Attention Required Problem mit Browser

Rolexx7 · 04.04.2016, 20:40

Hallo Liebe Community,

ich habe seit kurzem ein Problem mit meinen Browsern, und zwar kommt ab und zu diese Seite hier und ich weiss nicht weiter...

Ich brauche dringend Hilfe...

LIeben Dank im Voraus

hxxp://www.bilder-upload.eu/show.php?file=219acf-1459800112.png

M-K-D-B · 04.04.2016, 21:09

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Rolexx7 · 05.04.2016, 15:17

Ok Danke

Schritt 1
FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von kyriakos (Administrator) auf DESKTOP-20BAH8O (05-04-2016 16:14:06)
Gestartet von C:\Users\kyrox\Downloads
Geladene Profile: kyriakos & MSSQL$JTLWAWI (Verfügbare Profile: kyriakos & MSSQL$JTLWAWI)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Spotify Ltd) C:\Users\kyrox\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\kyrox\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\kyrox\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\kyrox\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1644824 2016-03-17] (Bitdefender)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1447328 2016-03-17] (Bitdefender)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [Spotify Web Helper] => C:\Users\kyrox\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-03-18] (Spotify Ltd)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [Spotify] => C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe [6805616 2016-03-18] (Spotify Ltd)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [Akamai NetSession Interface] => C:\Users\kyrox\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
Startup: C:\Users\kyrox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-12-16]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Keine Datei)
Startup: C:\Users\kyrox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2016-04-05]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cf83bffa-dec6-4a80-ab07-36ac5fc43660}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e2d2959f-762c-437f-825a-a06a0096d3d2}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-03-17] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-01] (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-03-17] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-04-01] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-04-01] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-03-17] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-03-17] (Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\kyrox\AppData\Roaming\Mozilla\Firefox\Profiles\81kpzajk.default
FF NewTab: about:home
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-21] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-15] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-21] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-04-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-15] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Extension: FirePath - C:\Users\kyrox\AppData\Roaming\Mozilla\Firefox\Profiles\81kpzajk.default\extensions\FireXPath@pierre.tholence.com.xpi [2016-03-08]
FF Extension: KeeFox - C:\Users\kyrox\AppData\Roaming\Mozilla\Firefox\Profiles\81kpzajk.default\extensions\keefox@chris.tomlinson [2016-04-03]
FF Extension: Firebug - C:\Users\kyrox\AppData\Roaming\Mozilla\Firefox\Profiles\81kpzajk.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-31]
FF Extension: Adblock Plus - C:\Users\kyrox\AppData\Roaming\Mozilla\Firefox\Profiles\81kpzajk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-11] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-15]
CHR Extension: (Google Docs) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-15]
CHR Extension: (Google Drive) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15]
CHR Extension: (Google-Suche) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Google Tabellen) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (AdBlock) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (chromeIPass) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2016-03-23]
CHR Extension: (Google Mail) - C:\Users\kyrox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-15]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11127016 2016-02-12] (DisplayLink Corp.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 MSSQL$JTLWAWI; C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-10] (Realtek Semiconductor)
S4 SQLAgent$JTLWAWI; C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [135176 2016-03-17] (Bitdefender)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1679672 2016-03-17] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-09-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1622512 2016-02-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [806344 2016-02-02] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [118608 2016-03-17] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.1488.0.sys [67344 2016-03-09] ()
R3 dlcdcncm; C:\Windows\System32\drivers\dlcdcncm62_x64.sys [91920 2016-02-12] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [229648 2016-02-12] (DisplayLink Corp.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [290032 2016-03-17] (Bitdefender)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-04] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195336 2015-09-04] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-08-07] (Toshiba Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-05 16:14 - 2016-04-05 16:14 - 00022882 _____ C:\Users\kyrox\Downloads\FRST.txt
2016-04-05 16:13 - 2016-04-05 16:14 - 00000000 ____D C:\FRST
2016-04-05 16:13 - 2016-04-05 16:13 - 02374144 _____ (Farbar) C:\Users\kyrox\Downloads\FRST64.exe
2016-04-05 16:13 - 2016-04-05 16:13 - 00002807 _____ C:\Users\kyrox\Desktop\AdwCleaner[C1].txt
2016-04-05 16:09 - 2016-04-05 16:11 - 00000000 ____D C:\AdwCleaner
2016-04-05 16:09 - 2016-04-05 16:09 - 03119168 _____ C:\Users\kyrox\Downloads\AdwCleaner_5.109.exe
2016-04-04 19:11 - 2016-04-04 19:11 - 00006708 _____ C:\Users\kyrox\Downloads\05c795cc9162963daa008242003b490a.pdf
2016-04-04 17:24 - 2016-04-04 17:24 - 00117592 _____ C:\Users\kyrox\Downloads\export.customers.2016.04.04.csv
2016-04-04 17:24 - 2016-04-04 17:24 - 00117592 _____ C:\Users\kyrox\Desktop\export.customers.2016.04.04.csv
2016-04-04 16:26 - 2016-04-04 16:26 - 00000017 _____ C:\Users\kyrox\AppData\Local\resmon.resmoncfg
2016-04-04 16:22 - 2016-04-04 16:23 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\kyrox\Downloads\whocrashedSetup.exe
2016-04-04 16:18 - 2016-04-04 16:18 - 04719560 _____ (ReviverSoft LLC) C:\Users\kyrox\Downloads\DriverReviverSetup.exe
2016-04-04 16:15 - 2016-04-04 16:15 - 00285268 _____ C:\Windows\Minidump\040416-8156-01.dmp
2016-04-04 16:07 - 2016-04-04 16:28 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2016-04-04 16:07 - 2016-04-04 16:07 - 01475080 _____ C:\Users\kyrox\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe
2016-04-04 16:07 - 2016-04-04 16:07 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\Eusing
2016-04-04 16:05 - 2016-04-04 16:05 - 00285124 _____ C:\Windows\Minidump\040416-8375-01.dmp
2016-04-04 16:03 - 2016-04-04 16:03 - 00285372 _____ C:\Windows\Minidump\040416-6843-01.dmp
2016-04-04 16:00 - 2016-04-04 16:15 - 876036673 _____ C:\Windows\MEMORY.DMP
2016-04-04 16:00 - 2016-04-04 16:15 - 00000000 ____D C:\Windows\Minidump
2016-04-04 16:00 - 2016-04-04 16:00 - 00285124 _____ C:\Windows\Minidump\040416-8828-01.dmp
2016-04-03 20:00 - 2016-04-04 16:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-03 20:00 - 2016-04-03 20:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-03 19:58 - 2016-04-03 19:58 - 03102720 _____ C:\Users\kyrox\Downloads\AdwCleaner_5.108.exe
2016-04-03 19:57 - 2016-04-03 20:00 - 22851472 _____ (Malwarebytes ) C:\Users\kyrox\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-03 19:52 - 2016-04-03 19:52 - 00002876 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-04-03 19:52 - 2016-04-03 19:52 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-03 19:52 - 2016-04-03 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-03 19:52 - 2016-04-03 19:52 - 00000000 ____D C:\Program Files\CCleaner
2016-04-03 19:51 - 2016-04-03 19:52 - 06869352 _____ (Piriform Ltd) C:\Users\kyrox\Downloads\ccsetup516pro.exe
2016-04-02 16:22 - 2016-04-02 16:23 - 00987728 _____ (Google Inc.) C:\Users\kyrox\Downloads\ChromeSetup.exe
2016-04-02 16:19 - 2016-04-02 16:20 - 45356768 _____ C:\Users\kyrox\Downloads\Firefox_Setup_45.0.1_64_de.exe
2016-04-02 10:50 - 2016-04-02 20:26 - 00000000 ____D C:\Users\kyrox\Desktop\SeitenAixPro
2016-04-02 10:50 - 2016-04-02 10:50 - 00000216 _____ C:\Users\kyrox\.bashrc
2016-04-02 10:50 - 2016-04-02 10:50 - 00000165 _____ C:\Users\kyrox\.tcshrc
2016-04-02 10:50 - 2016-04-02 10:50 - 00000107 _____ C:\Users\kyrox\.cshrc
2016-04-02 10:50 - 2016-04-02 10:50 - 00000000 ____D C:\Users\kyrox\drush-6.x
2016-04-02 10:50 - 2016-04-02 10:50 - 00000000 ____D C:\Users\kyrox\dev
2016-04-02 10:50 - 2016-04-02 10:50 - 00000000 ____D C:\Users\kyrox\bin
2016-04-02 10:47 - 2016-04-02 10:47 - 06516656 _____ (Tim Kosse) C:\Users\kyrox\Downloads\FileZilla_3.16.1_win64-setup.exe
2016-04-01 14:02 - 2016-04-01 14:02 - 00000227 _____ C:\Users\kyrox\Desktop\MWST.php
2016-04-01 13:44 - 2016-04-01 13:44 - 02302448 _____ C:\Users\kyrox\Downloads\credit_cards.zip
2016-04-01 13:41 - 2016-04-01 13:41 - 11247879 _____ C:\Users\kyrox\Downloads\payment-icons-v13.zip
2016-03-31 21:08 - 2016-03-31 21:08 - 00025974 _____ C:\ProgramData\1459451314.bdinstall.bin
2016-03-30 12:55 - 2016-03-30 12:55 - 17951198 _____ C:\Users\kyrox\Downloads\c_tutorial (1).zip
2016-03-30 12:19 - 2016-03-30 12:19 - 17951198 _____ C:\Users\kyrox\Downloads\c_tutorial.zip
2016-03-30 11:48 - 2016-03-30 11:48 - 00000000 ____D C:\Users\kyrox\Desktop\InvoiceAmazon
2016-03-30 11:45 - 2016-03-30 11:45 - 00000000 ____D C:\Users\kyrox\Desktop\BilderShutterstock
2016-03-30 11:44 - 2016-03-17 11:17 - 00010330 _____ C:\Users\kyrox\Desktop\Lernplan.xlsx
2016-03-27 22:34 - 2016-03-27 22:34 - 00000000 ____D C:\Users\kyrox\Desktop\SCHULPROJEKT
2016-03-23 22:19 - 2016-03-23 22:19 - 00198989 _____ C:\Users\kyrox\Desktop\new 1.css
2016-03-23 19:09 - 2016-03-23 19:09 - 00000000 ____D C:\Users\kyrox\AppData\Temp
2016-03-23 15:07 - 2016-03-23 15:07 - 00026044 _____ C:\Users\kyrox\Desktop\new 1.php
2016-03-23 14:23 - 2016-03-23 14:23 - 00038212 _____ C:\Users\kyrox\Desktop\Lebenslauf Kyriakos Oxyzidis.pdf
2016-03-22 17:27 - 2016-03-22 17:27 - 00025906 _____ C:\ProgramData\1458660434.bdinstall.bin
2016-03-22 10:29 - 2016-03-22 10:29 - 00011093 _____ C:\Users\kyrox\Documents\Milani Brow Shaping Clear Gel.jpeg
2016-03-21 17:58 - 2016-03-21 17:58 - 00007585 _____ C:\Users\kyrox\Downloads\secretdiary(1).zip
2016-03-20 12:33 - 2016-04-01 19:27 - 00000000 ____D C:\Users\kyrox\Desktop\Produkte
2016-03-20 02:54 - 2016-04-02 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-10 16:06 - 2016-02-12 17:20 - 00026896 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmdldr.sys
2016-03-09 22:21 - 2016-03-09 22:21 - 01447960 _____ (DisplayLink Corp.) C:\Windows\system32\DisplayLinkUsbCo64_7.9.1488.0.dll
2016-03-09 22:21 - 2016-03-09 22:21 - 00067344 _____ () C:\Windows\system32\Drivers\DisplayLinkUsbIo_x64_7.9.1488.0.sys
2016-03-09 16:00 - 2016-03-31 10:52 - 00000612 _____ C:\Users\kyrox\Desktop\Category.php
2016-03-09 11:21 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-03-09 11:21 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-03-09 11:21 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 11:21 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 11:21 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 11:21 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 11:21 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 11:21 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-09 11:21 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-03-09 11:21 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 11:21 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 11:21 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 11:21 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 11:21 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-03-09 11:21 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-03-09 11:21 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-03-09 11:21 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 11:21 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-03-09 11:21 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 11:21 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-03-09 11:21 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-03-09 11:21 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 11:21 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-03-09 11:21 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-03-09 11:21 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-03-09 11:21 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-09 11:21 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-09 11:21 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-03-09 11:21 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-09 11:21 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-09 11:21 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-03-09 11:21 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 11:21 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-03-09 11:21 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-03-09 11:21 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-03-09 11:21 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-03-09 11:21 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-03-09 11:21 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-03-09 11:21 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-09 11:21 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-03-09 11:21 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-09 11:21 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 11:21 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-09 11:21 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-09 11:21 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 11:21 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-03-09 11:21 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-03-09 