0EED8, 743062F755E7A88BA394E96CA26A988CCFDF73B441B779B3149D54A769CBC411 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
15:21:21.0999 0x13fc  CLMLServer_For_P2G8 - ok
15:21:22.0024 0x13fc  [ 806222C9B0B8606061830527296328ED, 93E241CA93177D63120A97BF72B91A1EA3D14BE4ADB210181AF975074268183F ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
15:21:22.0063 0x13fc  CLVirtualDrive - ok
15:21:22.0073 0x13fc  [ 0966408A384E8B0FE57B0008E18D561C, 045AB5798CAFA7D27E7D02F780B3508EBF34C0991C8EF166A61CF869D9399B70 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
15:21:22.0096 0x13fc  RemoteControl10 - ok
15:21:22.0114 0x13fc  [ 249348AC5BF38938B713756DBA286956, 5F8A441D9DD617A28F6BB8522957A718FDBFF4D031EE7D5796D77BA720FB6694 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
15:21:22.0145 0x13fc  YouCam Service - ok
15:21:22.0193 0x13fc  [ 4E8C895616B22D8A7AFA6AC52E02E996, 41589C10705E36B08A661E48BB8058D5E80671A7522C3B9441F29C9345AC8EF7 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
15:21:22.0308 0x13fc  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
15:21:22.0308 0x13fc  Detect skipped due to KSN trusted
15:21:22.0308 0x13fc  BrMfcWnd - ok
15:21:22.0321 0x13fc  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
15:21:22.0347 0x13fc  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
15:21:22.0347 0x13fc  Detect skipped due to KSN trusted
15:21:22.0347 0x13fc  ControlCenter3 - ok
15:21:22.0396 0x13fc  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:21:22.0447 0x13fc  avgnt - ok
15:21:22.0531 0x13fc  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe
15:21:22.0641 0x13fc  ISUSPM - ok
15:21:22.0663 0x13fc  [ 5ABDB69094C3595524165649B5DA6ADA, B644C7CAF439C76E7F476FB15A0AFA09CF3C7B81C1E4F19B821E732D2E2D3B0D ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
15:21:22.0683 0x13fc  PaperPort PTD - ok
15:21:22.0690 0x13fc  [ 4492AFBDBC42D5E3EA219A9092976861, D0B4BA8A468EE82568D1672DB6B3294DACF8D5D182373629C4E090195B714B1C ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
15:21:22.0709 0x13fc  IndexSearch - ok
15:21:22.0728 0x13fc  [ 9C68BA857191DE7B45651D6773036870, 1BB1A2B56F071BAAF60551877F8215BB6F011E8E21AD5F81BF80FCFBE45A5F36 ] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe
15:21:22.0764 0x13fc  PPort14reminder - ok
15:21:23.0044 0x13fc  [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:21:23.0353 0x13fc  AvastUI.exe - ok
15:21:23.0365 0x13fc  Object required for P2P: [ 8A312D5764B4FC4C55CEDDEED4652CF1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:21:25.0871 0x13fc  Object send P2P result: true
15:21:25.0909 0x13fc  [ D19951000FC9E45A62BE182B79D7FF3A, 1156E8D9B1A13350F57F010C48EE30138CB04C69B3F9FFBD6F6F2B8D4C8AC148 ] C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe
15:21:25.0952 0x13fc  PDFCreHook - ok
15:21:25.0965 0x13fc  [ 3D77D293E0A533F24A3FD21BA3293D0D, 43A88384C71160032A1E5A740DBA1E25E36ACE4C6FA7FE6204292C5D07B60052 ] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe
15:21:25.0992 0x13fc  PDF7 Registry Controller - ok
15:21:26.0003 0x13fc  [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
15:21:26.0026 0x13fc  Avira Systray - ok
15:21:26.0047 0x13fc  [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:21:26.0087 0x13fc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:21:26.0087 0x13fc  Detect skipped due to KSN trusted
15:21:26.0087 0x13fc  QuickTime Task - ok
15:21:26.0177 0x13fc  [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
15:21:26.0278 0x13fc  EaseUS EPM tray - ok
15:21:26.0374 0x13fc  [ DEF92CF2964226C10D3F91453471328B, 62F4B119154E382B93244319D47A6C75FA093E8EB29BD47C625CB6C56D0B1D15 ] C:\Program Files (x86)\Forum Verlag\Unternehmensbewertung direkt\ForumUpdater.exe
15:21:26.0546 0x13fc  Forum Updater - detected UnsignedFile.Multi.Generic ( 1 )
15:21:26.0547 0x13fc  Forum Updater ( UnsignedFile.Multi.Generic ) - warning
15:21:28.0971 0x13fc  [ 7EE1757A50F7C13C0A1BFE58763A2AD3, 322091A9F2287A6782143D2D5D962E7A7C08467D749F0811DBE8F14856B5B817 ] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
15:21:29.0004 0x13fc  LexwareInfoService - ok
15:21:29.0036 0x13fc  [ 2677033DA8C3447B00DA64C7D338A07B, 0409976C64F42038DE60006497AFD1CAC3B7DB440C338F80E06B3FB269E6CAD3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:21:29.0083 0x13fc  SunJavaUpdateSched - ok
15:21:29.0498 0x13fc  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:21:29.0842 0x13fc  OneDriveSetup - ok
15:21:30.0141 0x13fc  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:21:30.0453 0x13fc  OneDriveSetup - ok
15:21:30.0778 0x13fc  [ 781DCED079ABD884DF8CA22B6FA30F05, 392C39D4E26AAE801786EE9A2671FDFFF18991A27046853B13ACA90E4B2D3998 ] C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:21:30.0916 0x13fc  Spotify Web Helper - ok
15:21:30.0922 0x13fc  Object required for P2P: [ 781DCED079ABD884DF8CA22B6FA30F05 ] C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:21:33.0403 0x13fc  Object send P2P result: true
15:21:33.0579 0x13fc  [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
15:21:33.0678 0x13fc  MyDriveConnect.exe - ok
15:21:33.0682 0x13fc  Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
15:21:36.0736 0x13fc  Object send P2P result: true
15:21:36.0829 0x13fc  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:21:36.0862 0x13fc  Dropbox Update - ok
15:21:36.0889 0x13fc  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:21:36.0938 0x13fc  OneDrive - ok
15:21:36.0939 0x13fc  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:21:39.0416 0x13fc  Object send P2P result: true
15:21:39.0457 0x13fc  [ 527CF721F78B2DF6A1570F93899A0AA8, 1F08074DA90593E7EDC63C072B784BE438C5EC94FE992433053D6B75CDEE78EB ] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
15:21:39.0519 0x13fc  OfficeSyncProcess - ok
15:21:39.0694 0x13fc  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
15:21:39.0755 0x13fc  Uninstall C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 - ok
15:21:39.0756 0x13fc  Object required for P2P: [ 41E25E514D90E9C8BC570484DBAFF62B ] C:\WINDOWS\system32\cmd.exe
15:21:42.0236 0x13fc  Object send P2P result: true
15:21:42.0254 0x13fc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
15:21:42.0257 0x13fc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
15:21:42.0261 0x13fc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
15:21:42.0268 0x13fc  Win FW state via NFP2: enabled ( trusted )
15:21:44.0676 0x13fc  ============================================================
15:21:44.0676 0x13fc  Scan finished
15:21:44.0676 0x13fc  ============================================================
15:21:44.0698 0x14c4  Detected object count: 2
15:21:44.0698 0x14c4  Actual detected object count: 2
15:22:52.0995 0x14c4  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:52.0995 0x14c4  PGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:22:52.0997 0x14c4  Forum Updater ( UnsignedFile.Multi.Generic ) - skipped by user
15:22:52.0997 0x14c4  Forum Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alt 02.02.2016, 16:21   #6
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Servus,




Zukünftig bitte beachten:
Zitat:
Gestartet von I:\01 Programme System\AAvirus2
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
Alt 02.02.2016, 23:20   #7
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

mbar-log-2016-02-02 (22-16-55)


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.02.04
  rootkit: v2016.01.20.01

Windows 10 x64 NTFS
Internet Explorer 11.63.10586.0
ASS-CO.de :: ASS-CO [administrator]

02.02.2016 22:16:55
mbar-log-2016-02-02 (22-16-55).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 414342
Time elapsed: 54 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 03.02.2016, 16:47   #8
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Servus,



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
Alt 03.02.2016, 20:34   #9
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Schritt 1 AdwareCl


Code:
ATTFilter
# AdwCleaner v5.032 - Bericht erstellt am 03/02/2016 um 17:44:15
# Aktualisiert am 31/01/2016 von Xplode
# Datenbank : 2016-02-02.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : ASS-CO.de - ASS-CO
# Gestartet von : C:\Users\ASS-CO.de\Desktop\AdwCleaner_5.032.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\Reimage
[-] Ordner Gelöscht : C:\ProgramData\Reimage Express
[-] Ordner Gelöscht : C:\ProgramData\Reimage Protector
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedMon
[-] Ordner Gelöscht : C:\Users\ASS-CO.de\AppData\Local\StartPoint
[-] Ordner Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\OpenCandy

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
[-] Datei Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\startpointkms.xml
[-] Datei Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\trovi-search.xml
[-] Datei Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\vi-view.xml
[-] Datei Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\avira-safesearch.xml
[-] Datei Gelöscht : C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\default.xml
[-] Datei Gelöscht : C:\WINDOWS\Reimage.ini

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
[-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
[-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron\SRWare Iron.lnk
[-] Verknüpfung Desinfiziert : C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung Desinfiziert : C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SRWare Iron.lnk

***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : StartPoint Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_de_144]
[-] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F8A4FC32-DDA3-4DD9-8C62-49F778FF630B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{63C63464-1423-4FDB-BA5D-6F75F491C63E}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40BA-885E-F47A957D12E6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46E3-ADCF-AA6E08143FB8}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Reimage
[-] Schlüssel Gelöscht : HKCU\Software\SpeedMon
[-] Schlüssel Gelöscht : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PositiveFinds
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\TermTutor
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Schlüssel Gelöscht : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Mozilla\Extends
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\OCS
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Reimage
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\SpeedMon
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Ciuvo
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Reimage
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SpeedMon
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Reimage
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\SpeedMon
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6925A036-B5D8-4F14-81BE-82D45D0C585C}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6925A036-B5D8-4F14-81BE-82D45D0C585C}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{6925A036-B5D8-4F14-81BE-82D45D0C585C}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{6925A036-B5D8-4F14-81BE-82D45D0C585C}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command []
[-] Wert Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedMon]
[-] Wert Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedMon]
[-] Wert Gelöscht : HKU\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpeedMon]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16714 Bytes] ##########
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.02.2016
Suchlaufzeit: 19:46
Protokolldatei: MAMH160203.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.03.05
Rootkit-Datenbank: v2016.01.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: ASS-CO.de

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 413572
Abgelaufene Zeit: 26 Min., 57 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64 
Ran by ASS-CO.de (Administrator) on 03.02.2016 at 18:48:15,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\Users\ASS-CO.de\AppData\Local\com (Folder) 
Successfully deleted: C:\Users\ASS-CO.de\AppData\Local\pdfforge (Folder) 
Successfully deleted: C:\Users\ASS-CO.de\AppData\Roaming\pdfforge (Folder) 
Successfully deleted: C:\Program Files\pdfforge (Folder) 

Deleted the following from C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\prefs.js
user_pref(browser.search.searchengine.alias, mystartsearch);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.mystartsearch.com/favicon.ico);
user_pref(browser.search.searchengine.name, mystartsearch);
user_pref(browser.search.searchengine.ptid, cvs2);
user_pref(browser.search.searchengine.uid, ST1000LM014-1EJ164_W380V1TTXXXXW380V1TT);
user_pref(browser.search.searchengine.url, hxxp://www.mystartsearch.com/web/?type=ds&ts=1432549768&z=286a6524c0266c3b4a36c9cg6z3cfo8w9z1tem0m3e&from=cvs2&uid=ST1000LM014-1E



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2016 at 18:56:07,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von ASS-CO.de (Administrator) auf ASS-CO (03-02-2016 19:10:39)
Gestartet von C:\Users\ASS-CO.de\Desktop
Geladene Profile: ASS-CO.de (Verfügbare Profile: ASS-CO.de)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653720 2013-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353944 2013-09-16] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe [605512 2013-03-26] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe [140616 2013-03-26] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Forum Updater] => C:\Program Files (x86)\Forum Verlag\Unternehmensbewertung direkt\ForumUpdater.exe [2294784 2013-12-01] (Forum Verlag Herkert GmbH)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [Spotify Web Helper] => C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2016-01-30] (Spotify Ltd)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [Dropbox Update] => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\RunOnce: [Uninstall C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\MountPoints2: {6c0e7c53-6e53-11e3-826e-806e6f6e6963} - "E:\Telescope_Driver.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-15] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-05-05] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2014-04-04]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()
Startup: C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-02]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{34f19701-ad5c-43da-9b4c-fd988c605f4d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{de6e9dbe-6e6a-43e0-a872-b29a1c72cbe8}: [DhcpNameServer] 192.168.100.36 192.168.100.200

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation)
BHO-x32: Kein Name -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> Keine Datei
BHO-x32: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
Toolbar: HKLM-x32 - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDFViewer\bin\nppdf.dll [Keine Datei]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\bing-avast.xml [2014-10-16]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\google-avast.xml [2015-12-15]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\yahoo-avast.xml [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-11-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-15]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-18]
CHR Extension: (Google Docs) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-18]
CHR Extension: (Google Drive) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Gmail offline) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-08-18]
CHR Extension: (Google Tabellen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-18]
CHR Extension: (Avira Browserschutz) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Avira SafeSearch) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2016-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-18]
CHR Extension: (Zoho ContactManager) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncaihncjjemfmfijnjkmconhbnnjmop [2015-08-18]
CHR Extension: (Picasa) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-08-18]
CHR Extension: (Google Mail) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

Opera: 
=======
OPR Session Restore: -> ist aktiviert.