11:21 - 2016-02-24 09:23 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-03-09 11:21 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 11:21 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-03-09 11:21 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-03-09 11:21 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-03-09 11:21 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-03-09 11:21 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-09 11:21 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-03-09 11:21 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 11:21 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 11:21 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-03-09 11:21 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2016-03-09 11:21 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-03-09 11:21 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-03-09 11:21 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-03-09 11:21 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-03-09 11:21 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-03-09 11:21 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-03-09 11:21 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-03-09 11:21 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 11:21 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-03-09 11:21 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-09 11:21 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-03-09 11:21 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-03-09 11:21 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-03-09 11:21 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-03-09 11:21 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-03-09 11:21 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-03-09 11:21 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-09 11:21 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-03-09 11:21 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-03-09 11:21 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-03-09 11:21 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-03-09 11:21 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-03-09 11:21 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-09 11:21 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 11:21 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-03-09 11:21 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 11:21 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-09 11:21 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 11:21 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 11:21 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-03-09 11:21 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 11:21 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-03-09 11:21 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-03-09 11:21 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-09 11:21 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-03-09 11:21 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-03-09 11:21 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-03-09 11:21 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-03-09 11:21 - 2016-02-24 08:42 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-03-09 11:21 - 2016-02-24 08:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2016-03-09 11:21 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-03-09 11:21 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-03-09 11:21 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-03-09 11:21 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 11:21 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 11:21 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-03-09 11:21 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-03-09 11:21 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-03-09 11:21 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-09 11:21 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-03-09 11:21 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 11:21 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-03-09 11:21 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2016-03-09 11:21 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-03-09 11:21 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 11:21 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-03-09 11:21 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-03-09 11:21 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-03-09 11:21 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-09 11:21 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-03-09 11:21 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-03-09 11:21 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 11:21 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 11:21 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-03-09 11:21 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-03-09 11:21 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-03-09 11:21 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-03-09 11:21 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-09 11:21 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-03-09 11:21 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-09 11:21 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-03-09 11:21 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-03-09 11:21 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-03-09 11:21 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-03-09 11:21 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-03-09 11:21 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-03-09 11:21 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-03-09 11:21 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-09 11:21 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-03-09 11:21 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-09 11:21 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 11:21 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-03-09 11:21 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-09 11:21 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-03-09 11:21 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-03-09 11:21 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-03-09 11:21 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-03-09 11:21 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-09 11:21 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-09 11:21 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 11:21 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 11:21 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 11:21 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 11:21 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 11:21 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 11:21 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-09 11:21 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-08 18:25 - 2016-03-08 18:25 - 00001463 _____ C:\Users\kyrox\Desktop\slider.php
2016-03-08 18:22 - 2016-03-08 18:22 - 00069796 _____ C:\Users\kyrox\Downloads\Freebooter-Script.zip
2016-03-08 17:52 - 2016-03-08 17:52 - 00003646 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-20BAH8O-kyriakos
2016-03-08 12:31 - 2016-03-08 12:31 - 01470472 _____ C:\Users\kyrox\Downloads\Greenshot - CHIP-Installer.exe
2016-03-08 12:31 - 2016-03-08 12:31 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\Greenshot
2016-03-08 12:31 - 2016-03-08 12:31 - 00000000 ____D C:\Users\kyrox\AppData\Local\Greenshot
2016-03-08 12:31 - 2016-03-08 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2016-03-08 12:31 - 2016-03-08 12:31 - 00000000 ____D C:\Program Files\Greenshot
2016-03-07 18:29 - 2016-03-07 18:29 - 00000000 ____D C:\Users\kyrox\plentymarkets
2016-03-07 18:25 - 2016-03-07 18:29 - 00000000 ____D C:\Users\kyrox\.oracle_jre_usage
2016-03-07 18:25 - 2016-03-07 18:29 - 00000000 ____D C:\Program Files\plentymarkets
2016-03-07 18:25 - 2016-03-07 18:25 - 00001811 _____ C:\Users\kyrox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\plentymarkets.lnk
2016-03-07 18:24 - 2016-03-07 18:25 - 92335584 _____ (plentymarkets GmbH) C:\Users\kyrox\Downloads\plentymarkets_windows_221beta1.exe
2016-03-07 18:24 - 2016-03-07 18:25 - 90256352 _____ (plentymarkets GmbH) C:\Users\kyrox\Downloads\plentymarkets_windows_220_1.exe
2016-03-06 22:08 - 2016-03-06 22:08 - 00070484 _____ C:\Users\kyrox\Downloads\2016-02-00029-KYRI-10-MAH4.pdf
2016-03-06 12:22 - 2016-03-06 12:22 - 01091750 _____ C:\Users\kyrox\Downloads\WebDesign_callisto_light_3_2_DE(2).zip
2016-03-06 12:05 - 2016-03-06 12:05 - 28373016 _____ (Karlis Blumentals ) C:\Users\kyrox\Downloads\webuild2015.exe
2016-03-06 12:05 - 2016-03-06 12:05 - 00001115 _____ C:\Users\kyrox\Desktop\WeBuilder 2015.lnk
2016-03-06 12:05 - 2016-03-06 12:05 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\Blumentals
2016-03-06 12:05 - 2016-03-06 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeBuilder 2015
2016-03-06 12:05 - 2016-03-06 12:05 - 00000000 ____D C:\ProgramData\Blumentals
2016-03-06 12:05 - 2016-03-06 12:05 - 00000000 ____D C:\Program Files (x86)\WeBuilder 2015
2016-03-06 12:04 - 2016-03-06 12:04 - 01086022 _____ C:\Users\kyrox\Downloads\WebDesign_callisto_light_3_2_DE(1).zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-05 16:12 - 2015-12-19 19:48 - 00000000 ____D C:\Users\kyrox\AppData\Local\Spotify
2016-04-05 16:12 - 2015-12-19 19:47 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\Spotify
2016-04-05 16:12 - 2015-12-15 19:02 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\KeePass
2016-04-05 16:12 - 2015-12-15 18:12 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-04-05 16:12 - 2015-12-15 17:50 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-05 16:12 - 2015-12-15 17:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-05 16:11 - 2015-12-16 13:20 - 00588800 ___SH C:\Users\kyrox\Desktop\Thumbs.db
2016-04-05 16:11 - 2015-12-15 23:15 - 00069838 _____ C:\bdlog.txt
2016-04-05 16:11 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-05 16:10 - 2015-12-15 18:59 - 00000000 ____D C:\Users\kyrox\AppData\Local\Adobe
2016-04-05 16:10 - 2015-12-15 17:55 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F12CC64F-296F-42D3-A474-FC3DFC9C8B8C}
2016-04-05 16:07 - 2015-12-15 17:28 - 02114392 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-05 16:07 - 2015-10-30 20:35 - 00898894 _____ C:\Windows\system32\perfh007.dat
2016-04-05 16:07 - 2015-10-30 20:35 - 00206888 _____ C:\Windows\system32\perfc007.dat
2016-04-05 16:07 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-05 16:07 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 16:07 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-04-04 21:49 - 2015-12-15 18:13 - 00000000 ____D C:\Users\MSSQL$JTLWAWI
2016-04-04 21:49 - 2015-12-15 17:37 - 00000000 ____D C:\Users\kyrox
2016-04-04 21:00 - 2015-12-15 17:50 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-04 17:33 - 2015-12-17 20:16 - 00000000 ____D C:\Users\kyrox\AppData\Local\CrashDumps
2016-04-04 16:20 - 2015-10-30 08:28 - 00065536 ___SH C:\Windows\system32\config\ELAM
2016-04-03 20:17 - 2015-12-17 12:17 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-04-03 19:52 - 2015-12-17 12:17 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\TeamViewer
2016-04-03 19:52 - 2015-12-16 12:47 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\FileZilla
2016-04-03 19:52 - 2015-12-15 17:22 - 00000000 ____D C:\Windows\Panther
2016-04-03 10:08 - 2015-12-15 18:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-02 17:20 - 2015-12-15 19:20 - 00028398 _____ C:\Users\kyrox\Documents\Kyriakos.kdbx
2016-04-02 16:25 - 2015-12-15 18:14 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-02 16:25 - 2015-12-15 18:14 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-02 16:24 - 2015-12-15 17:51 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-02 16:24 - 2015-12-15 17:51 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-01 11:19 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-01 11:18 - 2015-12-15 19:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-31 13:23 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-30 13:26 - 2015-12-15 18:03 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\jtl-software
2016-03-29 09:25 - 2015-12-15 17:37 - 00000000 ____D C:\Users\kyrox\AppData\Local\Packages
2016-03-25 11:29 - 2015-12-19 19:38 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\vlc
2016-03-24 17:50 - 2016-01-09 18:44 - 00000000 ____D C:\Users\kyrox\AppData\Local\HP
2016-03-23 22:49 - 2016-02-18 16:24 - 00061952 ___SH C:\Users\kyrox\Downloads\Thumbs.db
2016-03-23 15:40 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-03-21 17:55 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\LiveKernelReports
2016-03-17 16:08 - 2015-12-15 18:19 - 00290032 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2016-03-17 16:03 - 2015-12-17 21:50 - 00000000 ____D C:\Users\kyrox\AppData\Local\ElevatedDiagnostics
2016-03-11 17:41 - 2015-12-15 17:39 - 00002432 _____ C:\Users\kyrox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 17:41 - 2015-12-15 17:39 - 00000000 ___RD C:\Users\kyrox\OneDrive
2016-03-10 16:06 - 2015-12-15 17:38 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2016-03-10 15:18 - 2015-12-15 17:22 - 05040016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 00:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 00:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 00:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 00:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 12:05 - 2015-12-15 20:07 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 12:02 - 2015-12-15 20:07 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-08 23:55 - 2015-12-15 20:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-06 21:54 - 2016-03-03 23:36 - 00000000 ____D C:\Users\kyrox\AppData\Roaming\NCH Software
2016-03-06 21:54 - 2016-03-03 23:36 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-03-06 21:53 - 2016-01-27 17:00 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-03-06 11:49 - 2015-12-15 17:37 - 00000000 __RHD C:\Users\Public\AccountPictures