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-05-05] (Gladinet, INC)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2015-09-22] (Haufe-Lexware GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2013-12-03] () [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-15] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 PAC7302; C:\Windows\system32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-12-09] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-28] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-03 19:10 - 2016-02-03 19:11 - 00030764 _____ C:\Users\ASS-CO.de\Desktop\FRST.txt
2016-02-03 19:09 - 2016-02-01 11:36 - 02370560 _____ (Farbar) C:\Users\ASS-CO.de\Desktop\FRST64.exe
2016-02-03 18:56 - 2016-02-03 19:01 - 00001871 _____ C:\Users\ASS-CO.de\Desktop\JRT.txt
2016-02-03 18:00 - 2016-02-03 18:00 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-03 18:00 - 2016-02-03 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-03 18:00 - 2016-02-03 18:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-03 18:00 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-03 18:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-03 17:58 - 2016-02-03 17:59 - 22908888 _____ (Malwarebytes ) C:\Users\ASS-CO.de\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-03 16:55 - 2016-02-03 16:55 - 01609032 _____ (Malwarebytes) C:\Users\ASS-CO.de\Desktop\JRT.exe
2016-02-03 16:54 - 2016-02-03 16:54 - 01508352 _____ C:\Users\ASS-CO.de\Desktop\AdwCleaner_5.032.exe
2016-02-02 23:28 - 2016-02-02 23:53 - 00578928 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_23.28.45_log.txt
2016-02-02 21:01 - 2016-02-03 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-02 21:00 - 2016-02-03 18:54 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-02 21:00 - 2016-02-03 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-02 20:59 - 2016-02-02 23:14 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\mbar
2016-02-02 20:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-02 20:49 - 2016-02-02 20:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\ASS-CO.de\Desktop\mbar-1.09.3.1001.exe
2016-02-01 14:58 - 2016-02-01 15:51 - 00579368 _____ C:\TDSSKiller.3.1.0.9_01.02.2016_14.58.24_log.txt
2016-02-01 14:56 - 2016-02-01 14:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\ASS-CO.de\Desktop\tdsskiller.exe
2016-02-01 11:37 - 2016-02-03 19:10 - 00000000 ____D C:\FRST
2016-01-30 14:34 - 2016-01-30 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telescope Driver
2016-01-30 14:34 - 2016-01-30 14:34 - 00000000 ____D C:\Program Files (x86)\PixArt
2016-01-30 14:34 - 2007-11-20 17:58 - 00055296 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\Remove.exe
2016-01-30 14:34 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\Drivers\PAC7302.SYS
2016-01-30 14:34 - 2007-03-21 11:25 - 00000291 _____ C:\WINDOWS\SysWOW64\Remover.ini
2016-01-30 14:34 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\WINDOWS\SysWOW64\P7302USD.dll
2016-01-30 12:52 - 2016-01-30 12:52 - 00281428 _____ C:\WINDOWS\Minidump\013016-27140-01.dmp
2016-01-30 12:43 - 2016-01-30 12:43 - 00000000 ____D C:\WINDOWS\PixArt
2016-01-30 12:36 - 2008-04-11 19:10 - 00000566 _____ C:\WINDOWS\SysWOW64\SP7302.ini
2016-01-30 12:36 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\CoInst_071029.dll
2016-01-30 12:36 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\SP7302.ax
2016-01-25 10:25 - 2016-01-27 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-16 11:40 - 2016-01-16 11:40 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-16 11:40 - 2016-01-16 11:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-16 11:40 - 2016-01-16 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-15 17:35 - 2016-01-15 17:35 - 00109792 _____ C:\Users\ASS-CO.de\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-14 22:16 - 2016-01-14 22:16 - 00000000 ____H C:\Users\ASS-CO.de\Documents\Default.rdp
2016-01-14 22:10 - 2016-01-14 22:10 - 00759499 _____ C:\Users\ASS-CO.de\Downloads\BasicCoupon.pdf
2016-01-13 21:19 - 2016-01-13 21:20 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\de.a2c.bafa.statusseite
2016-01-13 21:19 - 2016-01-13 21:19 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMS.lnk
2016-01-13 21:19 - 2016-01-13 21:19 - 00000882 _____ C:\Users\Public\Desktop\AMS.lnk
2016-01-13 21:19 - 2016-01-13 21:19 - 00000000 ____D C:\Program Files (x86)\AMS
2016-01-12 20:35 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 20:35 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 20:35 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 20:35 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 20:35 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 20:35 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 20:35 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 20:35 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 20:35 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 20:35 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 20:35 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 20:35 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 20:35 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 20:35 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 20:35 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 20:35 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 20:35 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 20:35 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 20:35 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 20:35 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 20:35 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 20:35 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 20:35 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 20:35 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 20:35 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 20:35 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 20:35 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 20:35 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 20:35 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 20:35 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-12 20:35 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 20:35 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 20:35 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 20:35 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 20:35 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 20:35 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 20:35 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 20:35 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 20:35 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 20:35 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 20:35 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 20:35 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 20:35 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 20:35 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 20:35 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 20:35 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-11 20:04 - 2016-01-11 20:04 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMU.lnk
2016-01-11 20:04 - 2016-01-11 20:04 - 00000882 _____ C:\Users\Public\Desktop\AMU.lnk
2016-01-11 20:04 - 2016-01-11 20:04 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\de.a2c.bafa.antragsmanager.unternehmer
2016-01-11 20:04 - 2016-01-11 20:04 - 00000000 ____D C:\Program Files (x86)\AMU

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-03 18:55 - 2014-03-17 16:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-03 18:53 - 2015-06-26 13:42 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001UA.job
2016-02-03 18:38 - 2015-09-19 22:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-03 18:37 - 2015-12-11 04:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-03 18:37 - 2015-09-24 20:50 - 00000000 __SHD C:\Users\ASS-CO.de\IntelGraphicsProfiles
2016-02-03 18:37 - 2015-01-31 09:54 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\HTC MediaHub
2016-02-03 18:37 - 2014-10-09 12:39 - 00001714 _____ C:\WINDOWS\Tasks\XQSUKDD.job
2016-02-03 18:36 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-03 17:52 - 2014-06-04 14:07 - 00003974 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1395067677
2016-02-03 17:52 - 2014-03-17 15:47 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-03 17:52 - 2014-03-17 15:47 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-03 17:49 - 2014-02-27 19:55 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5CC6190B-CC9A-4172-A5B4-4AC465C57D80}
2016-02-03 17:44 - 2014-10-11 12:16 - 00000000 ____D C:\AdwCleaner
2016-02-03 17:44 - 2014-03-19 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2016-02-03 17:44 - 2013-11-21 16:34 - 00001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
2016-02-03 17:44 - 2013-11-21 16:34 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
2016-02-03 17:37 - 2015-09-19 22:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-03 14:08 - 2014-03-21 14:23 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\vlc
2016-02-03 10:53 - 2015-06-26 13:42 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001Core.job
2016-02-03 08:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-03 07:56 - 2015-07-01 20:36 - 00000000 ____D C:\Users\ASS-CO.de\Documents\Outlook-Dateien
2016-02-02 10:23 - 2015-05-04 22:28 - 00000000 ____D C:\Users\ASS-CO.de\.mediathek3
2016-02-02 08:32 - 2015-09-19 22:17 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 08:32 - 2015-09-19 22:17 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 08:25 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-30 22:40 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-30 22:40 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-30 22:40 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-30 22:40 - 2015-09-27 17:13 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-30 18:55 - 2014-05-11 10:06 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Spotify
2016-01-30 18:55 - 2014-05-11 10:06 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\Spotify
2016-01-30 18:52 - 2014-10-12 10:44 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Coronic
2016-01-30 17:44 - 2014-05-07 17:18 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\DVDVideoSoft
2016-01-30 14:37 - 2013-08-22 14:25 - 00000225 _____ C:\WINDOWS\win.ini
2016-01-30 13:12 - 2013-11-18 17:18 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-30 13:01 - 2015-12-11 04:02 - 00000000 ____D C:\Users\ASS-CO.de
2016-01-30 12:52 - 2015-12-19 00:46 - 699580217 _____ C:\WINDOWS\MEMORY.DMP
2016-01-30 12:52 - 2015-12-19 00:46 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-30 12:36 - 2013-11-12 16:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-29 22:50 - 2014-04-04 19:50 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\.oit
2016-01-29 22:45 - 2013-11-12 16:39 - 00000000 ____D C:\ProgramData\Temp
2016-01-29 08:38 - 2015-09-19 22:20 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-29 08:38 - 2015-09-19 22:20 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-29 08:03 - 2015-12-22 21:57 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\ElevatedDiagnostics
2016-01-28 16:06 - 2015-06-04 18:20 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\Gutscheine
2016-01-27 22:06 - 2015-05-21 12:20 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Skype
2016-01-27 21:57 - 2014-03-17 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-27 21:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-26 09:42 - 2014-10-12 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-26 09:42 - 2014-10-12 12:14 - 00000000 ____D C:\Program Files\Java
2016-01-26 09:41 - 2015-12-15 13:22 - 00000000 ____D C:\Users\ASS-CO.de\.oracle_jre_usage
2016-01-26 09:40 - 2014-10-12 12:15 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-20 22:21 - 2014-10-16 10:22 - 01065208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-01-20 22:21 - 2014-10-16 10:22 - 00464256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-01-18 15:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-16 23:15 - 2015-10-26 18:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-16 11:40 - 2015-05-21 12:20 - 00000000 ____D C:\ProgramData\Skype
2016-01-16 11:38 - 2015-12-01 22:47 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-01-16 11:38 - 2015-12-01 22:47 - 00001274 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-01-15 07:51 - 2014-10-16 10:23 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-14 20:25 - 2014-12-26 22:13 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 20:24 - 2015-07-06 11:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 14:47 - 2014-05-15 14:56 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\Bowser
2016-01-13 07:48 - 2015-12-11 03:45 - 00000000 ____D C:\Windows.old
2016-01-13 03:33 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 03:33 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-12 21:01 - 2014-03-19 10:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-12 20:48 - 2015-05-21 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 20:48 - 2013-11-12 13:49 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD
2015-07-09 23:40 - 2015-07-09 23:40 - 0000246 _____ () C:\Users\ASS-CO.de\AppData\Local\28A2F4676B8A4d43BEBB8C3D1D26B763.CalcTape1.calc
2014-01-18 20:46 - 2015-09-27 16:07 - 0888105 _____ () C:\Users\ASS-CO.de\AppData\Local\BTServer.log
2015-03-24 20:26 - 2015-03-24 20:26 - 0004096 ____H () C:\Users\ASS-CO.de\AppData\Local\keyfile3.drm
2014-03-21 11:04 - 2014-03-21 11:04 - 0000017 _____ () C:\Users\ASS-CO.de\AppData\Local\resmon.resmoncfg
2015-12-11 03:59 - 2015-12-11 03:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\ASS-CO.de\AppData\Local\Temp\EasyDownLightfp.exe
C:\Users\ASS-CO.de\AppData\Local\Temp\EasyDownLightrtd.exe
C:\Users\ASS-CO.de\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-25 08:00