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-20 12:28 - 2016-03-03 20:04 - 0000033 _____ () C:\Users\kyrox\AppData\Roaming\AdobeWLCMCache.dat
2016-01-28 17:28 - 2016-01-31 10:45 - 0000442 _____ () C:\Users\kyrox\AppData\Roaming\CSharpAnalytics-MeasurementSession
2016-04-04 16:26 - 2016-04-04 16:26 - 0000017 _____ () C:\Users\kyrox\AppData\Local\resmon.resmoncfg
2015-12-15 18:22 - 2015-12-15 18:22 - 0445769 _____ () C:\ProgramData\1450196234.bdinstall.bin
2016-02-16 18:17 - 2016-02-16 18:17 - 0025194 _____ () C:\ProgramData\1455639446.bdinstall.bin
2016-03-22 17:27 - 2016-03-22 17:27 - 0025906 _____ () C:\ProgramData\1458660434.bdinstall.bin
2016-03-31 21:08 - 2016-03-31 21:08 - 0025974 _____ () C:\ProgramData\1459451314.bdinstall.bin
2016-01-09 18:45 - 2016-01-09 18:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-16 13:41 - 2016-02-16 13:41 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\kyrox\AppData\Local\Temp\libeay32.dll
C:\Users\kyrox\AppData\Local\Temp\msvcr120.dll
C:\Users\kyrox\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 17:32

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von kyriakos (2016-04-05 16:14:38)
Gestartet von C:\Users\kyrox\Downloads
Windows 10 Pro Version 1511 (X64) (2015-12-15 15:35:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2145669467-3144448721-1249639217-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2145669467-3144448721-1249639217-503 - Limited - Disabled)
Gast (S-1-5-21-2145669467-3144448721-1249639217-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2145669467-3144448721-1249639217-1005 - Limited - Enabled)
kyriakos (S-1-5-21-2145669467-3144448721-1249639217-1001 - Administrator - Enabled) => C:\Users\kyrox

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.6.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.3.189 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.0 - Adobe Systems Incorporated)
Adobe Edge Animate CC 2015 (HKLM-x32\...\{92AC6B8F-F962-11E4-867D-81149C0292DF}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{2532C427-E595-4768-B6E9-C20F3AB751CA}) (Version: 1.5.486 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Flash Builder 4.7 (64 Bit) (HKLM-x32\...\{848DE8E1-521D-4748-A158-517708107EF3}) (Version: 4.7 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2015 (HKLM-x32\...\{31390329-FFF0-11E4-85AD-AF2C4143F080}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Fuse CC (Preview) (HKLM-x32\...\{06F1F289-ACFE-43A2-A654-7950079D6685}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe InCopy CC 2015 (HKLM-x32\...\{9EF1DB49-6D32-1014-93B7-EB62FA572532}) (Version: 11.0.1.105 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.2.0.100 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.3 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Muse CC 2015 (HKLM-x32\...\{25CC1EC0-19D9-11E5-952D-BD72CD08879E}) (Version: 2015.0.2.4 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Prelude CC 2015 (HKLM-x32\...\{4D911A81-7146-470C-A48F-98479255251C}) (Version: 4.1.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{885F4E31-D667-4DD9-9C53-8D5ACDEB72B4}) (Version: 7.9.1369.0 - DisplayLink Corp.)
FileZilla Client 3.15.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
JTL-Wawi (HKLM-x32\...\JTL-Wawi_is1) (Version: 1.0.8.2 - JTL-Software-GmbH)
KeePass Password Safe 2.31 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.1 (x64 de) (HKLM\...\Mozilla Firefox 45.0.1 (x64 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
plentymarkets 220.1 (HKLM-x32\...\5841-3682-4824-5789) (Version: 220.1 - plentymarkets GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB)
SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
Stardock ObjectDock (HKLM-x32\...\Stardock ObjectDock) (Version: 2.20 - Stardock Software, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WeBuilder 2015 v13.5 (HKLM-x32\...\WeBuilder 2015_is1) (Version: 13.1 - Karlis Blumentals)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-474F41B52D04}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\kyrox\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\de-DE\acadficn.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {195DE15A-5EBF-4A57-84DF-6F8C48EE4430} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe
Task: {2AC90F92-B4B2-4DB1-B9E7-117F14B40C53} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-03-30] (Bitdefender)
Task: {3B02B769-D939-4F49-818E-200F0EC7F480} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {424602C0-1DDF-4B6C-8574-8EC2C47D88B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {4A91819D-8D63-48A5-AB00-60EC9FD51993} - System32\Tasks\Opera scheduled Autoupdate 1455229596 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-28] (Opera Software)
Task: {4F7C3E2F-72B6-4FBB-A90D-AB38E7241B91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-01] (Microsoft Corporation)
Task: {54605BDF-C63D-4CB2-83C6-3F81F0DB34DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {5815E274-3E93-4783-B28B-D4D602E0ACA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15] (Google Inc.)
Task: {7834AFD7-73B3-41F9-AA07-00DC4FCD16D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-01] (Microsoft Corporation)
Task: {887DB48D-3245-4052-8CC0-863AC564B370} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {B36BC592-79E6-422B-A7FB-52CB62359FB5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {D3895C5E-5CA2-46F0-B8F4-92936C2002DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {D85FB20A-6975-4730-9AFB-64D40200BB2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {DB72A19D-6DFA-4C43-AFF9-ABB48D00C9E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {E788D558-8B95-41B5-B103-BAAA5C9C4B31} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kyr.oxyzidis@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {FA9044A9-DE29-4499-AD91-9369E6CF839B} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-20BAH8O-kyriakos => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {FB28FA38-8043-43AF-8D5F-0D1058506C4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2015-12-15 18:19 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-15 19:23 - 2016-03-20 13:10 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-05-11 09:12 - 2015-05-11 09:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-11-20 15:57 - 2015-11-20 15:57 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-11-20 15:57 - 2015-11-20 15:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-02 10:52 - 2016-02-23 13:27 - 02654872 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-01-22 13:02 - 2016-01-22 13:02 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-02 10:52 - 2016-02-23 13:27 - 02654872 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-11-14 05:23 - 2015-11-14 05:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-12-17 23:03 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 10:52 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2016-01-12 21:15 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:15 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 11:04 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 11:04 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-12-19 19:55 - 2015-12-11 02:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-22 13:02 - 2016-01-22 13:02 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:02 - 2016-01-22 13:02 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-19 19:48 - 2016-03-18 15:01 - 47503472 _____ () C:\Users\kyrox\AppData\Roaming\Spotify\libcef.dll
2015-12-19 19:48 - 2016-03-18 15:01 - 01584240 _____ () C:\Users\kyrox\AppData\Roaming\Spotify\libglesv2.dll
2015-12-19 19:48 - 2016-03-18 15:01 - 00082032 _____ () C:\Users\kyrox\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\kyrox\Downloads\AdwCleaner_5.108.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\AdwCleaner_5.109.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\albelli_DE(1).exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\albelli_DE.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\AutoCAD_2016_German_Win_32_64bit_wi_de-DE_Setup_webinstall(1).exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\AutoCAD_2016_German_Win_32_64bit_wi_de-DE_Setup_webinstall.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\ccsetup516pro.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\ChromeSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\CopyTrans Manager - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\CyberGhost VPN - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\DriverReviverSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\Firefox_Setup_45.0.1_64_de.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\flashplayer20_ha_install.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\FreeCAD-0.15.4671_x64_windows_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\gkfx4setup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\Greenshot - CHIP-Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\iTunes6464Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\mbam-setup-2.2.1.1043.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\Opera_NI_stable.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\plentymarkets_windows_220_1.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\plentymarkets_windows_221beta1.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\webuild2015.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\whocrashedSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\kyrox\Downloads\wpsetup.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-04-05 16:12 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\StartupApproved\StartupFolder: => "Stardock ObjectDock.lnk"
HKU\S-1-5-21-2145669467-3144448721-1249639217-1001\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68A2F983-6CC1-4003-B43D-94266FC3D913}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F98FC307-AC9D-4DA4-89CF-9942CB7609F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31963119-7D80-4780-B995-C1873C885DB9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EE789714-F708-4BBC-86AE-142D957E2FCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C426FC22-A8D9-4D4E-982D-4A8C2E3B2E5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F53C768-76F2-49AC-8AB7-C513123B3B3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E88E5920-0812-405D-AB60-84039F07B4EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F0B944D1-02B2-49E8-BABE-FCEFE2476E4E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3187626F-6D42-417C-8E86-91D2B6A8BC1E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CE62D873-0566-4FBA-BA16-BF0CFE7DDEE5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B9761D60-17D5-437A-8A99-0B78E6948132}] => (Allow) LPort=2869
FirewallRules: [{5CC85AB9-980B-40C2-B1CB-63C2F4FCA996}] => (Allow) LPort=1900
FirewallRules: [{F439E308-995B-40F1-8372-7E4B50B73ADD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{4D2EE0C9-AB6D-486D-877D-6F0AB17B3113}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{6DA57AA8-976E-450D-AFE5-2AA95662E254}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{5446442E-10B3-469C-BC84-1D71EDBFA29E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{34907976-140F-4CC9-8C41-6F0AFA00532E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{19527786-DAF9-4B6A-B39A-87FF79271B0E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{BCE6F20B-F623-4AAA-8902-D315901BEFDD}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [{6518E69D-63C0-4811-ABB5-DE3F2C81AA76}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{A055640D-D2ED-4551-88DE-3894BCDAC33E}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{64C39EE1-417D-4839-9F3D-2F3F0158D8B4}] => (Allow) LPort=7935
FirewallRules: [{012360B2-0833-4EE6-9607-3C8144C0AE0C}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe
FirewallRules: [{77094D4D-B16E-4C22-A813-19D7872B3412}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{1068ADAA-52F3-4E9F-A49A-56B73E483516}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{4B0200D3-772A-426A-9245-443973187E19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4B14C6E1-F57E-458F-9702-3FC147A9C436}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C37CF01D-6A47-4CD9-ADBB-FBAD0DF93411}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0158BA21-BF9C-4DA5-8B52-ECB56143FDCE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5881AA1C-F7DA-4F74-8CA9-45916331DCAA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D5A180E6-92E5-415D-88E5-B29913390D3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BBFF0958-1179-485D-9B30-115569E80FCD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{936263E1-AF43-4797-9215-388009C6FC23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5FD00B24-E173-4691-962C-CC83284694CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