==================== Ende von FRST.txt ============================

Alt 03.02.2016, 20:38   #10
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Schritt 4 FRST Addition


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von ASS-CO.de (2016-02-03 19:12:21)
Gestartet von C:\Users\ASS-CO.de\Desktop
Windows 10 Home (X64) (2015-12-11 03:48:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2303302459-3543981641-3380417783-500 - Administrator - Disabled)
ASS-CO.de (S-1-5-21-2303302459-3543981641-3380417783-1001 - Administrator - Enabled) => C:\Users\ASS-CO.de
DefaultAccount (S-1-5-21-2303302459-3543981641-3380417783-503 - Limited - Disabled)
Gast (S-1-5-21-2303302459-3543981641-3380417783-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2303302459-3543981641-3380417783-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.130 - Adobe Systems Incorporated)
AMS (HKLM-x32\...\de.a2c.bafa.statusseite) (Version: 1.5.0 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMS (x32 Version: 1.5.0 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.5.3 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.5.3 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ARIS EXPRESS (HKLM-x32\...\{49ABE0DF-5BC9-40E8-8996-7A2938BFB5C2}) (Version: 2.4 - Software AG)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avant Browser (remove only) (HKLM-x32\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-9120CN (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
CalcTape (HKLM-x32\...\{44B185C4-2566-4F38-A4F1-092FCDBB51A5}) (Version: 5.1.5 - SFR Software GmbH)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.44 - Abelssoft)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.5.613171 - NNG Llc.)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3215 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2103 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2103 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIEW - Dokumentenmanagement (HKLM-x32\...\diew) (Version:  - )
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 8.6  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.6 - CHENGDU YIWO Tech Development Co., Ltd)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.3.17800 - Landesfinanzdirektion Thüringen)
Envisioneer Express 5.0 (HKLM-x32\...\InstallShield_{BF6685DC-50F9-48EA-B2FF-99AF905D7660}) (Version: 5.0 - Cadsoft Corporation)
Envisioneer Express 5.0 (x32 Version: 5.0 - Cadsoft Corporation) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
K-Meleon 1.5.4 de-DE (nur entfernen) (HKLM-x32\...\K-Meleon) (Version: 1.5.4 - K-Meleon Team)
Lexware Abschreibungsrechner (x32 Version: 15.00.00.0006 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware büro easy 2016 (HKLM-x32\...\{66a4eae6-fce1-4a4a-96a0-bba2b4b81192}) (Version: 29.0.0.73 - Haufe-Lexware GmbH & Co.KG)
Lexware büro easy 2016 (x32 Version: 29.00.00.0073 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 16.01.00.0102 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{2611510f-f6cd-43fb-b4c6-539c0a42b668}) (Version: 16.1.0.104 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 5.00.00.0038 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.04.00.0043 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.01.00.0007 - Haufe-Lexware GmbH & Co.KG) Hidden
Lunascape6 (All Users) (HKLM-x32\...\Lunascape6) (Version: 6.10.0.27486 - Lunascape)
MailStore Home 8.2.1.10082 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.1.10082 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.3.2.1000 - Maxthon International Limited)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nuance Cloud Connector (HKLM-x32\...\{3D3375A3-27C5-4545-9F4C-099373B89C18}) (Version: 3.2.1046 - Nuance Communications, Inc.)
Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM-x32\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.1.1.24880 - pdfforge GmbH)
PDF Architect 3 Convert Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Forms Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Insert Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 OCR Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Review Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Secure Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
pdfforge Images2PDF 0.9.7.1125 (HKLM\...\{00120495-F25C-4F44-9DC7-2D812D025DBA}) (Version: 0.9.7.1125 - pdfforge)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0094 - Pegatron Corporation)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.093013 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7045 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.)
Sleipnir Version 4.4.4 (HKLM-x32\...\FenrirSleipnirV3_is1) (Version: 4.4.4 - Fenrir Inc.)
Sleipnir Version 6.1.6 (HKLM-x32\...\FenrirSleipnirV5_is1) (Version: 6.1.6 - Fenrir Inc.)
Spotify (HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
SRWare Iron Version SRWare Iron 40.2150.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
StreamTransport version: 1.1.6.2 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.20 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Unternehmensbewertung direkt Dezember 2015 (HKLM-x32\...\{5463F4AF-D67F-48D7-AB3D-4CADE2D46766}) (Version:  - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
ZinsMath 4.01 (HKLM-x32\...\ZinsMath) (Version: 4.01 - Torsten Wehner)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B66075-89AE-4D98-A47F-A43439C2423E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001Core => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {0A43E9C2-110F-466C-BF0C-8F1C7164F417} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {0A940D08-8DC6-491B-BD70-9C5E7F80403C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {0B7D4E80-5128-4F49-835F-54D4EF95D61F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0E7331AF-9FF0-4E49-AFEF-5059A5632E24} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-07-22] (CHIP)
Task: {0FCAFD17-B375-4066-BD7E-07AEBD4A9139} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {1D46E200-787C-4405-A71C-912CF9A842C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-29] (Adobe Systems Incorporated)
Task: {2D78A9EF-666A-4937-8208-D7D43577A428} - System32\Tasks\{C72944A2-871C-42B2-BB39-437349A24C35} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {30A60748-5AF5-40DA-8120-E99113D810F2} - System32\Tasks\avastBCLRestartS-1-5-21-2303302459-3543981641-3380417783-1001 => Chrome.exe 
Task: {525D9B53-676D-4A1B-8A4D-8CB8AA9D6D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {53365A74-5A75-4730-8484-123986D2D73B} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {59903BE0-6F76-4400-959D-581379D35691} - System32\Tasks\{DC0FC194-8E7B-471B-AF3B-1EB47EE62284} => pcalua.exe -a "C:\Program Files (x86)\RocketTab\uninstall.exe" -c /u=true /UserID=9b3f0e24-26d0-4e3d-bcab-0698be8c8064 /SourceID=browsersafeguard-rockettab-somoto /ImplementationID=browsersafeguard-rockettab-somoto /UC=20141009
Task: {5FFBD196-8BBF-4E2A-8551-3C4A4E87F111} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7080AFF4-A59C-45EA-B4E5-BC815B03A471} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-12-10] (Maxthon International ltd.)
Task: {943DCFA3-1FCF-439D-9A7A-D45513FED010} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {98BE7930-1F46-4ADA-8E14-C3F611848EE5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {BA04D874-4C23-4286-AA49-99A7EF45B4B3} - System32\Tasks\Opera scheduled Autoupdate 1395067677 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {C1C416A7-4411-4987-B31B-9BDF8CF70683} - System32\Tasks\{7411607B-A89D-4091-BE65-A2908A212465} => pcalua.exe -a C:\Users\ASS-CO.de\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=tugs <==== ACHTUNG
Task: {C5463E91-3D0A-4517-A603-20B29BE45A39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-12] (Microsoft Corporation)
Task: {E67762DC-9EFD-4C72-92D9-04094E4B1D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ED8D28ED-9B58-4280-8553-8D497F5C3416} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001UA => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {F4549734-B00F-4C97-847D-F5C0EB5E5615} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-15] (AVAST Software)
Task: {FB68DC08-36CE-4C77-BB47-829CE07F61EE} - System32\Tasks\XQSUKDD => C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD.exe <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001Core.job => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe/cASS-CO\ASS-CO.de
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001UA.job => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerASS-CO\ASS-CO.de
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\XQSUKDD.job => C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD.exeʺ/infocmdline=dRlP7wgy9RFKmJ6O0pKTvf3arj4rfZIki21ZZi4UxPvlpJyjvZsiueg4YBzEYynxolBhlvTLBGqzvfY2aNltZrKHpOIr8giLlUM3aTJChnH8RGwTZ0UVPuysD0W1/j1IVNwFryIevQ1Y48FJNakS/ZEQ+wiPlGtsZMQTxPeXvSOac/oe5jH3XgsJ/niKM8EY8knJj/fsN+P2Sc/SjflEG/Nh2hsbmOlLwoyKjkLWkz60tDRRyrhHT8szAS/N7Adn0y6YVFNVb8RvqVznxZw161mzIayTz1r88XSHwms83sOoR4DKiygWBTaCBO2N98ro0NDPOcpuQb395Dv3ukvguENQBXgN76AxupPLU6AOZAFkB8qOYQVtKYO3TFEqYXqrlBW+l16E7ex8hZOIJwFUPCrd03mIz8+GF39T6hyoLIeyIC2FBWTlqrOYYo4HBf1gpPKWzzaVdJShIsjvW7TZgEBxLSPh3woJ1X8N+c6Iv81CPtEobCsV/aJocOD9dZ6aqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=ASS-CO\ASS-CO.de <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\ASS-CO.de\Desktop\Ur-Verknüpfungen\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de
ShortcutWithArgument: C:\Users\ASS-CO.de\Desktop\Ur-Verknüpfungen\ALDI Nord Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nord.aldi-reisen.de/html_nord
ShortcutWithArgument: C:\Users\ASS-CO.de\Desktop\Ur-Verknüpfungen\ALDI Nord Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de
ShortcutWithArgument: C:\Users\ASS-CO.de\Desktop\Ur-Verknüpfungen\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2013-12-03 07:30 - 2013-12-03 00:21 - 00136192 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2013-11-12 16:53 - 2013-03-06 15:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-14 22:34 - 2005-04-22 13:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-05 12:35 - 2013-05-05 12:35 - 00222544 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2015-12-11 03:44 - 2015-12-11 03:44 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-11 03:44 - 2015-12-11 03:44 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 08:33 - 2016-01-22 08:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 08:34 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 08:34 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 20:36 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 20:35 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-12 20:36 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-12 20:36 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-26 17:09 - 2015-06-23 00:08 - 00245800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-15 10:21 - 2015-12-15 10:21 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-15 10:21 - 2015-12-15 10:21 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-03 13:27 - 2016-02-03 13:27 - 02819072 _____ () C:\Program Files\AVAST Software\Avast\defs\16020300\algo.dll
2015-12-15 10:21 - 2015-12-15 10:21 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-05-05 12:24 - 2013-05-05 12:24 - 00293200 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2013-05-05 12:25 - 2013-05-05 12:25 - 00080208 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2013-05-05 12:25 - 2013-05-05 12:25 - 00016720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2014-12-18 15:25 - 2014-12-18 15:25 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 15:26 - 2014-12-18 15:26 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 15:26 - 2014-12-18 15:26 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 15:26 - 2014-12-18 15:26 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 15:26 - 2014-12-18 15:26 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 15:29 - 2014-12-18 15:29 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 15:31 - 2014-12-18 15:31 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-10-30 07:23 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00186920 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-09-26 17:09 - 2015-06-22 23:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-09-26 17:09 - 2015-03-14 10:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-09-26 17:09 - 2015-03-14 10:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-09-26 17:09 - 2015-06-22 23:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-09-26 17:09 - 2015-03-14 10:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-09-26 17:09 - 2015-06-22 23:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-09-26 17:09 - 2015-06-22 23:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-09-26 17:09 - 2015-08-01 14:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-09-26 17:09 - 2015-06-22 23:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-01-22 08:33 - 2016-01-22 08:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 08:33 - 2016-01-22 08:33 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-15 10:21 - 2015-12-15 10:21 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-26 17:09 - 2014-12-14 23:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-19 09:29 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2014-03-19 09:29 - 2014-06-03 10:37 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2014-03-19 09:29 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2014-03-19 09:29 - 2013-11-21 07:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2014-03-19 09:29 - 2013-11-21 07:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2014-03-19 09:29 - 2013-11-21 07:37 - 02128152 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
2014-06-24 12:57 - 2014-06-03 10:37 - 04055504 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:FD9CE1F3

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Nuance Cloud Connector.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "YouCam Service"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Forum Updater"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "PPort14reminder"
HKLM\...\StartupApproved\Run32: => "PDFCreHook"
HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "mbot_de_144"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\StartupApproved\Run: => "Uninstall C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9EBB6B89-FD8E-4B4F-BC9F-6F3F0B2030D4}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{EB791200-C6FD-4494-81FE-AAC574B5E8C4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{54802754-A1D0-4274-93A1-D01217987815}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{116640E6-BE7F-4CA1-9BA2-4CF01B86ABFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7577FE93-0E10-4BB7-BFE0-617970B11A2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85612610-E730-4BE6-A72D-21DC655BEF29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B5537CE-3968-4794-A7B9-7EA0491B12EE}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{707D5515-BEC8-4535-8CE0-4BBBB2B54B0E}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{4F9F3F89-5E7B-45CA-A047-E5625C9E84A4}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{909C74F8-22C3-42AB-BEE2-0F400A70662F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{4D17BDDE-9658-4668-AA49-F42DEED8DCE7}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{6C7C8AFA-5824-403B-A15E-87CD8995BA98}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{565FBB2F-1A22-4CBE-AB5B-1822A211913A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F79A4CDA-F3D0-4742-B789-1574EA0FEB25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB6628D1-0F76-442A-A381-D89B1A3ACD06}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D725FFF-BA60-4ECD-A925-5C32DAA1F2E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{026FC64D-036D-45F2-B646-7FCA0DDD1E00}C:\users\ass-co.de\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ass-co.de\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1D683F13-996C-4666-8B96-9D33866F9D73}C:\users\ass-co.de\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ass-co.de\appdata\roaming\spotify\spotify.exe

==================== Wiederherstellungspunkte =========================

12-01-2016 20:37:31 Windows Update
20-01-2016 08:43:57 Geplanter Prüfpunkt
29-01-2016 08:06:54 Geplanter Prüfpunkt
30-01-2016 12:35:22 Installiert Telescope Driver
03-02-2016 18:46:46 JRT Pre-Junkware Removal
03-02-2016 18:48:16 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/03/2016 06:48:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/03/2016 06:47:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/03/2016 06:39:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.30.21727, Zeitstempel: 0x54bce4af
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da1c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bd8a8
ID des fehlerhaften Prozesses: 0x1d58
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.OE.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.OE.ServiceHost.exe5

Error: (02/03/2016 06:39:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/03/2016 06:38:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.30.21727, Zeitstempel: 0x54bce4af
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da1c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bd8a8
ID des fehlerhaften Prozesses: 0x176c
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.OE.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.OE.ServiceHost.exe5

Error: (02/03/2016 06:38:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/03/2016 06:38:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ASS-CO)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2016 06:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.30.21727, Zeitstempel: 0x54bce4af
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da1c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bd8a8
ID des fehlerhaften Prozesses: 0xd8c
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.OE.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.OE.ServiceHost.exe5

Error: (02/03/2016 06:37:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/03/2016 06:37:29 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)


Systemfehler:
=============
Error: (02/03/2016 06:39:50 PM) (Source: DCOM) (EventID: 10016) (User: ASS-CO)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ASS-COASS-CO.deS-1-5-21-2303302459-3543981641-3380417783-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/03/2016 06:39:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (02/03/2016 06:38:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:38:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:36:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_770c9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:36:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _770c9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:36:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_770c9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:36:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_770c9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/03/2016 06:36:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/03/2016 05:48:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-01-13 03:36:26.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 08:52:01.811
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 12:54:16.133
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-30 11:15:00.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 00:48:01.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-18 08:16:39.007
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-12 09:52:42.833
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-11 04:31:42.211
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-11 04:25:33.167
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-11 03:57:01.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 3975.78 MB
Verfügbarer physikalischer RAM: 1475.38 MB
Summe virtueller Speicher: 5383.78 MB
Verfügbarer virtueller Speicher: 2572.72 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:283.05 GB) (Free:183.22 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:44.3 GB) NTFS
Drive f: (Schnelle) (Fixed) (Total:146.48 GB) (Free:102.04 GB) NTFS
Drive g: (BuhaSt) (Fixed) (Total:97.66 GB) (Free:96.97 GB) NTFS
Drive h: (ASS-CO) (Fixed) (Total:146.48 GB) (Free:139.07 GB) NTFS
Drive i: (Downloads) (Fixed) (Total:195.31 GB) (Free:8.72 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0433B666)

Partition: GPT.

==================== Ende von Addition.txt ============================
hoffentlich war diesmal alles ok.

Liebe Grüße

Alt 04.02.2016, 16:17   #11
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Servus,



du hast alles richtig gepostet.



  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    ATTFilter
    Reimage;SpeedMon;Crossrider;{2D78A9EF-666A-4937-8208-D7D43577A428};{C72944A2-871C-42B2-BB39-437349A24C35};
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.
Alt 04.02.2016, 21:46   #12
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Hat FRST.txt erstellt /Search.txt wurde nicht erstellt


[CODE]Reimage;SpeedMon;Crossrider;{2D78A9EF-666A-4937-8208-D7D43577A428};{C72944A2-871C-42B2-BB39-437349A24C35};
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von ASS-CO.de (Administrator) auf ASS-CO (04-02-2016 21:32:22)
Gestartet von C:\Users\ASS-CO.de\Desktop
Geladene Profile: ASS-CO.de (Verfügbare Profile: ASS-CO.de)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
konnte nicht auf den Prozess zugreifen -> Avira.OE.ServiceHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653720 2013-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353944 2013-09-16] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe [605512 2013-03-26] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe [140616 2013-03-26] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Forum Updater] => C:\Program Files (x86)\Forum Verlag\Unternehmensbewertung direkt\ForumUpdater.exe [2294784 2013-12-01] (Forum Verlag Herkert GmbH)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [Spotify Web Helper] => C:\Users\ASS-CO.de\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2016-01-30] (Spotify Ltd)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [Dropbox Update] => C:\Users\ASS-CO.de\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\RunOnce: [Uninstall C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ASS-CO.de\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2303302459-3543981641-3380417783-1001\...\MountPoints2: {6c0e7c53-6e53-11e3-826e-806e6f6e6963} - "E:\Telescope_Driver.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-15] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2013-05-05] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2013-05-05] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2014-04-04]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()
Startup: C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\ASS-CO.de\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ASS-CO.de\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-02]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{34f19701-ad5c-43da-9b4c-fd988c605f4d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{de6e9dbe-6e6a-43e0-a872-b29a1c72cbe8}: [DhcpNameServer] 192.168.100.36 192.168.100.200

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation)
BHO-x32: Kein Name -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> Keine Datei
BHO-x32: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
Toolbar: HKLM-x32 - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDFViewer\bin\nppdf.dll [Keine Datei]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\bing-avast.xml [2014-10-16]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\google-avast.xml [2015-12-15]
FF SearchPlugin: C:\Users\ASS-CO.de\AppData\Roaming\Mozilla\Firefox\Profiles\7jaaahlv.default\searchplugins\yahoo-avast.xml [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-11-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-15]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-18]
CHR Extension: (Google Docs) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-18]
CHR Extension: (Google Drive) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Gmail offline) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-08-18]
CHR Extension: (Google Tabellen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-18]
CHR Extension: (Avira Browserschutz) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Avira SafeSearch) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2016-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-18]
CHR Extension: (Zoho ContactManager) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncaihncjjemfmfijnjkmconhbnnjmop [2015-08-18]
CHR Extension: (Picasa) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-08-18]
CHR Extension: (Google Mail) - C:\Users\ASS-CO.de\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

Opera: 
=======
OPR Session Restore: -> ist aktiviert.

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-05-05] (Gladinet, INC)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2015-09-22] (Haufe-Lexware GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2013-12-03] () [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-15] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-04] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 PAC7302; C:\Windows\system32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-12-09] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-28] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-03 20:20 - 2016-02-03 20:20 - 00001195 _____ C:\Users\ASS-CO.de\Desktop\MAMH160203.txt
2016-02-03 19:12 - 2016-02-03 19:13 - 00062666 _____ C:\Users\ASS-CO.de\Desktop\Addition.txt
2016-02-03 19:10 - 2016-02-04 21:32 - 00031764 _____ C:\Users\ASS-CO.de\Desktop\FRST.txt
2016-02-03 19:09 - 2016-02-01 11:36 - 02370560 _____ (Farbar) C:\Users\ASS-CO.de\Desktop\FRST64.exe
2016-02-03 18:56 - 2016-02-03 19:01 - 00001871 _____ C:\Users\ASS-CO.de\Desktop\JRT.txt
2016-02-03 18:00 - 2016-02-03 19:46 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-03 18:00 - 2016-02-03 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-03 18:00 - 2016-02-03 19:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-03 18:00 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-03 18:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-03 17:58 - 2016-02-03 17:59 - 22908888 _____ (Malwarebytes ) C:\Users\ASS-CO.de\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-03 16:55 - 2016-02-03 16:55 - 01609032 _____ (Malwarebytes) C:\Users\ASS-CO.de\Desktop\JRT.exe
2016-02-03 16:54 - 2016-02-03 16:54 - 01508352 _____ C:\Users\ASS-CO.de\Desktop\AdwCleaner_5.032.exe
2016-02-02 23:28 - 2016-02-02 23:53 - 00578928 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_23.28.45_log.txt
2016-02-02 21:01 - 2016-02-03 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-02 21:00 - 2016-02-04 21:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-02 21:00 - 2016-02-03 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-02 20:59 - 2016-02-02 23:14 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\mbar
2016-02-02 20:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-02 20:49 - 2016-02-02 20:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\ASS-CO.de\Desktop\mbar-1.09.3.1001.exe
2016-02-01 14:58 - 2016-02-01 15:51 - 00579368 _____ C:\TDSSKiller.3.1.0.9_01.02.2016_14.58.24_log.txt
2016-02-01 14:56 - 2016-02-01 14:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\ASS-CO.de\Desktop\tdsskiller.exe
2016-02-01 11:37 - 2016-02-04 21:32 - 00000000 ____D C:\FRST
2016-01-30 14:34 - 2016-01-30 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telescope Driver
2016-01-30 14:34 - 2016-01-30 14:34 - 00000000 ____D C:\Program Files (x86)\PixArt
2016-01-30 14:34 - 2007-11-20 17:58 - 00055296 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\Remove.exe
2016-01-30 14:34 - 2007-11-08 10:29 - 00527872 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\Drivers\PAC7302.SYS
2016-01-30 14:34 - 2007-03-21 11:25 - 00000291 _____ C:\WINDOWS\SysWOW64\Remover.ini
2016-01-30 14:34 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\WINDOWS\SysWOW64\P7302USD.dll
2016-01-30 12:52 - 2016-01-30 12:52 - 00281428 _____ C:\WINDOWS\Minidump\013016-27140-01.dmp
2016-01-30 12:43 - 2016-01-30 12:43 - 00000000 ____D C:\WINDOWS\PixArt
2016-01-30 12:36 - 2008-04-11 19:10 - 00000566 _____ C:\WINDOWS\SysWOW64\SP7302.ini
2016-01-30 12:36 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\WINDOWS\system32\CoInst_071029.dll
2016-01-30 12:36 - 2007-10-30 17:48 - 00129024 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\SP7302.ax
2016-01-25 10:25 - 2016-01-27 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-16 11:40 - 2016-01-16 11:40 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-16 11:40 - 2016-01-16 11:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-16 11:40 - 2016-01-16 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-15 17:35 - 2016-01-15 17:35 - 00109792 _____ C:\Users\ASS-CO.de\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-14 22:16 - 2016-01-14 22:16 - 00000000 ____H C:\Users\ASS-CO.de\Documents\Default.rdp
2016-01-14 22:10 - 2016-01-14 22:10 - 00759499 _____ C:\Users\ASS-CO.de\Downloads\BasicCoupon.pdf
2016-01-13 21:19 - 2016-01-13 21:20 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\de.a2c.bafa.statusseite
2016-01-13 21:19 - 2016-01-13 21:19 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMS.lnk
2016-01-13 21:19 - 2016-01-13 21:19 - 00000882 _____ C:\Users\Public\Desktop\AMS.lnk
2016-01-13 21:19 - 2016-01-13 21:19 - 00000000 ____D C:\Program Files (x86)\AMS
2016-01-12 20:35 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 20:35 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 20:35 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 20:35 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 20:35 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 20:35 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 20:35 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 20:35 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 20:35 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 20:35 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 20:35 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 20:35 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 20:35 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 20:35 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 20:35 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 20:35 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 20:35 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 20:35 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 20:35 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 20:35 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 20:35 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 20:35 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 20:35 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 20:35 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 20:35 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 20:35 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 20:35 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-12 20:35 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 20:35 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 20:35 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 20:35 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 20:35 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 20:35 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 20:35 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 20:35 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 20:35 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 20:35 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 20:35 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-12 20:35 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 20:35 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 20:35 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 20:35 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 20:35 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 20:35 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 20:35 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 20:35 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 20:35 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 20:35 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 20:35 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 20:35 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 20:35 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 20:35 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 20:35 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 20:35 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 20:35 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 20:35 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 20:35 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-11 20:04 - 2016-01-11 20:04 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMU.lnk
2016-01-11 20:04 - 2016-01-11 20:04 - 00000882 _____ C:\Users\Public\Desktop\AMU.lnk
2016-01-11 20:04 - 2016-01-11 20:04 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\de.a2c.bafa.antragsmanager.unternehmer
2016-01-11 20:04 - 2016-01-11 20:04 - 00000000 ____D C:\Program Files (x86)\AMU