15-03-2016 17:47:35 Windows Update
23-03-2016 15:40:19 Windows Update
30-03-2016 17:43:56 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/04/2016 05:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.122, Zeitstempel: 0x56cc0133
Name des fehlerhaften Moduls: JumpViewUI.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cc117c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004335d
ID des fehlerhaften Prozesses: 0x17e8
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (04/04/2016 10:32:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/03/2016 03:32:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/02/2016 05:29:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/02/2016 12:23:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/01/2016 03:42:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-20BAH8O)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/31/2016 04:21:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-20BAH8O)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/31/2016 01:33:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/30/2016 05:43:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/30/2016 05:08:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-20BAH8O)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/05/2016 04:12:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-20BAH8O)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-20BAH8OkyriakosS-1-5-21-2145669467-3144448721-1249639217-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (04/05/2016 04:12:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-20BAH8O)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-20BAH8OkyriakosS-1-5-21-2145669467-3144448721-1249639217-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (04/05/2016 04:12:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-20BAH8O)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-20BAH8OkyriakosS-1-5-21-2145669467-3144448721-1249639217-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (04/05/2016 04:11:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/05/2016 04:11:57 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/05/2016 04:11:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_313c3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/05/2016 04:11:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _313c3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/05/2016 04:11:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_313c3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/05/2016 04:11:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_313c3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/05/2016 04:11:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-04-01 11:18:36.364
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 15:13:43.653
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-15 16:53:39.314
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 03:34:15.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 13:39:47.777
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 14:18:42.218
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-05 18:52:38.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-03 06:05:53.586
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-23 16:16:01.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-18 17:59:06.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8151.8 MB
Verfügbarer physikalischer RAM: 5554.26 MB
Summe virtueller Speicher: 9431.8 MB
Verfügbarer virtueller Speicher: 6671.25 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.27 GB) (Free:375.67 GB) NTFS
Drive d: () (Removable) (Total:7.54 GB) (Free:7.1 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C94137CC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Rolexx7 · 05.04.2016, 15:19

TDDS

Code:

ATTFilter

16:17:38.0789 0x2850  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:17:41.0273 0x2850  ============================================================
16:17:41.0273 0x2850  Current date / time: 2016/04/05 16:17:41.0273
16:17:41.0273 0x2850  SystemInfo:
16:17:41.0273 0x2850  
16:17:41.0273 0x2850  OS Version: 10.0.10586 ServicePack: 0.0
16:17:41.0273 0x2850  Product type: Workstation
16:17:41.0273 0x2850  ComputerName: DESKTOP-20BAH8O
16:17:41.0273 0x2850  UserName: kyriakos
16:17:41.0273 0x2850  Windows directory: C:\Windows
16:17:41.0273 0x2850  System windows directory: C:\Windows
16:17:41.0273 0x2850  Running under WOW64
16:17:41.0273 0x2850  Processor architecture: Intel x64
16:17:41.0273 0x2850  Number of processors: 8
16:17:41.0273 0x2850  Page size: 0x1000
16:17:41.0273 0x2850  Boot type: Normal boot
16:17:41.0273 0x2850  ============================================================
16:17:41.0351 0x2850  KLMD registered as C:\Windows\system32\drivers\71758853.sys
16:17:41.0524 0x2850  System UUID: {AA73EEBE-E764-9C07-EABE-9D9E3B411241}
16:17:41.0805 0x2850  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:17:41.0836 0x2850  Drive \Device\Harddisk2\DR2 - Size: 0x1E3000000 ( 7.55 Gb ), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:17:41.0836 0x2850  ============================================================
16:17:41.0836 0x2850  \Device\Harddisk0\DR0:
16:17:41.0836 0x2850  MBR partitions:
16:17:41.0836 0x2850  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
16:17:41.0836 0x2850  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x3A28B000
16:17:41.0836 0x2850  \Device\Harddisk2\DR2:
16:17:41.0836 0x2850  MBR partitions:
16:17:41.0836 0x2850  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x1758, BlocksNum 0xF168A8
16:17:41.0836 0x2850  ============================================================
16:17:41.0836 0x2850  C: <-> \Device\Harddisk0\DR0\Partition2
16:17:41.0836 0x2850  ============================================================
16:17:41.0836 0x2850  Initialize success
16:17:41.0836 0x2850  ============================================================
16:17:56.0932 0x2908  ============================================================
16:17:56.0932 0x2908  Scan started
16:17:56.0932 0x2908  Mode: Manual; SigCheck; TDLFS; 
16:17:56.0932 0x2908  ============================================================
16:17:56.0932 0x2908  KSN ping started
16:17:59.0292 0x2908  KSN ping finished: true
16:17:59.0714 0x2908  ================ Scan system memory ========================
16:17:59.0714 0x2908  System memory - ok
16:17:59.0714 0x2908  ================ Scan services =============================
16:17:59.0761 0x2908  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
16:17:59.0792 0x2908  1394ohci - ok
16:17:59.0808 0x2908  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\Windows\system32\drivers\3ware.sys
16:17:59.0823 0x2908  3ware - ok
16:17:59.0839 0x2908  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:17:59.0855 0x2908  ACPI - ok
16:17:59.0855 0x2908  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
16:17:59.0870 0x2908  acpiex - ok
16:17:59.0870 0x2908  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
16:17:59.0886 0x2908  acpipagr - ok
16:17:59.0886 0x2908  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
16:17:59.0901 0x2908  AcpiPmi - ok
16:17:59.0901 0x2908  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\Windows\System32\drivers\acpitime.sys
16:17:59.0917 0x2908  acpitime - ok
16:17:59.0933 0x2908  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:17:59.0933 0x2908  AdobeARMservice - ok
16:17:59.0948 0x2908  [ 46E0C109E564333992B89F2A62AD6B39, D3FE97FAF1D2AACD835BAB281C8BB9642DAF5F267377C857825ACCFA094BAB1A ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
16:17:59.0980 0x2908  AdobeUpdateService - ok
16:17:59.0995 0x2908  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
16:18:00.0026 0x2908  ADP80XX - ok
16:18:00.0042 0x2908  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\Windows\system32\drivers\afd.sys
16:18:00.0073 0x2908  AFD - ok
16:18:00.0073 0x2908  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:18:00.0089 0x2908  agp440 - ok
16:18:00.0120 0x2908  [ 8BA0756C7B80D039212F9BB957D84727, 2EFED9D87E37A95F7216D879FA2E054AE105DC5280F7393540C812C296E4FDAC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
16:18:00.0167 0x2908  AGSService - ok
16:18:00.0183 0x2908  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
16:18:00.0198 0x2908  ahcache - ok
16:18:00.0198 0x2908  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\Windows\System32\AJRouter.dll
16:18:00.0214 0x2908  AJRouter - ok
16:18:00.0214 0x2908  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\Windows\System32\alg.exe
16:18:00.0230 0x2908  ALG - ok
16:18:00.0245 0x2908  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:18:00.0261 0x2908  AMD External Events Utility - ok
16:18:00.0261 0x2908  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
16:18:00.0276 0x2908  AmdK8 - ok
16:18:00.0276 0x2908  amdkmdag - ok
16:18:00.0292 0x2908  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:18:00.0323 0x2908  amdkmdap - ok
16:18:00.0323 0x2908  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
16:18:00.0339 0x2908  AmdPPM - ok
16:18:00.0339 0x2908  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:18:00.0355 0x2908  amdsata - ok
16:18:00.0355 0x2908  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:18:00.0370 0x2908  amdsbs - ok
16:18:00.0386 0x2908  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:18:00.0386 0x2908  amdxata - ok
16:18:00.0402 0x2908  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\Windows\system32\drivers\appid.sys
16:18:00.0402 0x2908  AppID - ok
16:18:00.0417 0x2908  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:18:00.0433 0x2908  AppIDSvc - ok
16:18:00.0433 0x2908  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\Windows\System32\appinfo.dll
16:18:00.0448 0x2908  Appinfo - ok
16:18:00.0448 0x2908  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:18:00.0464 0x2908  Apple Mobile Device Service - ok
16:18:00.0464 0x2908  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:18:00.0480 0x2908  AppMgmt - ok
16:18:00.0495 0x2908  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
16:18:00.0527 0x2908  AppReadiness - ok
16:18:00.0558 0x2908  [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
16:18:00.0620 0x2908  AppXSvc - ok
16:18:00.0636 0x2908  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:18:00.0652 0x2908  arcsas - ok
16:18:00.0652 0x2908  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
16:18:00.0683 0x2908  AsyncMac - ok
16:18:00.0698 0x2908  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:18:00.0714 0x2908  atapi - ok
16:18:00.0823 0x2908  [ 7E7F48278A0697353765495BB94E3BA7, DBBA5C9093B572798D624E4021C56D425C05686BFF86DA0B19E67AFE68E9CE76 ] athr            C:\Windows\System32\drivers\athw10x.sys
16:18:00.0933 0x2908  athr - ok
16:18:00.0948 0x2908  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWT6.sys
16:18:00.0948 0x2908  AtiHDAudioService - ok
16:18:00.0964 0x2908  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:18:00.0980 0x2908  AudioEndpointBuilder - ok
16:18:00.0995 0x2908  [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:18:01.0042 0x2908  Audiosrv - ok
16:18:01.0073 0x2908  [ B18699497436228F1109132D669CF29A, 1A358BC7E7931FE43B1038E33EBEA365476E5A2EFB9476F47E3476A3669063FB ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
16:18:01.0120 0x2908  avc3 - ok
16:18:01.0136 0x2908  [ 1251FB8BF8E6B6129065326A3E8A4378, 1AF1DAE71A8126A875AC3197FD69BCD52949DC08694A29EAB6FA3ED31695BDED ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
16:18:01.0152 0x2908  avckf - ok
16:18:01.0152 0x2908  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:18:01.0183 0x2908  AxInstSV - ok
16:18:01.0183 0x2908  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:18:01.0214 0x2908  b06bdrv - ok
16:18:01.0214 0x2908  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
16:18:01.0230 0x2908  BasicDisplay - ok
16:18:01.0230 0x2908  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
16:18:01.0245 0x2908  BasicRender - ok
16:18:01.0245 0x2908  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
16:18:01.0261 0x2908  bcmfn - ok
16:18:01.0261 0x2908  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
16:18:01.0277 0x2908  bcmfn2 - ok
16:18:01.0277 0x2908  [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam          C:\Windows\system32\drivers\bdelam.sys
16:18:01.0292 0x2908  bdelam - ok
16:18:01.0292 0x2908  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:18:01.0323 0x2908  BDESVC - ok
16:18:01.0323 0x2908  [ F662FA5B57F6BAD1022814A49C6E3733, 8B0A9BF9AF18769BAC67138037F3D167F195AE932DD417A8393D0D8A760CA9B2 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
16:18:01.0339 0x2908  bdfwfpf - ok
16:18:01.0339 0x2908  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
16:18:01.0339 0x2908  BDVEDISK - ok
16:18:01.0355 0x2908  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:18:01.0355 0x2908  Beep - ok
16:18:01.0370 0x2908  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\Windows\System32\bfe.dll
16:18:01.0417 0x2908  BFE - ok
16:18:01.0433 0x2908  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\Windows\System32\qmgr.dll
16:18:01.0480 0x2908  BITS - ok
16:18:01.0480 0x2908  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:18:01.0495 0x2908  bowser - ok
16:18:01.0511 0x2908  [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:18:01.0542 0x2908  BrokerInfrastructure - ok
16:18:01.0542 0x2908  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\Windows\System32\browser.dll
16:18:01.0558 0x2908  Browser - ok
16:18:01.0558 0x2908  [ 0E03E300CB28F30843F40069563CE2AD, 8D1E78A847B548F32E15573A39E403E6A65838C77628B9F9BFBDED527BAE9054 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
16:18:01.0589 0x2908  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
16:18:03.0918 0x2908  Detect skipped due to KSN trusted
16:18:03.0918 0x2908  BrYNSvc - ok
16:18:03.0949 0x2908  [ 7037B585F7D4AB58F1CFB1E7841E6FEF, DF01C722924404D0EC559B962CEAF655D13315A073810FA82649E2810E4A951D ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
16:18:03.0980 0x2908  BtFilter - ok
16:18:03.0980 0x2908  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
16:18:03.0996 0x2908  BthAvrcpTg - ok
16:18:03.0996 0x2908  [ 36417FC4F11C31C880CB428037DEDF3F, ACDB798A038E3D5CC350AC53A9EC8E14AD02E2C28AE4578EC0205E6DF537A8F9 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
16:18:04.0011 0x2908  BthEnum - ok
16:18:04.0027 0x2908  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
16:18:04.0043 0x2908  BthHFEnum - ok
16:18:04.0043 0x2908  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
16:18:04.0058 0x2908  bthhfhid - ok
16:18:04.0058 0x2908  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
16:18:04.0089 0x2908  BthHFSrv - ok
16:18:04.0089 0x2908  [ CC6C1393B423EBFF9F6696CB9CC4CBCB, AB1861727631EDDD5B8404C51E75A67CAA42FD640E067A6ECC07EF0FCC871840 ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
16:18:04.0105 0x2908  BthLEEnum - ok
16:18:04.0105 0x2908  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
16:18:04.0121 0x2908  BTHMODEM - ok
16:18:04.0136 0x2908  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
16:18:04.0152 0x2908  BthPan - ok
16:18:04.0168 0x2908  [ CEFF59649E90987D263D96078724A54A, 3EB69F0BA282085682FB09F1469BF66A84229D8C7A044C6B98B78477716917EE ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
16:18:04.0199 0x2908  BTHPORT - ok
16:18:04.0199 0x2908  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\Windows\system32\bthserv.dll
16:18:04.0215 0x2908  bthserv - ok