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-04 21:27 - 2014-02-27 19:55 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5CC6190B-CC9A-4172-A5B4-4AC465C57D80}
2016-02-04 21:25 - 2015-09-24 20:50 - 00000000 __SHD C:\Users\ASS-CO.de\IntelGraphicsProfiles
2016-02-04 21:24 - 2015-12-11 04:02 - 00000000 ____D C:\Users\ASS-CO.de
2016-02-04 21:24 - 2015-09-19 22:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-04 21:24 - 2015-01-31 09:54 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\HTC MediaHub
2016-02-04 21:24 - 2014-10-09 12:39 - 00001714 _____ C:\WINDOWS\Tasks\XQSUKDD.job
2016-02-04 21:23 - 2015-12-11 04:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-04 14:31 - 2014-03-21 14:23 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\vlc
2016-02-04 13:15 - 2015-05-04 22:28 - 00000000 ____D C:\Users\ASS-CO.de\.mediathek3
2016-02-03 21:55 - 2014-03-17 16:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-03 21:53 - 2015-06-26 13:42 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001UA.job
2016-02-03 21:37 - 2015-09-19 22:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-03 18:36 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-03 17:52 - 2014-06-04 14:07 - 00003974 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1395067677
2016-02-03 17:52 - 2014-03-17 15:47 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-03 17:52 - 2014-03-17 15:47 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-03 17:44 - 2014-10-11 12:16 - 00000000 ____D C:\AdwCleaner
2016-02-03 17:44 - 2014-03-19 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2016-02-03 17:44 - 2013-11-21 16:34 - 00001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
2016-02-03 17:44 - 2013-11-21 16:34 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
2016-02-03 10:53 - 2015-06-26 13:42 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2303302459-3543981641-3380417783-1001Core.job
2016-02-03 08:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-03 07:56 - 2015-07-01 20:36 - 00000000 ____D C:\Users\ASS-CO.de\Documents\Outlook-Dateien
2016-02-02 08:32 - 2015-09-19 22:17 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 08:32 - 2015-09-19 22:17 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 08:25 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-30 22:40 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-30 22:40 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-30 22:40 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-30 22:40 - 2015-09-27 17:13 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-30 18:55 - 2014-05-11 10:06 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Spotify
2016-01-30 18:55 - 2014-05-11 10:06 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\Spotify
2016-01-30 18:52 - 2014-10-12 10:44 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Coronic
2016-01-30 17:44 - 2014-05-07 17:18 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\DVDVideoSoft
2016-01-30 14:37 - 2013-08-22 14:25 - 00000225 _____ C:\WINDOWS\win.ini
2016-01-30 13:12 - 2013-11-18 17:18 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-30 12:52 - 2015-12-19 00:46 - 699580217 _____ C:\WINDOWS\MEMORY.DMP
2016-01-30 12:52 - 2015-12-19 00:46 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-30 12:36 - 2013-11-12 16:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-29 22:50 - 2014-04-04 19:50 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\.oit
2016-01-29 22:45 - 2013-11-12 16:39 - 00000000 ____D C:\ProgramData\Temp
2016-01-29 08:38 - 2015-09-19 22:20 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-29 08:38 - 2015-09-19 22:20 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-29 08:03 - 2015-12-22 21:57 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Local\ElevatedDiagnostics
2016-01-28 16:06 - 2015-06-04 18:20 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\Gutscheine
2016-01-27 22:06 - 2015-05-21 12:20 - 00000000 ____D C:\Users\ASS-CO.de\AppData\Roaming\Skype
2016-01-27 21:57 - 2014-03-17 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-27 21:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-26 09:42 - 2014-10-12 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-26 09:42 - 2014-10-12 12:14 - 00000000 ____D C:\Program Files\Java
2016-01-26 09:41 - 2015-12-15 13:22 - 00000000 ____D C:\Users\ASS-CO.de\.oracle_jre_usage
2016-01-26 09:40 - 2014-10-12 12:15 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-20 22:21 - 2014-10-16 10:22 - 01065208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-01-20 22:21 - 2014-10-16 10:22 - 00464256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-01-18 15:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-16 23:15 - 2015-10-26 18:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-16 11:40 - 2015-05-21 12:20 - 00000000 ____D C:\ProgramData\Skype
2016-01-16 11:38 - 2015-12-01 22:47 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-01-16 11:38 - 2015-12-01 22:47 - 00001274 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-01-15 07:51 - 2014-10-16 10:23 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-14 20:25 - 2014-12-26 22:13 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 20:24 - 2015-07-06 11:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 14:47 - 2014-05-15 14:56 - 00000000 ____D C:\Users\ASS-CO.de\Desktop\Bowser
2016-01-13 07:48 - 2015-12-11 03:45 - 00000000 ____D C:\Windows.old
2016-01-13 03:33 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 03:33 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-12 21:01 - 2014-03-19 10:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-12 20:48 - 2015-05-21 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 20:48 - 2013-11-12 13:49 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD
2015-07-09 23:40 - 2015-07-09 23:40 - 0000246 _____ () C:\Users\ASS-CO.de\AppData\Local\28A2F4676B8A4d43BEBB8C3D1D26B763.CalcTape1.calc
2014-01-18 20:46 - 2015-09-27 16:07 - 0888105 _____ () C:\Users\ASS-CO.de\AppData\Local\BTServer.log
2015-03-24 20:26 - 2015-03-24 20:26 - 0004096 ____H () C:\Users\ASS-CO.de\AppData\Local\keyfile3.drm
2014-03-21 11:04 - 2014-03-21 11:04 - 0000017 _____ () C:\Users\ASS-CO.de\AppData\Local\resmon.resmoncfg
2015-12-11 03:59 - 2015-12-11 03:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\ASS-CO.de\AppData\Local\Temp\EasyDownLightfp.exe
C:\Users\ASS-CO.de\AppData\Local\Temp\EasyDownLightrtd.exe
C:\Users\ASS-CO.de\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-04 08:25

==================== Ende von FRST.txt ============================
--- --- ---
Alt 05.02.2016, 17:46   #13
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Servus,



meine Anleitung bitte genau lesen, du sollst eine Registry-Suche machen und die Code-Box oben die Zeile vorher einfügen.

Nochmal bitte.

Alt 05.02.2016, 19:15   #14
trumpet78
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Code:
ATTFilter
Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von ASS-CO.de (2016-02-05 19:10:03)
Gestartet von C:\Users\ASS-CO.de\Desktop
Start-Modus: Normal

================== Registry-Suche: "Reimage;SpeedMon;Crossrider;{2D78A9EF-666A-4937-8208-D7D43577A428};{C72944A2-871C-42B2-BB39-437349A24C35}" ===========


===================== Suchergebnis für "Reimage" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ReiExpressContainer.exe]
""="C:\Program Files\Reimage\Reimage Express\ReiExpressContainer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\ReiExpressContainer.exe]
""="C:\Program Files\Reimage\Reimage Express\ReiExpressContainer.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
"ResumeRestoreImageStartTimestamp"="0"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Reimage\Reimage Express\ReimageExpress.exe"="0x5341435001000000000000000700000028000000A8010900019E090001000000000000000000010600010000975FD891C99ECE010000000000000000"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.SettingsApp%5CWindows.UI.SettingsApp.pri\1cfbe8c8a894cec\399ff83b]
"@{windows?ms-resource://Windows.UI.SettingsApp/SearchResources/SystemSettings_Misc_RefreshYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.SettingsApp%5CWindows.UI.SettingsApp.pri\1cfbe8c8a894cec\9f42ebe6]
"@{windows?ms-resource://Windows.UI.SettingsApp/SearchResources/SystemSettings_Misc_RefreshYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\588addd4]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_ResetYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\588addd4]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows7/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\588addd4]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows8_1/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\c14b58b3]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_PreviewBuild/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\c14b58b3]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows8/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"I:\01 Programme System\Browser\ReimageRepair.exe"="0x534143500100000000000000070000002800000020D70B00E2270C0001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000004BC20C00000000000100000001000000"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ScanSoft\PaperPort\AquireImage]

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.SettingsApp%5CWindows.UI.SettingsApp.pri\1cfbe8c8a894cec\399ff83b]
"@{windows?ms-resource://Windows.UI.SettingsApp/SearchResources/SystemSettings_Misc_ResetYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWindows%5CSystemResources%5CWindows.UI.SettingsApp%5CWindows.UI.SettingsApp.pri\1cfbe8c8a894cec\9f42ebe6]
"@{windows?ms-resource://Windows.UI.SettingsApp/SearchResources/SystemSettings_Misc_ResetYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\588addd4]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_PreviewBuild/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\588addd4]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows8/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\c14b58b3]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_ResetYourPC/LowKeywords}"="löschen löscht;formatieren formatiert;Format Formate;Reimaging ausführen;Re-Imaging ausführen;Reimaging;Re-Imaging;reaktivieren;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\c14b58b3]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows7/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\MrtCache\C:%5CWINDOWS%5CSystemResources%5CWindows.UI.SettingsAppThreshold%5CWindows.UI.SettingsAppThreshold.pri\1d112e3504d0c94\c14b58b3]
"@{windows?ms-resource://Windows.UI.SettingsAppThreshold/SearchResources/SystemSettings_Misc_RollbackYourPC_Windows8_1/LowKeywords}"="löschen löscht;formatieren formatiert;Re-Imaging;reaktivieren;löschen löscht;erase erases;format formats;PC PCs;reimage;re-image;reinstate;system;wipe wipes"


===================== Suchergebnis für "Crossrider" ==========

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Code]
"AppJavaScript"="  /************************************************************************************
  This is your Page Code. The appAPI.ready() code block will be executed on every page load.
  For more information please visit our docs site: hxxp://docs.crossrider.com
*************************************************************************************/

appAPI.ready(function($) {

    // Place your code here (you can also define new functions above this scope)
    // The $ object is the extension's jQuery object

    