16:18:04.0230 0x2908  [ 0D279373091AA1BBEEE958AAF02B5EDF, 79CEBC2D9345103958DC161C31AC4BE078626D6DC28F6F06C432917872A1E3B4 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
16:18:04.0246 0x2908  BTHUSB - ok
16:18:04.0246 0x2908  [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum         C:\Windows\System32\drivers\busenum.sys
16:18:04.0246 0x2908  busenum - ok
16:18:04.0261 0x2908  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
16:18:04.0277 0x2908  buttonconverter - ok
16:18:04.0277 0x2908  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\Windows\System32\drivers\capimg.sys
16:18:04.0293 0x2908  CapImg - ok
16:18:04.0293 0x2908  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:18:04.0308 0x2908  cdfs - ok
16:18:04.0324 0x2908  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
16:18:04.0340 0x2908  CDPSvc - ok
16:18:04.0340 0x2908  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
16:18:04.0355 0x2908  cdrom - ok
16:18:04.0371 0x2908  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:18:04.0386 0x2908  CertPropSvc - ok
16:18:04.0386 0x2908  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\Windows\System32\drivers\circlass.sys
16:18:04.0402 0x2908  circlass - ok
16:18:04.0418 0x2908  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
16:18:04.0433 0x2908  CLFS - ok
16:18:04.0480 0x2908  [ A4797D56322F64F5A9823363A7644C4D, 673BD9E509B934BA22E056221A0D0E7CBBB5DCA4ECC6947BDD1E05EDA8B432EC ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
16:18:04.0543 0x2908  ClickToRunSvc - ok
16:18:04.0558 0x2908  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\Windows\System32\ClipSVC.dll
16:18:04.0574 0x2908  ClipSVC - ok
16:18:04.0590 0x2908  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
16:18:04.0590 0x2908  CmBatt - ok
16:18:04.0605 0x2908  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:18:04.0636 0x2908  CNG - ok
16:18:04.0636 0x2908  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
16:18:04.0636 0x2908  cnghwassist - ok
16:18:04.0652 0x2908  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
16:18:04.0668 0x2908  CompositeBus - ok
16:18:04.0668 0x2908  COMSysApp - ok
16:18:04.0668 0x2908  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\Windows\system32\drivers\condrv.sys
16:18:04.0683 0x2908  condrv - ok
16:18:04.0699 0x2908  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
16:18:04.0730 0x2908  CoreMessagingRegistrar - ok
16:18:04.0730 0x2908  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:18:04.0746 0x2908  CryptSvc - ok
16:18:04.0761 0x2908  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\Windows\system32\drivers\csc.sys
16:18:04.0777 0x2908  CSC - ok
16:18:04.0793 0x2908  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\Windows\System32\cscsvc.dll
16:18:04.0840 0x2908  CscService - ok
16:18:04.0840 0x2908  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\Windows\system32\drivers\dam.sys
16:18:04.0855 0x2908  dam - ok
16:18:04.0871 0x2908  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:18:04.0918 0x2908  DcomLaunch - ok
16:18:04.0918 0x2908  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
16:18:04.0933 0x2908  DcpSvc - ok
16:18:04.0949 0x2908  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:18:04.0996 0x2908  defragsvc - ok
16:18:05.0011 0x2908  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\Windows\system32\das.dll
16:18:05.0043 0x2908  DeviceAssociationService - ok
16:18:05.0043 0x2908  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
16:18:05.0074 0x2908  DeviceInstall - ok
16:18:05.0074 0x2908  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
16:18:05.0090 0x2908  DevQueryBroker - ok
16:18:05.0090 0x2908  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
16:18:05.0105 0x2908  Dfsc - ok
16:18:05.0121 0x2908  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:18:05.0136 0x2908  Dhcp - ok
16:18:05.0136 0x2908  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:18:05.0152 0x2908  diagnosticshub.standardcollector.service - ok
16:18:05.0183 0x2908  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:18:05.0230 0x2908  DiagTrack - ok
16:18:05.0230 0x2908  [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
16:18:05.0261 0x2908  DigitalWave.Update.Service - ok
16:18:05.0261 0x2908  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\Windows\system32\drivers\disk.sys
16:18:05.0277 0x2908  disk - ok
16:18:05.0449 0x2908  [ 48E6D893CEEC2918208BDF8DD8AC03AF, A2B9B1E9323409BF92B40BE8194D2D20554D54054154E9774B34FE11140AF512 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
16:18:05.0652 0x2908  DisplayLinkService - ok
16:18:05.0668 0x2908  [ C5DB042DD88FDB75599BACBD45F1F30B, 1FBEA74B63BC3C25F0AF6D3B475FFF2333A3119B2E98C0BF13BF50A9B32B490C ] DisplayLinkUsbIo_x64 C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.1488.0.sys
16:18:05.0668 0x2908  DisplayLinkUsbIo_x64 - ok
16:18:05.0683 0x2908  [ 09F10578A7BE8B214AE7DD29BBFEECA8, 9B7C174906CFCC6315F9468D414E1E13BADF9A4F818F10EC06C26483520FADFB ] dlcdcncm        C:\Windows\System32\drivers\dlcdcncm62_x64.sys
16:18:05.0683 0x2908  dlcdcncm - ok
16:18:05.0699 0x2908  [ 88593FF23A65E2FADC9F50B84A90DD5E, F7CB5B28A71739DB024167400119197267E190B19E2144FE8FF50AA1C581265A ] dlkmd           C:\Windows\system32\drivers\dlkmd.sys
16:18:05.0715 0x2908  dlkmd - ok
16:18:05.0715 0x2908  [ 8792CC86383EEF55A1C3DA1988BFCABD, 29700437ACE387B2F712C3CEBDE8072AD6C7AEF75E42F982645D0B39BBB917A8 ] dlkmdldr        C:\Windows\system32\drivers\dlkmdldr.sys
16:18:05.0730 0x2908  dlkmdldr - ok
16:18:05.0730 0x2908  [ A39593F3E88277D50E205AF3AF1BB773, AEB0E27212E6D7826437B60C793288D5AC7C4A360935FBF8DB9B8B9D4C8782FA ] dlusbaudio      C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys
16:18:05.0746 0x2908  dlusbaudio - ok
16:18:05.0746 0x2908  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
16:18:05.0777 0x2908  DmEnrollmentSvc - ok
16:18:05.0777 0x2908  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
16:18:05.0793 0x2908  dmvsc - ok
16:18:05.0793 0x2908  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
16:18:05.0808 0x2908  dmwappushservice - ok
16:18:05.0808 0x2908  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:18:05.0840 0x2908  Dnscache - ok
16:18:05.0840 0x2908  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\Windows\System32\dot3svc.dll
16:18:05.0871 0x2908  dot3svc - ok
16:18:05.0871 0x2908  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\Windows\system32\dps.dll
16:18:05.0887 0x2908  DPS - ok
16:18:05.0887 0x2908  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
16:18:05.0902 0x2908  drmkaud - ok
16:18:05.0918 0x2908  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
16:18:05.0933 0x2908  DsmSvc - ok
16:18:05.0933 0x2908  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\Windows\System32\DsSvc.dll
16:18:05.0949 0x2908  DsSvc - ok
16:18:05.0980 0x2908  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:18:06.0043 0x2908  DXGKrnl - ok
16:18:06.0043 0x2908  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\Windows\System32\eapsvc.dll
16:18:06.0058 0x2908  Eaphost - ok
16:18:06.0121 0x2908  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:18:06.0199 0x2908  ebdrv - ok
16:18:06.0199 0x2908  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\Windows\System32\lsass.exe
16:18:06.0215 0x2908  EFS - ok
16:18:06.0215 0x2908  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
16:18:06.0230 0x2908  EhStorClass - ok
16:18:06.0230 0x2908  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:18:06.0246 0x2908  EhStorTcgDrv - ok
16:18:06.0246 0x2908  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
16:18:06.0262 0x2908  embeddedmode - ok
16:18:06.0277 0x2908  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
16:18:06.0293 0x2908  EntAppSvc - ok
16:18:06.0293 0x2908  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\Windows\System32\drivers\errdev.sys
16:18:06.0308 0x2908  ErrDev - ok
16:18:06.0324 0x2908  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\Windows\system32\es.dll
16:18:06.0340 0x2908  EventSystem - ok
16:18:06.0355 0x2908  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:18:06.0371 0x2908  exfat - ok
16:18:06.0387 0x2908  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:18:06.0402 0x2908  fastfat - ok
16:18:06.0418 0x2908  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\Windows\system32\fxssvc.exe
16:18:06.0433 0x2908  Fax - ok
16:18:06.0449 0x2908  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\Windows\System32\drivers\fdc.sys
16:18:06.0449 0x2908  fdc - ok
16:18:06.0465 0x2908  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:18:06.0480 0x2908  fdPHost - ok
16:18:06.0480 0x2908  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\Windows\system32\fdrespub.dll
16:18:06.0496 0x2908  FDResPub - ok
16:18:06.0496 0x2908  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\Windows\system32\fhsvc.dll
16:18:06.0527 0x2908  fhsvc - ok
16:18:06.0527 0x2908  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
16:18:06.0543 0x2908  FileCrypt - ok
16:18:06.0543 0x2908  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:18:06.0558 0x2908  FileInfo - ok
16:18:06.0558 0x2908  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:18:06.0574 0x2908  Filetrace - ok
16:18:06.0574 0x2908  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
16:18:06.0590 0x2908  flpydisk - ok
16:18:06.0590 0x2908  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:18:06.0621 0x2908  FltMgr - ok
16:18:06.0637 0x2908  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\Windows\system32\FntCache.dll
16:18:06.0699 0x2908  FontCache - ok
16:18:06.0699 0x2908  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:18:06.0715 0x2908  FontCache3.0.0.0 - ok
16:18:06.0715 0x2908  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:18:06.0730 0x2908  FsDepends - ok
16:18:06.0730 0x2908  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:18:06.0746 0x2908  Fs_Rec - ok
16:18:06.0762 0x2908  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:18:06.0777 0x2908  fvevol - ok
16:18:06.0777 0x2908  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:18:06.0793 0x2908  gagp30kx - ok
16:18:06.0793 0x2908  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
16:18:06.0808 0x2908  gencounter - ok
16:18:06.0808 0x2908  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
16:18:06.0824 0x2908  genericusbfn - ok
16:18:06.0824 0x2908  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
16:18:06.0840 0x2908  GPIOClx0101 - ok
16:18:06.0871 0x2908  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:18:06.0918 0x2908  gpsvc - ok
16:18:06.0918 0x2908  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
16:18:06.0933 0x2908  GpuEnergyDrv - ok
16:18:06.0933 0x2908  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:06.0949 0x2908  gupdate - ok
16:18:06.0949 0x2908  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:06.0965 0x2908  gupdatem - ok
16:18:06.0965 0x2908  [ 06BFA49C4D999E93E214DB4E8044DE0B, 5E339A2A6858AA59F8B0879AB4CB87DBC6622322259CB612594552DDE831ACD0 ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
16:18:06.0980 0x2908  gzflt - ok
16:18:06.0980 0x2908  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
16:18:07.0012 0x2908  HdAudAddService - ok
16:18:07.0012 0x2908  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
16:18:07.0027 0x2908  HDAudBus - ok
16:18:07.0027 0x2908  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
16:18:07.0043 0x2908  HidBatt - ok
16:18:07.0043 0x2908  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
16:18:07.0058 0x2908  HidBth - ok
16:18:07.0058 0x2908  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
16:18:07.0074 0x2908  hidi2c - ok
16:18:07.0074 0x2908  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
16:18:07.0090 0x2908  hidinterrupt - ok
16:18:07.0090 0x2908  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\Windows\System32\drivers\hidir.sys
16:18:07.0105 0x2908  HidIr - ok
16:18:07.0105 0x2908  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\Windows\system32\hidserv.dll
16:18:07.0121 0x2908  hidserv - ok
16:18:07.0121 0x2908  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
16:18:07.0137 0x2908  HidUsb - ok
16:18:07.0152 0x2908  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:18:07.0168 0x2908  HomeGroupListener - ok
16:18:07.0183 0x2908  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:18:07.0199 0x2908  HomeGroupProvider - ok
16:18:07.0199 0x2908  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:18:07.0215 0x2908  HpSAMD - ok
16:18:07.0215 0x2908  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
16:18:07.0230 0x2908  HPSupportSolutionsFrameworkService - ok
16:18:07.0262 0x2908  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:18:07.0293 0x2908  HTTP - ok
16:18:07.0293 0x2908  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:18:07.0293 0x2908  hwpolicy - ok
16:18:07.0308 0x2908  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
16:18:07.0308 0x2908  hyperkbd - ok
16:18:07.0324 0x2908  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
16:18:07.0340 0x2908  i8042prt - ok
16:18:07.0340 0x2908  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
16:18:07.0355 0x2908  iai2c - ok
16:18:07.0355 0x2908  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
16:18:07.0371 0x2908  iaLPSS2i_I2C - ok
16:18:07.0387 0x2908  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:18:07.0387 0x2908  iaLPSSi_GPIO - ok
16:18:07.0387 0x2908  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:18:07.0402 0x2908  iaLPSSi_I2C - ok
16:18:07.0418 0x2908  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
16:18:07.0449 0x2908  iaStorAV - ok
16:18:07.0449 0x2908  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:18:07.0465 0x2908  iaStorV - ok
16:18:07.0480 0x2908  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
16:18:07.0496 0x2908  ibbus - ok
16:18:07.0496 0x2908  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\Windows\System32\tetheringservice.dll
16:18:07.0527 0x2908  icssvc - ok
16:18:07.0527 0x2908  IEEtwCollectorService - ok
16:18:07.0527 0x2908  [ 1E7339E5130E1D9105602A5D22F86D56, F8EABB2C919633582FFC66F0EEE072FFE28B457A640591FFCA132CA0C80A8660 ] ignis           C:\Windows\system32\DRIVERS\ignis.sys
16:18:07.0543 0x2908  ignis - ok
16:18:07.0559 0x2908  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:18:07.0605 0x2908  IKEEXT - ok
16:18:07.0652 0x2908  [ 9FEAC097F98F883D0A389C1C36C5DFBD, D27FFCA99D527EFA1280E48B2D76ED614A5F1738D5995C007ECAA6A36B3E2E69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:18:07.0715 0x2908  IntcAzAudAddService - ok
16:18:07.0730 0x2908  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\Windows\system32\drivers\intelide.sys
16:18:07.0730 0x2908  intelide - ok
16:18:07.0730 0x2908  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\Windows\system32\drivers\intelpep.sys
16:18:07.0746 0x2908  intelpep - ok
16:18:07.0746 0x2908  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
16:18:07.0762 0x2908  intelppm - ok
16:18:07.0777 0x2908  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\Windows\system32\drivers\ioqos.sys
16:18:07.0777 0x2908  IoQos - ok
16:18:07.0793 0x2908  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:18:07.0809 0x2908  IpFilterDriver - ok
16:18:07.0824 0x2908  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:18:07.0855 0x2908  iphlpsvc - ok
16:18:07.0871 0x2908  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
16:18:07.0887 0x2908  IPMIDRV - ok
16:18:07.0887 0x2908  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:18:07.0902 0x2908  IPNAT - ok
16:18:07.0902 0x2908  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:18:07.0918 0x2908  IRENUM - ok
16:18:07.0918 0x2908  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:18:07.0934 0x2908  isapnp - ok
16:18:07.0934 0x2908  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
16:18:07.0949 0x2908  iScsiPrt - ok
16:18:07.0965 0x2908  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
16:18:07.0965 0x2908  kbdclass - ok
16:18:07.0980 0x2908  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
16:18:07.0980 0x2908  kbdhid - ok
16:18:07.0996 0x2908  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
16:18:07.0996 0x2908  kdnic - ok
16:18:08.0012 0x2908  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\Windows\system32\lsass.exe
16:18:08.0012 0x2908  KeyIso - ok
16:18:08.0027 0x2908  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:18:08.0027 0x2908  KSecDD - ok
16:18:08.0043 0x2908  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:18:08.0059 0x2908  KSecPkg - ok
16:18:08.0059 0x2908  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:18:08.0074 0x2908  ksthunk - ok
16:18:08.0074 0x2908  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:18:08.0105 0x2908  KtmRm - ok
16:18:08.0105 0x2908  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:18:08.0137 0x2908  LanmanServer - ok
16:18:08.0137 0x2908  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:18:08.0168 0x2908  LanmanWorkstation - ok
16:18:08.0168 0x2908  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\Windows\System32\lfsvc.dll
16:18:08.0184 0x2908  lfsvc - ok
16:18:08.0184 0x2908  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
16:18:08.0199 0x2908  LicenseManager - ok
16:18:08.0199 0x2908  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\Windows\system32\drivers\lltdio.sys
16:18:08.0215 0x2908  lltdio - ok
16:18:08.0215 0x2908  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:18:08.0246 0x2908  lltdsvc - ok
16:18:08.0246 0x2908  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:18:08.0262 0x2908  lmhosts - ok
16:18:08.0262 0x2908  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:18:08.0277 0x2908  LSI_SAS - ok
16:18:08.0277 0x2908  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
16:18:08.0293 0x2908  LSI_SAS2i - ok
16:18:08.0293 0x2908  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
16:18:08.0309 0x2908  LSI_SAS3i - ok
16:18:08.0324 0x2908  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
16:18:08.0324 0x2908  LSI_SSS - ok
16:18:08.0340 0x2908  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\Windows\System32\lsm.dll
16:18:08.0371 0x2908  LSM - ok
16:18:08.0387 0x2908  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\Windows\system32\drivers\luafv.sys
16:18:08.0402 0x2908  luafv - ok
16:18:08.0402 0x2908  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\Windows\System32\moshost.dll
16:18:08.0418 0x2908  MapsBroker - ok
16:18:08.0418 0x2908  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:18:08.0434 0x2908  MBAMSwissArmy - ok
16:18:08.0434 0x2908  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:18:08.0449 0x2908  megasas - ok
16:18:08.0465 0x2908  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\Windows\system32\drivers\megasr.sys
16:18:08.0481 0x2908  megasr - ok
16:18:08.0496 0x2908  [ C7DFCC5470DBBE00114723A233701CF8, 8E00E8975BD3ABDD7F774E76FE33024EE09755DFC3C46F880E4EAA7F7D8393B6 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
16:18:08.0496 0x2908  MEIx64 - ok
16:18:08.0512 0x2908  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\Windows\System32\MessagingService.dll
16:18:08.0527 0x2908  MessagingService - ok
16:18:08.0543 0x2908  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
16:18:08.0574 0x2908  mlx4_bus - ok
16:18:08.0574 0x2908  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
16:18:08.0590 0x2908  MMCSS - ok
16:18:08.0590 0x2908  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\Windows\system32\drivers\modem.sys
16:18:08.0606 0x2908  Modem - ok
16:18:08.0621 0x2908  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\Windows\System32\drivers\monitor.sys
16:18:08.0621 0x2908  monitor - ok
16:18:08.0637 0x2908  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\Windows\System32\drivers\mouclass.sys
16:18:08.0637 0x2908  mouclass - ok
16:18:08.0652 0x2908  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\Windows\System32\drivers\mouhid.sys
16:18:08.0652 0x2908  mouhid - ok
16:18:08.0668 0x2908  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:18:08.0684 0x2908  mountmgr - ok
16:18:08.0684 0x2908  [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:18:08.0699 0x2908  MozillaMaintenance - ok
16:18:08.0699 0x2908  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:18:08.0715 0x2908  mpsdrv - ok
16:18:08.0731 0x2908  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:18:08.0762 0x2908  MpsSvc - ok
16:18:08.0762 0x2908  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:18:08.0777 0x2908  MRxDAV - ok
16:18:08.0793 0x2908  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:08.0809 0x2908  mrxsmb - ok
16:18:08.0824 0x2908  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:08.0840 0x2908  mrxsmb10 - ok
16:18:08.0840 0x2908  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:08.0856 0x2908  mrxsmb20 - ok
16:18:08.0871 0x2908  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\Windows\system32\drivers\bridge.sys
16:18:08.0887 0x2908  MsBridge - ok
16:18:08.0887 0x2908  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\Windows\System32\msdtc.exe
16:18:08.0902 0x2908  MSDTC - ok
16:18:08.0902 0x2908  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:18:08.0918 0x2908  Msfs - ok
16:18:08.0918 0x2908  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
16:18:08.0934 0x2908  msgpiowin32 - ok
16:18:08.0934 0x2908  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:18:08.0949 0x2908  mshidkmdf - ok
16:18:08.0949 0x2908  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
16:18:08.0965 0x2908  mshidumdf - ok
16:18:08.0965 0x2908  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:18:08.0981 0x2908  msisadrv - ok
16:18:08.0981 0x2908  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:18:08.0996 0x2908  MSiSCSI - ok
16:18:08.0996 0x2908  msiserver - ok
16:18:09.0012 0x2908  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
16:18:09.0012 0x2908  MSKSSRV - ok
16:18:09.0027 0x2908  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
16:18:09.0043 0x2908  MsLldp - ok
16:18:09.0043 0x2908  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
16:18:09.0059 0x2908  MSPCLOCK - ok
16:18:09.0059 0x2908  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
16:18:09.0074 0x2908  MSPQM - ok
16:18:09.0074 0x2908  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:18:09.0106 0x2908  MsRPC - ok
16:18:09.0106 0x2908  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
16:18:09.0121 0x2908  mssmbios - ok
16:18:09.0121 0x2908  [ 19A4299BE5BFA4288D31A2847AC7BF1B, 6E8DBDBFFDA5EB5BC8D42B6015F2A62CF328D6131431493FB1329C1B5869DE6E ] MSSQL$JTLWAWI   C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\sqlservr.exe
16:18:09.0137 0x2908  MSSQL$JTLWAWI - ok
16:18:09.0152 0x2908  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
16:18:09.0152 0x2908  MSTEE - ok
16:18:09.0168 0x2908  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
16:18:09.0184 0x2908  MTConfig - ok
16:18:09.0184 0x2908  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:18:09.0199 0x2908  Mup - ok
16:18:09.0199 0x2908  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
16:18:09.0215 0x2908  mvumis - ok
16:18:09.0215 0x2908  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:18:09.0246 0x2908  NativeWifiP - ok
16:18:09.0262 0x2908  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\Windows\System32\ncasvc.dll
16:18:09.0277 0x2908  NcaSvc - ok
16:18:09.0277 0x2908  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\Windows\System32\ncbservice.dll
16:18:09.0309 0x2908  NcbService - ok