});
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\13]
"Name"="CrossriderAppUtils"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\36]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.isBackground=true;appAPI.tabId="BG";appAPI.internal.scope=Consts.SCOPE.BACKGROUND;appAPI.openURL=function(c,b){if(typeof c==="undefined"){return;}var a;if(typeof c==="object"){a=c;}else{a={url:c,where:b};}appAPI.internal.message.send({eventName:"openURL",eventContent:a});};appAPI.internal.runHelper=function(a){if(typeof a!=="string"){console.error("appAPI.runHelper - Invalid parameter. Expected string (1st param) but got: "+(typeof a));return;}appAPI.internal.message.send({eventName:"runHelper",eventContent:a});};window.alert=function(a){a=(a===null?"null":a);a=(typeof a==="undefined"?"undefined":a);appAPIinternal.alert(a);};appAPI.internal._isMonitorAPISupported_=function(){return(typeof appAPIinternal.supportMonitor!=="undefined");};window.open=function(b,a,d,c){appAPI.internal.message.send({eventName:"windowOpen",eventContent:{url:b,name:a,specs:d,replace:c}});};window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;(function(){appAPI.internal.callbackCounter=0;function b(f,h,g){var d=appAPI.internal.prefs.getChar(appAPI.appInfo.id,"Crossrider\\"+f);if(d){d=appAPI.JSON.parse(d);}else{d={};}appAPI.internal.callbackCounter++;d
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\37]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.internal.browserEventCode=true;window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;appAPI.internal.callbacks.setEventHandler("openURL",function(b){if(appAPI.isActiveTab()){var a={url:b.url,where:b.where,focus:(typeof b.focus==="boolean"?b.focus:true),height:(typeof b.height==="number"?b.height:750),width:(typeof b.width==="number"?b.width:750),top:(typeof b.top==="number"?b.top:100),left:(typeof b.left==="number"?b.left:100),focusTimer:(typeof b.focusTimer==="number"?b.focusTimer:0),focusDelay:(typeof b.focusDelay==="number"?b.focusDelay:0)};appAPI.openURL(a);}});appAPI.internal.callbacks.setEventHandler("runHelper",function(b){if(appAPI.isActiveTab()){var a=b;appAPIinternal.run(a);}});(function(){function a(e){var c=appAPI.internal.prefs.getChar(e,"Crossrider\\onBeforeNavigate");if(typeof c!=="string"){return 0;}if(c.length===0){return 0;}c=appAPI.JSON.parse(c);if(typeof c!=="object"){return 0;}var d=0;for(var b in c){d++;appAPI.internal.callbacks.addListener("onBeforeNavigate",function(h,g){var k=appAPI.internal.callbacks.onBeforeNavigate.listenersAdditionalData
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\41]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}(function(a){appAPI.isBackground=false;appAPI.tabId=a.getBhoInstanceId();appAPI.getTabId=function(){return appAPI.tabId;};appAPI.isActiveTab=function(){return appAPIinternal.isActiveTab();};appAPI.platform="IE";if(typeof appAPI.appInfo==="undefined"){appAPI.appInfo={};}var c=appAPI.internal.prefs.getChar("fullVersionForUrl","Installer");if(typeof c==="string"){appAPI.appInfo.platformVersion=c;}else{appAPI.appInfo.platformVersion=appAPI.internal.prefs.getChar("fullVersion","Installer");}appAPI.appInfo.userId=appAPI.internal.prefs.getChar("bic","Crossrider");appAPI.appInfo.id=appAPI.internal.prefs.getInt("activeAppId","");appAPI.appInfo.version=appAPI.internal.prefs.getInt("version","Manifest");appAPI.appInfo.description=appAPI.internal.prefs.getChar("description","Manifest");appAPI.appInfo.name=appAPI.internal.prefs.getChar("name","Manifest");appAPI.appInfo.publisherName=appAPI.internal.prefs.getChar("publisherName","Manifest");appAPI.appInfo.environment=appAPI.internal.prefs.getChar("ModeType","Manifest");appAPI.appInfo.backgroundVersion=appAPI.internal.prefs.getChar("BgVersion","Manifest");appAPI.appInfo.pluginsVersion=appAPI.internal.prefs.getChar("PluginsManifestVersion","Manifest");appAPI.appID=appAPI.appInfo.id;appAPI.version=appAPI.appInfo.version;appAPI.cr_version=appAPI.appInfo.platformVersion;appAPI.getCrossriderID=function(){return appAPI.appInfo.userId;};if(typeof appAPI.installer==="undefined"){appAPI.installer={};}appAPI.installer.getIds=function(){var e={};if(typeof appAPI.appInfo.userId==="string"){e.installer_bic=appAPI.appInfo.userId;}var d=appAPI.internal.prefs.getChar("verifier","Crossrider");if(typeof d==="string"){e.installer_verifier=d;}var f=appAPI.internal.prefs.getChar("215AppVerifier","Crossrider");if(typeof f==="string"){e.installer_verifier_for_215app=f;}return e;};appAPI.installer.getUserId=function(){return appAPI.appInfo.userId;};appAPI.installer.getInstalledSoftware=function(){var d=appAPI.internal.prefs.getChar("SoftwareDetected","Installer");if(typeof d==="string"){return appAPI.JSON.parse(d);}return null;};appAPI.installer.getVersion=function(){return appAPI.internal.prefs.getChar("FullVersion","Installer");};if(typeof appAPI.internal.installer==="undefined"){appAPI.internal.installer={};}try{appAPI.internal.installer.version=appAPI.installer.getVersion();}catch(b){}if((appAPI.internal.prefs.getInt("Reinstall","Installer")===1)){appAPI.internal.installer.isFirstInstall="__REINSTALL__";}else{appAPI.internal.installer.isFirstInstall="__FIRST_INSTALL__";}appAPI.installer.getDefaultBrowser=function(){var d=appAPI.internal.prefs.getChar("DefaultBrowser","Installer");return(d?d:"na");};appAPI.installer.getAdditionalInfo=function(){try{return appAPI.JSON.parse(appAPI.internal.prefs.getChar("AdditionalInfo","Installer"));}catch(d){}return null;};})(appAPIinternal);
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\47]
"JavaScript"="
(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:(function(){var D=appAPI.appInfo;if(D){return appAPI.appInfo.id;}else{return appAPI.appID;}})(),url:{base:{production:
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\78]
"Name"="CrossriderInfo"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\94]
"JavaScript"="
appAPI.isBackground=false;appAPI.tabId="POPUP";appAPI.internal.scope=Consts.SCOPE.POPUP;appAPI.browserAction.setBadgeBackgroundColor=function(a){if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Expected an array but got: "+(typeof a));return;}if(a.length!==4){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Color array should have 4 members (RGBA)");return;}appAPI.internal.message.send({eventName:"onSetBadgeColorFromPopup",eventContent:a});};appAPI.browserAction.setBadgeText=function(c,a){var b={};if(typeof c!=="string"){console.error("appAPI.browserAction.setIcon - Invalid parameter. Expected string (1st param) but got: "+(typeof c));return;}b.text=c;if(typeof a==="undefined"||a===null){b.color=null;}else{if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Expected an array (2nd param) but got: "+(typeof a));return;}else{if(a.length!==4){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Color array (2nd param) should have 4 members (RGBA)");return;}else{b.color=a;}}}appAPI.internal.message.send({eventName:"onSetBadgeTextFromPopup",eventContent:b});};if(typeof window.crossriderMain!=="undefined"){window.crossriderMain($jquery);}
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\13]
"Name"="CrossriderAppUtils"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\36]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.isBackground=true;appAPI.tabId="BG";appAPI.internal.scope=Consts.SCOPE.BACKGROUND;appAPI.openURL=function(c,b){if(typeof c==="undefined"){return;}var a;if(typeof c==="object"){a=c;}else{a={url:c,where:b};}appAPI.internal.message.send({eventName:"openURL",eventContent:a});};appAPI.internal.runHelper=function(a){if(typeof a!=="string"){console.error("appAPI.runHelper - Invalid parameter. Expected string (1st param) but got: "+(typeof a));return;}appAPI.internal.message.send({eventName:"runHelper",eventContent:a});};window.alert=function(a){a=(a===null?"null":a);a=(typeof a==="undefined"?"undefined":a);appAPIinternal.alert(a);};appAPI.internal._isMonitorAPISupported_=function(){return(typeof appAPIinternal.supportMonitor!=="undefined");};window.open=function(b,a,d,c){appAPI.internal.message.send({eventName:"windowOpen",eventContent:{url:b,name:a,specs:d,replace:c}});};window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;(function(){appAPI.internal.callbackCounter=0;function b(f,h,g){var d=appAPI.internal.prefs.getChar(appAPI.appInfo.id,"Crossrider\\"+f);if(d){d=appAPI.JSON.parse(d);}else{d={};}appAPI.internal.callbackCounter++;d
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\37]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.internal.browserEventCode=true;window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;appAPI.internal.callbacks.setEventHandler("openURL",function(b){if(appAPI.isActiveTab()){var a={url:b.url,where:b.where,focus:(typeof b.focus==="boolean"?b.focus:true),height:(typeof b.height==="number"?b.height:750),width:(typeof b.width==="number"?b.width:750),top:(typeof b.top==="number"?b.top:100),left:(typeof b.left==="number"?b.left:100),focusTimer:(typeof b.focusTimer==="number"?b.focusTimer:0),focusDelay:(typeof b.focusDelay==="number"?b.focusDelay:0)};appAPI.openURL(a);}});appAPI.internal.callbacks.setEventHandler("runHelper",function(b){if(appAPI.isActiveTab()){var a=b;appAPIinternal.run(a);}});(function(){function a(e){var c=appAPI.internal.prefs.getChar(e,"Crossrider\\onBeforeNavigate");if(typeof c!=="string"){return 0;}if(c.length===0){return 0;}c=appAPI.JSON.parse(c);if(typeof c!=="object"){return 0;}var d=0;for(var b in c){d++;appAPI.internal.callbacks.addListener("onBeforeNavigate",function(h,g){var k=appAPI.internal.callbacks.onBeforeNavigate.listenersAdditionalData
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\41]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}(function(a){appAPI.isBackground=false;appAPI.tabId=a.getBhoInstanceId();appAPI.getTabId=function(){return appAPI.tabId;};appAPI.isActiveTab=function(){return appAPIinternal.isActiveTab();};appAPI.platform="IE";if(typeof appAPI.appInfo==="undefined"){appAPI.appInfo={};}var c=appAPI.internal.prefs.getChar("fullVersionForUrl","Installer");if(typeof c==="string"){appAPI.appInfo.platformVersion=c;}else{appAPI.appInfo.platformVersion=appAPI.internal.prefs.getChar("fullVersion","Installer");}appAPI.appInfo.userId=appAPI.internal.prefs.getChar("bic","Crossrider");appAPI.appInfo.id=appAPI.internal.prefs.getInt("activeAppId","");appAPI.appInfo.version=appAPI.internal.prefs.getInt("version","Manifest");appAPI.appInfo.description=appAPI.internal.prefs.getChar("description","Manifest");appAPI.appInfo.name=appAPI.internal.prefs.getChar("name","Manifest");appAPI.appInfo.publisherName=appAPI.internal.prefs.getChar("publisherName","Manifest");appAPI.appInfo.environment=appAPI.internal.prefs.getChar("ModeType","Manifest");appAPI.appInfo.backgroundVersion=appAPI.internal.prefs.getChar("BgVersion","Manifest");appAPI.appInfo.pluginsVersion=appAPI.internal.prefs.getChar("PluginsManifestVersion","Manifest");appAPI.appID=appAPI.appInfo.id;appAPI.version=appAPI.appInfo.version;appAPI.cr_version=appAPI.appInfo.platformVersion;appAPI.getCrossriderID=function(){return appAPI.appInfo.userId;};if(typeof appAPI.installer==="undefined"){appAPI.installer={};}appAPI.installer.getIds=function(){var e={};if(typeof appAPI.appInfo.userId==="string"){e.installer_bic=appAPI.appInfo.userId;}var d=appAPI.internal.prefs.getChar("verifier","Crossrider");if(typeof d==="string"){e.installer_verifier=d;}var f=appAPI.internal.prefs.getChar("215AppVerifier","Crossrider");if(typeof f==="string"){e.installer_verifier_for_215app=f;}return e;};appAPI.installer.getUserId=function(){return appAPI.appInfo.userId;};appAPI.installer.getInstalledSoftware=function(){var d=appAPI.internal.prefs.getChar("SoftwareDetected","Installer");if(typeof d==="string"){return appAPI.JSON.parse(d);}return null;};appAPI.installer.getVersion=function(){return appAPI.internal.prefs.getChar("FullVersion","Installer");};if(typeof appAPI.internal.installer==="undefined"){appAPI.internal.installer={};}try{appAPI.internal.installer.version=appAPI.installer.getVersion();}catch(b){}if((appAPI.internal.prefs.getInt("Reinstall","Installer")===1)){appAPI.internal.installer.isFirstInstall="__REINSTALL__";}else{appAPI.internal.installer.isFirstInstall="__FIRST_INSTALL__";}appAPI.installer.getDefaultBrowser=function(){var d=appAPI.internal.prefs.getChar("DefaultBrowser","Installer");return(d?d:"na");};appAPI.installer.getAdditionalInfo=function(){try{return appAPI.JSON.parse(appAPI.internal.prefs.getChar("AdditionalInfo","Installer"));}catch(d){}return null;};})(appAPIinternal);
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\47]
"JavaScript"="
(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:(function(){var D=appAPI.appInfo;if(D){return appAPI.appInfo.id;}else{return appAPI.appID;}})(),url:{base:{production:
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\78]
"Name"="CrossriderInfo"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\94]
"JavaScript"="
appAPI.isBackground=false;appAPI.tabId="POPUP";appAPI.internal.scope=Consts.SCOPE.POPUP;appAPI.browserAction.setBadgeBackgroundColor=function(a){if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Expected an array but got: "+(typeof a));return;}if(a.length!==4){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Color array should have 4 members (RGBA)");return;}appAPI.internal.message.send({eventName:"onSetBadgeColorFromPopup",eventContent:a});};appAPI.browserAction.setBadgeText=function(c,a){var b={};if(typeof c!=="string"){console.error("appAPI.browserAction.setIcon - Invalid parameter. Expected string (1st param) but got: "+(typeof c));return;}b.text=c;if(typeof a==="undefined"||a===null){b.color=null;}else{if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Expected an array (2nd param) but got: "+(typeof a));return;}else{if(a.length!==4){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Color array (2nd param) should have 4 members (RGBA)");return;}else{b.color=a;}}}appAPI.internal.message.send({eventName:"onSetBadgeTextFromPopup",eventContent:b});};if(typeof window.crossriderMain!=="undefined"){window.crossriderMain($jquery);}
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Code]
"AppJavaScript"="  /************************************************************************************
  This is your Page Code. The appAPI.ready() code block will be executed on every page load.
  For more information please visit our docs site: hxxp://docs.crossrider.com
*************************************************************************************/

appAPI.ready(function($) {

    // Place your code here (you can also define new functions above this scope)
    // The $ object is the extension's jQuery object

    

});
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\13]
"Name"="CrossriderAppUtils"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\36]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.isBackground=true;appAPI.tabId="BG";appAPI.internal.scope=Consts.SCOPE.BACKGROUND;appAPI.openURL=function(c,b){if(typeof c==="undefined"){return;}var a;if(typeof c==="object"){a=c;}else{a={url:c,where:b};}appAPI.internal.message.send({eventName:"openURL",eventContent:a});};appAPI.internal.runHelper=function(a){if(typeof a!=="string"){console.error("appAPI.runHelper - Invalid parameter. Expected string (1st param) but got: "+(typeof a));return;}appAPI.internal.message.send({eventName:"runHelper",eventContent:a});};window.alert=function(a){a=(a===null?"null":a);a=(typeof a==="undefined"?"undefined":a);appAPIinternal.alert(a);};appAPI.internal._isMonitorAPISupported_=function(){return(typeof appAPIinternal.supportMonitor!=="undefined");};window.open=function(b,a,d,c){appAPI.internal.message.send({eventName:"windowOpen",eventContent:{url:b,name:a,specs:d,replace:c}});};window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;(function(){appAPI.internal.callbackCounter=0;function b(f,h,g){var d=appAPI.internal.prefs.getChar(appAPI.appInfo.id,"Crossrider\\"+f);if(d){d=appAPI.JSON.parse(d);}else{d={};}appAPI.internal.callbackCounter++;d
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\37]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.internal.browserEventCode=true;window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;appAPI.internal.callbacks.setEventHandler("openURL",function(b){if(appAPI.isActiveTab()){var a={url:b.url,where:b.where,focus:(typeof b.focus==="boolean"?b.focus:true),height:(typeof b.height==="number"?b.height:750),width:(typeof b.width==="number"?b.width:750),top:(typeof b.top==="number"?b.top:100),left:(typeof b.left==="number"?b.left:100),focusTimer:(typeof b.focusTimer==="number"?b.focusTimer:0),focusDelay:(typeof b.focusDelay==="number"?b.focusDelay:0)};appAPI.openURL(a);}});appAPI.internal.callbacks.setEventHandler("runHelper",function(b){if(appAPI.isActiveTab()){var a=b;appAPIinternal.run(a);}});(function(){function a(e){var c=appAPI.internal.prefs.getChar(e,"Crossrider\\onBeforeNavigate");if(typeof c!=="string"){return 0;}if(c.length===0){return 0;}c=appAPI.JSON.parse(c);if(typeof c!=="object"){return 0;}var d=0;for(var b in c){d++;appAPI.internal.callbacks.addListener("onBeforeNavigate",function(h,g){var k=appAPI.internal.callbacks.onBeforeNavigate.listenersAdditionalData
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\41]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}(function(a){appAPI.isBackground=false;appAPI.tabId=a.getBhoInstanceId();appAPI.getTabId=function(){return appAPI.tabId;};appAPI.isActiveTab=function(){return appAPIinternal.isActiveTab();};appAPI.platform="IE";if(typeof appAPI.appInfo==="undefined"){appAPI.appInfo={};}var c=appAPI.internal.prefs.getChar("fullVersionForUrl","Installer");if(typeof c==="string"){appAPI.appInfo.platformVersion=c;}else{appAPI.appInfo.platformVersion=appAPI.internal.prefs.getChar("fullVersion","Installer");}appAPI.appInfo.userId=appAPI.internal.prefs.getChar("bic","Crossrider");appAPI.appInfo.id=appAPI.internal.prefs.getInt("activeAppId","");appAPI.appInfo.version=appAPI.internal.prefs.getInt("version","Manifest");appAPI.appInfo.description=appAPI.internal.prefs.getChar("description","Manifest");appAPI.appInfo.name=appAPI.internal.prefs.getChar("name","Manifest");appAPI.appInfo.publisherName=appAPI.internal.prefs.getChar("publisherName","Manifest");appAPI.appInfo.environment=appAPI.internal.prefs.getChar("ModeType","Manifest");appAPI.appInfo.backgroundVersion=appAPI.internal.prefs.getChar("BgVersion","Manifest");appAPI.appInfo.pluginsVersion=appAPI.internal.prefs.getChar("PluginsManifestVersion","Manifest");appAPI.appID=appAPI.appInfo.id;appAPI.version=appAPI.appInfo.version;appAPI.cr_version=appAPI.appInfo.platformVersion;appAPI.getCrossriderID=function(){return appAPI.appInfo.userId;};if(typeof appAPI.installer==="undefined"){appAPI.installer={};}appAPI.installer.getIds=function(){var e={};if(typeof appAPI.appInfo.userId==="string"){e.installer_bic=appAPI.appInfo.userId;}var d=appAPI.internal.prefs.getChar("verifier","Crossrider");if(typeof d==="string"){e.installer_verifier=d;}var f=appAPI.internal.prefs.getChar("215AppVerifier","Crossrider");if(typeof f==="string"){e.installer_verifier_for_215app=f;}return e;};appAPI.installer.getUserId=function(){return appAPI.appInfo.userId;};appAPI.installer.getInstalledSoftware=function(){var d=appAPI.internal.prefs.getChar("SoftwareDetected","Installer");if(typeof d==="string"){return appAPI.JSON.parse(d);}return null;};appAPI.installer.getVersion=function(){return appAPI.internal.prefs.getChar("FullVersion","Installer");};if(typeof appAPI.internal.installer==="undefined"){appAPI.internal.installer={};}try{appAPI.internal.installer.version=appAPI.installer.getVersion();}catch(b){}if((appAPI.internal.prefs.getInt("Reinstall","Installer")===1)){appAPI.internal.installer.isFirstInstall="__REINSTALL__";}else{appAPI.internal.installer.isFirstInstall="__FIRST_INSTALL__";}appAPI.installer.getDefaultBrowser=function(){var d=appAPI.internal.prefs.getChar("DefaultBrowser","Installer");return(d?d:"na");};appAPI.installer.getAdditionalInfo=function(){try{return appAPI.JSON.parse(appAPI.internal.prefs.getChar("AdditionalInfo","Installer"));}catch(d){}return null;};})(appAPIinternal);
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\47]
"JavaScript"="
(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:(function(){var D=appAPI.appInfo;if(D){return appAPI.appInfo.id;}else{return appAPI.appID;}})(),url:{base:{production:
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\78]
"Name"="CrossriderInfo"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1\Plugins\94]
"JavaScript"="
appAPI.isBackground=false;appAPI.tabId="POPUP";appAPI.internal.scope=Consts.SCOPE.POPUP;appAPI.browserAction.setBadgeBackgroundColor=function(a){if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Expected an array but got: "+(typeof a));return;}if(a.length!==4){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Color array should have 4 members (RGBA)");return;}appAPI.internal.message.send({eventName:"onSetBadgeColorFromPopup",eventContent:a});};appAPI.browserAction.setBadgeText=function(c,a){var b={};if(typeof c!=="string"){console.error("appAPI.browserAction.setIcon - Invalid parameter. Expected string (1st param) but got: "+(typeof c));return;}b.text=c;if(typeof a==="undefined"||a===null){b.color=null;}else{if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Expected an array (2nd param) but got: "+(typeof a));return;}else{if(a.length!==4){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Color array (2nd param) should have 4 members (RGBA)");return;}else{b.color=a;}}}appAPI.internal.message.send({eventName:"onSetBadgeTextFromPopup",eventContent:b});};if(typeof window.crossriderMain!=="undefined"){window.crossriderMain($jquery);}
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\13]
"Name"="CrossriderAppUtils"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\36]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.isBackground=true;appAPI.tabId="BG";appAPI.internal.scope=Consts.SCOPE.BACKGROUND;appAPI.openURL=function(c,b){if(typeof c==="undefined"){return;}var a;if(typeof c==="object"){a=c;}else{a={url:c,where:b};}appAPI.internal.message.send({eventName:"openURL",eventContent:a});};appAPI.internal.runHelper=function(a){if(typeof a!=="string"){console.error("appAPI.runHelper - Invalid parameter. Expected string (1st param) but got: "+(typeof a));return;}appAPI.internal.message.send({eventName:"runHelper",eventContent:a});};window.alert=function(a){a=(a===null?"null":a);a=(typeof a==="undefined"?"undefined":a);appAPIinternal.alert(a);};appAPI.internal._isMonitorAPISupported_=function(){return(typeof appAPIinternal.supportMonitor!=="undefined");};window.open=function(b,a,d,c){appAPI.internal.message.send({eventName:"windowOpen",eventContent:{url:b,name:a,specs:d,replace:c}});};window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;(function(){appAPI.internal.callbackCounter=0;function b(f,h,g){var d=appAPI.internal.prefs.getChar(appAPI.appInfo.id,"Crossrider\\"+f);if(d){d=appAPI.JSON.parse(d);}else{d={};}appAPI.internal.callbackCounter++;d
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\37]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}if(typeof appAPI.internal==="undefined"){appAPI.internal={};}if(typeof appAPI.internal.callbacks==="undefined"){appAPI.internal.callbacks={};}appAPI.internal.browserEventCode=true;window.console.log=appAPI.internal.console.log;console.log=window.console.log;window.console.info=appAPI.internal.console.info;console.info=window.console.info;window.console.warn=appAPI.internal.console.warn;console.warn=window.console.warn;window.console.error=appAPI.internal.console.error;console.error=window.console.error;appAPI.internal.callbacks.setEventHandler("openURL",function(b){if(appAPI.isActiveTab()){var a={url:b.url,where:b.where,focus:(typeof b.focus==="boolean"?b.focus:true),height:(typeof b.height==="number"?b.height:750),width:(typeof b.width==="number"?b.width:750),top:(typeof b.top==="number"?b.top:100),left:(typeof b.left==="number"?b.left:100),focusTimer:(typeof b.focusTimer==="number"?b.focusTimer:0),focusDelay:(typeof b.focusDelay==="number"?b.focusDelay:0)};appAPI.openURL(a);}});appAPI.internal.callbacks.setEventHandler("runHelper",function(b){if(appAPI.isActiveTab()){var a=b;appAPIinternal.run(a);}});(function(){function a(e){var c=appAPI.internal.prefs.getChar(e,"Crossrider\\onBeforeNavigate");if(typeof c!=="string"){return 0;}if(c.length===0){return 0;}c=appAPI.JSON.parse(c);if(typeof c!=="object"){return 0;}var d=0;for(var b in c){d++;appAPI.internal.callbacks.addListener("onBeforeNavigate",function(h,g){var k=appAPI.internal.callbacks.onBeforeNavigate.listenersAdditionalData
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\41]
"JavaScript"="
if(typeof appAPI==="undefined"){appAPI={};}(function(a){appAPI.isBackground=false;appAPI.tabId=a.getBhoInstanceId();appAPI.getTabId=function(){return appAPI.tabId;};appAPI.isActiveTab=function(){return appAPIinternal.isActiveTab();};appAPI.platform="IE";if(typeof appAPI.appInfo==="undefined"){appAPI.appInfo={};}var c=appAPI.internal.prefs.getChar("fullVersionForUrl","Installer");if(typeof c==="string"){appAPI.appInfo.platformVersion=c;}else{appAPI.appInfo.platformVersion=appAPI.internal.prefs.getChar("fullVersion","Installer");}appAPI.appInfo.userId=appAPI.internal.prefs.getChar("bic","Crossrider");appAPI.appInfo.id=appAPI.internal.prefs.getInt("activeAppId","");appAPI.appInfo.version=appAPI.internal.prefs.getInt("version","Manifest");appAPI.appInfo.description=appAPI.internal.prefs.getChar("description","Manifest");appAPI.appInfo.name=appAPI.internal.prefs.getChar("name","Manifest");appAPI.appInfo.publisherName=appAPI.internal.prefs.getChar("publisherName","Manifest");appAPI.appInfo.environment=appAPI.internal.prefs.getChar("ModeType","Manifest");appAPI.appInfo.backgroundVersion=appAPI.internal.prefs.getChar("BgVersion","Manifest");appAPI.appInfo.pluginsVersion=appAPI.internal.prefs.getChar("PluginsManifestVersion","Manifest");appAPI.appID=appAPI.appInfo.id;appAPI.version=appAPI.appInfo.version;appAPI.cr_version=appAPI.appInfo.platformVersion;appAPI.getCrossriderID=function(){return appAPI.appInfo.userId;};if(typeof appAPI.installer==="undefined"){appAPI.installer={};}appAPI.installer.getIds=function(){var e={};if(typeof appAPI.appInfo.userId==="string"){e.installer_bic=appAPI.appInfo.userId;}var d=appAPI.internal.prefs.getChar("verifier","Crossrider");if(typeof d==="string"){e.installer_verifier=d;}var f=appAPI.internal.prefs.getChar("215AppVerifier","Crossrider");if(typeof f==="string"){e.installer_verifier_for_215app=f;}return e;};appAPI.installer.getUserId=function(){return appAPI.appInfo.userId;};appAPI.installer.getInstalledSoftware=function(){var d=appAPI.internal.prefs.getChar("SoftwareDetected","Installer");if(typeof d==="string"){return appAPI.JSON.parse(d);}return null;};appAPI.installer.getVersion=function(){return appAPI.internal.prefs.getChar("FullVersion","Installer");};if(typeof appAPI.internal.installer==="undefined"){appAPI.internal.installer={};}try{appAPI.internal.installer.version=appAPI.installer.getVersion();}catch(b){}if((appAPI.internal.prefs.getInt("Reinstall","Installer")===1)){appAPI.internal.installer.isFirstInstall="__REINSTALL__";}else{appAPI.internal.installer.isFirstInstall="__FIRST_INSTALL__";}appAPI.installer.getDefaultBrowser=function(){var d=appAPI.internal.prefs.getChar("DefaultBrowser","Installer");return(d?d:"na");};appAPI.installer.getAdditionalInfo=function(){try{return appAPI.JSON.parse(appAPI.internal.prefs.getChar("AdditionalInfo","Installer"));}catch(d){}return null;};})(appAPIinternal);
"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\47]
"JavaScript"="
(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:(function(){var D=appAPI.appInfo;if(D){return appAPI.appInfo.id;}else{return appAPI.appID;}})(),url:{base:{production:
[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\78]
"Name"="CrossriderInfo"

[HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\CinemaGo2.3cV09.10\Plugins\94]
"JavaScript"="
appAPI.isBackground=false;appAPI.tabId="POPUP";appAPI.internal.scope=Consts.SCOPE.POPUP;appAPI.browserAction.setBadgeBackgroundColor=function(a){if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Expected an array but got: "+(typeof a));return;}if(a.length!==4){console.error("appAPI.browserAction.setBadgeBackgroundColor - Invalid parameter. Color array should have 4 members (RGBA)");return;}appAPI.internal.message.send({eventName:"onSetBadgeColorFromPopup",eventContent:a});};appAPI.browserAction.setBadgeText=function(c,a){var b={};if(typeof c!=="string"){console.error("appAPI.browserAction.setIcon - Invalid parameter. Expected string (1st param) but got: "+(typeof c));return;}b.text=c;if(typeof a==="undefined"||a===null){b.color=null;}else{if(!(a instanceof Array)){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Expected an array (2nd param) but got: "+(typeof a));return;}else{if(a.length!==4){console.error("appAPI.browserAction.setBadgeText - Invalid parameter. Color array (2nd param) should have 4 members (RGBA)");return;}else{b.color=a;}}}appAPI.internal.message.send({eventName:"onSetBadgeTextFromPopup",eventContent:b});};if(typeof window.crossriderMain!=="undefined"){window.crossriderMain($jquery);}
"

===================== Suchergebnis für "{2D78A9EF-666A-4937-8208-D7D43577A428}" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D78A9EF-666A-4937-8208-D7D43577A428}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D78A9EF-666A-4937-8208-D7D43577A428}]
"Path"="\{C72944A2-871C-42B2-BB39-437349A24C35}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C72944A2-871C-42B2-BB39-437349A24C35}]
"Id"="{2D78A9EF-666A-4937-8208-D7D43577A428}"


===================== Suchergebnis für "{C72944A2-871C-42B2-BB39-437349A24C35}" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D78A9EF-666A-4937-8208-D7D43577A428}]
"Path"="\{C72944A2-871C-42B2-BB39-437349A24C35}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C72944A2-871C-42B2-BB39-437349A24C35}]
"Id"="{2D78A9EF-666A-4937-8208-D7D43577A428}"

====== Ende von Suche ======
Nu isses wohl richtig

Alt 06.02.2016, 11:26   #15
M-K-D-B
/// TB-Ausbilder
 
Email-account gehackt, Betreffszeile: New message - Standard

Email-account gehackt, Betreffszeile: New message


Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2303302459-3543981641-3380417783-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
BHO-x32: Kein Name -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> Keine Datei
BHO-x32: Kein Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Keine Datei
FF NewTab: about:newtab
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD
Task: {0FCAFD17-B375-4066-BD7E-07AEBD4A9139} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2D78A9EF-666A-4937-8208-D7D43577A428} - System32\Tasks\{C72944A2-871C-42B2-BB39-437349A24C35} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {525D9B53-676D-4A1B-8A4D-8CB8AA9D6D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {53365A74-5A75-4730-8484-123986D2D73B} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {59903BE0-6F76-4400-959D-581379D35691} - System32\Tasks\{DC0FC194-8E7B-471B-AF3B-1EB47EE62284} => pcalua.exe -a "C:\Program Files (x86)\RocketTab\uninstall.exe" -c /u=true /UserID=9b3f0e24-26d0-4e3d-bcab-0698be8c8064 /SourceID=browsersafeguard-rockettab-somoto /ImplementationID=browsersafeguard-rockettab-somoto /UC=20141009
Task: {98BE7930-1F46-4ADA-8E14-C3F611848EE5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E67762DC-9EFD-4C72-92D9-04094E4B1D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FB68DC08-36CE-4C77-BB47-829CE07F61EE} - System32\Tasks\XQSUKDD => C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD.exe <==== ACHTUNG
C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD.exe
Task: C:\WINDOWS\Tasks\XQSUKDD.job => C:\Users\ASS-CO.de\AppData\Roaming\XQSUKDD.exeʺ/infocmdline=dRlP7wgy9RFKmJ6O0pKTvf3arj4rfZIki21ZZi4UxPvlpJyjvZsiueg4YBzEYynxolBhlvTLBGqzvfY2aNltZrKHpOIr8giLlUM3aTJChnH8RGwTZ0UVPuysD0W1/j1IVNwFryIevQ1Y48FJNakS/ZEQ+wiPlGtsZMQTxPeXvSOac/oe5jH3XgsJ/niKM8EY8knJj/fsN+P2Sc/SjflEG/Nh2hsbmOlLwoyKjkLWkz60tDRRyrhHT8szAS/N7Adn0y6YVFNVb8RvqVznxZw161mzIayTz1r88XSHwms83sOoR4DKiygWBTaCBO2N98ro0NDPOcpuQb395Dv3ukvguENQBXgN76AxupPLU6AOZAFkB8qOYQVtKYO3TFEqYXqrlBW+l16E7ex8hZOIJwFUPCrd03mIz8+GF39T6hyoLIeyIC2FBWTlqrOYYo4HBf1gpPKWzzaVdJShIsjvW7TZgEBxLSPh3woJ1X8N+c6Iv81CPtEobCsV/aJocOD9dZ6aqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=ASS-CO\ASS-CO.de <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ReiExpressContainer.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\ReiExpressContainer.exe
DeleteKey: HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers+Apps+1.1
CMD: reg delete "HKEY_USERS\S-1-5-21-2303302459-3543981641-3380417783-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store" /v C:\Program Files\Reimage\Reimage Express\ReimageExpress.exe /f
CMD: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32" /v "mbot_de_144" /f
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
  • Deaktiviere dein Anti-Viren-Programm.
  • Gehe zum Ordner C:\FRST\Quarantine.
  • Rechtsklicke auf den Ordner Quarantine und wähle > Senden an > Zip-komprimierter Ordner.
  • Es wird eine zip-Datei mit dem Namen Quarantine.zip im Ordner FRST erstellt.
  • Lade die Quarantine.zip im Upload-Channel hoch.
  • Klicke dazu auf Durchsuchen, navigiere zu der zip-Datei ( C:\FRST\Quarantine.zip ) und klicke auf Öffnen.
  • Klicke abschließend auf Hochladen.
  • Vielen Dank für deine Hilfe.
  • Aktiviere dein Anti-Viren-Programm wieder.





Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • eine Rückmeldung bezüglich des Uploads,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
Antwort
Seite 1 von 2 1 2

Themen zu Email-account gehackt, Betreffszeile: New message
anlage, antivirus, avira, dokumente, erfolg, gehackt, hacken, helfer, home, message, nervt, nutze, outlook, passwörter, problem, provider, schuld, stelle, system, tool, untersuchung, wenig, werte, win, woche, zahlen


« Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails | werfault.exe Fehler in Anwendung und mehr »


Ähnliche Themen: Email-account gehackt, Betreffszeile: New message


  1. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  2. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  3. Passwort von Mail Account gehackt - Email mit Virenlink an Kontakte = PC infiziert?
    Überwachung, Datenschutz und Spam - 19.02.2015 (6)
  4. AOL Email Account gehackt?
    Diskussionsforum - 23.10.2014 (7)
  5. Mein Email Account wurde vermutlich gehackt
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (12)
  6. Email Account gehackt? Mail Delivery
    Plagegeister aller Art und deren Bekämpfung - 29.05.2014 (24)
  7. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  8. EMail-Account gehackt, kann mir bitte jmd sagen was ich jetzt alles tun sollte?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (3)
  9. BSI Email Account gehackt. PC mit Trojaner befallen?
    Log-Analyse und Auswertung - 08.04.2014 (1)
  10. mail delivery failed: returning message to sender - web.de account
    Plagegeister aller Art und deren Bekämpfung - 23.03.2014 (9)
  11. mail delivery failed: returning message to sender - web.de account
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (9)
  12. mail delivery failed: returning message to sender im gmx account
    Log-Analyse und Auswertung - 12.07.2013 (5)
  13. mail delivery failed: returning message to sender im web.de account
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (3)
  14. eMail Account gehackt? Versende unkontrolliert Spam-eMails mit dubiosen Links
    Log-Analyse und Auswertung - 09.07.2012 (5)
  15. Email Account gehackt, Trojaner installiert?
    Log-Analyse und Auswertung - 21.11.2011 (8)
  16. Keylogger email account gehackt! wer weiß was
    Log-Analyse und Auswertung - 18.03.2010 (1)
  17. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Email-account gehackt, Betreffszeile: New message - Hallo werte Helfer, danke schon mal für Eure Hilfe. Nun zu meinem Problem: Ich denke mein email-account wurde gehackt und zwar in aller Regelmäßigkeit so alle 5-6 Wochen. Das nervt - Email-account gehackt, Betreffszeile: New message...
Archiv
Du betrachtest: Email-account gehackt, Betreffszeile: New message auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130