16:18:09.0309 0x2908  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
16:18:09.0324 0x2908  NcdAutoSetup - ok
16:18:09.0340 0x2908  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
16:18:09.0340 0x2908  ndfltr - ok
16:18:09.0371 0x2908  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:18:09.0402 0x2908  NDIS - ok
16:18:09.0402 0x2908  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
16:18:09.0418 0x2908  NdisCap - ok
16:18:09.0418 0x2908  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
16:18:09.0434 0x2908  NdisImPlatform - ok
16:18:09.0434 0x2908  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:09.0449 0x2908  NdisTapi - ok
16:18:09.0465 0x2908  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
16:18:09.0465 0x2908  Ndisuio - ok
16:18:09.0481 0x2908  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
16:18:09.0496 0x2908  NdisVirtualBus - ok
16:18:09.0496 0x2908  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
16:18:09.0512 0x2908  NdisWan - ok
16:18:09.0512 0x2908  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:09.0543 0x2908  ndiswanlegacy - ok
16:18:09.0543 0x2908  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
16:18:09.0559 0x2908  ndproxy - ok
16:18:09.0559 0x2908  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\Windows\system32\drivers\Ndu.sys
16:18:09.0574 0x2908  Ndu - ok
16:18:09.0574 0x2908  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
16:18:09.0590 0x2908  NetBIOS - ok
16:18:09.0590 0x2908  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:18:09.0621 0x2908  NetBT - ok
16:18:09.0621 0x2908  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\Windows\system32\lsass.exe
16:18:09.0637 0x2908  Netlogon - ok
16:18:09.0637 0x2908  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\Windows\System32\netman.dll
16:18:09.0652 0x2908  Netman - ok
16:18:09.0668 0x2908  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\Windows\System32\netprofmsvc.dll
16:18:09.0699 0x2908  netprofm - ok
16:18:09.0715 0x2908  [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
16:18:09.0731 0x2908  NetSetupSvc - ok
16:18:09.0731 0x2908  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:18:09.0746 0x2908  NetTcpPortSharing - ok
16:18:09.0746 0x2908  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
16:18:09.0777 0x2908  NgcCtnrSvc - ok
16:18:09.0793 0x2908  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\Windows\system32\ngcsvc.dll
16:18:09.0824 0x2908  NgcSvc - ok
16:18:09.0824 0x2908  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:18:09.0856 0x2908  NlaSvc - ok
16:18:09.0856 0x2908  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:18:09.0871 0x2908  Npfs - ok
16:18:09.0871 0x2908  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
16:18:09.0887 0x2908  npsvctrig - ok
16:18:09.0887 0x2908  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\Windows\system32\nsisvc.dll
16:18:09.0902 0x2908  nsi - ok
16:18:09.0902 0x2908  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:18:09.0918 0x2908  nsiproxy - ok
16:18:09.0949 0x2908  [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
16:18:10.0012 0x2908  NTFS - ok
16:18:10.0012 0x2908  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\Windows\system32\drivers\Null.sys
16:18:10.0027 0x2908  Null - ok
16:18:10.0027 0x2908  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:18:10.0043 0x2908  nvraid - ok
16:18:10.0043 0x2908  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:18:10.0059 0x2908  nvstor - ok
16:18:10.0074 0x2908  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:18:10.0074 0x2908  nv_agp - ok
16:18:10.0090 0x2908  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
16:18:10.0106 0x2908  OneSyncSvc - ok
16:18:10.0121 0x2908  [ E72509DD11B2B4B8F9D629378D37571B, B5A803DF8685D6BFAD6B8AB9CC9F50055B5C50C84373AE5663A88CBB06F803CA ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:18:10.0152 0x2908  ose - detected UnsignedFile.Multi.Generic ( 1 )
16:18:12.0543 0x2908  ose ( UnsignedFile.Multi.Generic ) - warning
16:18:14.0950 0x2908  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:18:14.0966 0x2908  p2pimsvc - ok
16:18:14.0981 0x2908  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\Windows\system32\p2psvc.dll
16:18:14.0997 0x2908  p2psvc - ok
16:18:15.0012 0x2908  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\Windows\System32\drivers\parport.sys
16:18:15.0012 0x2908  Parport - ok
16:18:15.0028 0x2908  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:18:15.0044 0x2908  partmgr - ok
16:18:15.0044 0x2908  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:18:15.0075 0x2908  PcaSvc - ok
16:18:15.0075 0x2908  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\Windows\system32\drivers\pci.sys
16:18:15.0091 0x2908  pci - ok
16:18:15.0091 0x2908  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:18:15.0106 0x2908  pciide - ok
16:18:15.0106 0x2908  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:18:15.0122 0x2908  pcmcia - ok
16:18:15.0122 0x2908  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:18:15.0137 0x2908  pcw - ok
16:18:15.0137 0x2908  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\Windows\system32\drivers\pdc.sys
16:18:15.0153 0x2908  pdc - ok
16:18:15.0169 0x2908  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:18:15.0200 0x2908  PEAUTH - ok
16:18:15.0231 0x2908  [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:18:15.0294 0x2908  PeerDistSvc - ok
16:18:15.0309 0x2908  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
16:18:15.0309 0x2908  percsas2i - ok
16:18:15.0325 0x2908  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
16:18:15.0325 0x2908  percsas3i - ok
16:18:15.0356 0x2908  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:18:15.0372 0x2908  PerfHost - ok
16:18:15.0387 0x2908  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\Windows\System32\PhoneService.dll
16:18:15.0419 0x2908  PhoneSvc - ok
16:18:15.0434 0x2908  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
16:18:15.0450 0x2908  PimIndexMaintenanceSvc - ok
16:18:15.0481 0x2908  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\Windows\system32\pla.dll
16:18:15.0544 0x2908  pla - ok
16:18:15.0544 0x2908  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:18:15.0559 0x2908  PlugPlay - ok
16:18:15.0575 0x2908  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:18:15.0591 0x2908  PNRPAutoReg - ok
16:18:15.0591 0x2908  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:18:15.0606 0x2908  PNRPsvc - ok
16:18:15.0622 0x2908  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:18:15.0653 0x2908  PolicyAgent - ok
16:18:15.0653 0x2908  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\Windows\system32\umpo.dll
16:18:15.0669 0x2908  Power - ok
16:18:15.0669 0x2908  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
16:18:15.0684 0x2908  PptpMiniport - ok
16:18:15.0763 0x2908  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:18:15.0872 0x2908  PrintNotify - ok
16:18:15.0872 0x2908  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\Windows\System32\drivers\processr.sys
16:18:15.0888 0x2908  Processor - ok
16:18:15.0903 0x2908  [ 2DC4BE7BA723BC70D22597A3CF061125, 31013F2F51E1FD1B66403EF1BED6FC2E6722C3737F274E88A4660CF35A40192D ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
16:18:15.0919 0x2908  ProductAgentService - ok
16:18:15.0934 0x2908  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\Windows\system32\profsvc.dll
16:18:15.0950 0x2908  ProfSvc - ok
16:18:15.0966 0x2908  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\Windows\system32\drivers\pacer.sys
16:18:15.0997 0x2908  Psched - ok
16:18:15.0997 0x2908  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:18:16.0013 0x2908  PxHlpa64 - ok
16:18:16.0013 0x2908  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\Windows\system32\qwave.dll
16:18:16.0028 0x2908  QWAVE - ok
16:18:16.0044 0x2908  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:18:16.0044 0x2908  QWAVEdrv - ok
16:18:16.0059 0x2908  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:18:16.0059 0x2908  RasAcd - ok
16:18:16.0075 0x2908  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
16:18:16.0091 0x2908  RasAgileVpn - ok
16:18:16.0091 0x2908  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\Windows\System32\rasauto.dll
16:18:16.0106 0x2908  RasAuto - ok
16:18:16.0106 0x2908  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
16:18:16.0122 0x2908  Rasl2tp - ok
16:18:16.0138 0x2908  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\Windows\System32\rasmans.dll
16:18:16.0169 0x2908  RasMan - ok
16:18:16.0169 0x2908  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:18:16.0184 0x2908  RasPppoe - ok
16:18:16.0200 0x2908  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
16:18:16.0216 0x2908  RasSstp - ok
16:18:16.0216 0x2908  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:18:16.0231 0x2908  rdbss - ok
16:18:16.0247 0x2908  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
16:18:16.0263 0x2908  rdpbus - ok
16:18:16.0263 0x2908  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:18:16.0278 0x2908  RDPDR - ok
16:18:16.0278 0x2908  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:18:16.0294 0x2908  RdpVideoMiniport - ok
16:18:16.0294 0x2908  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:18:16.0309 0x2908  rdyboost - ok
16:18:16.0325 0x2908  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
16:18:16.0341 0x2974  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
16:18:16.0356 0x2908  ReFSv1 - ok
16:18:16.0372 0x2908  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:18:16.0403 0x2908  RemoteAccess - ok
16:18:16.0403 0x2908  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:18:16.0434 0x2908  RemoteRegistry - ok
16:18:16.0450 0x2908  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\Windows\system32\RDXService.dll
16:18:16.0497 0x2908  RetailDemo - ok
16:18:16.0497 0x2908  [ 74727B8BF0227820660A79450F2D94EF, 86BC249322A3C63CBC3B532AD86BFDCB5A46A24A767137D02C944B94A899C521 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
16:18:16.0513 0x2908  RFCOMM - ok
16:18:16.0528 0x2908  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:18:16.0544 0x2908  RpcEptMapper - ok
16:18:16.0544 0x2908  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\Windows\system32\locator.exe
16:18:16.0559 0x2908  RpcLocator - ok
16:18:16.0575 0x2908  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\Windows\system32\rpcss.dll
16:18:16.0606 0x2908  RpcSs - ok
16:18:16.0622 0x2908  [ FA89B6166BAB23ED5739B6BF487E8C2F, A89B5E59E335969EE98D68626802D85899798F24906E992C693455610911BF31 ] RsFx0300        C:\Windows\system32\DRIVERS\RsFx0300.sys
16:18:16.0622 0x2908  RsFx0300 - ok
16:18:16.0638 0x2908  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\Windows\system32\drivers\rspndr.sys
16:18:16.0653 0x2908  rspndr - ok
16:18:16.0684 0x2908  [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64        C:\Windows\System32\drivers\rt640x64.sys
16:18:16.0716 0x2908  rt640x64 - ok
16:18:16.0716 0x2908  [ 6831D30B0DB45E25E6C3207247C6EC36, DE9F0331E7BA5AF30E1B4D848AB44BAAD94356776A60E750BB55AD54AB667AAA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:18:16.0731 0x2908  RtkAudioService - ok
16:18:16.0731 0x2908  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
16:18:16.0747 0x2908  s3cap - ok
16:18:16.0747 0x2908  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\Windows\system32\lsass.exe
16:18:16.0763 0x2908  SamSs - ok
16:18:16.0763 0x2908  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:18:16.0778 0x2908  sbp2port - ok
16:18:16.0778 0x2908  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:18:16.0809 0x2908  SCardSvr - ok
16:18:16.0809 0x2908  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
16:18:16.0825 0x2908  ScDeviceEnum - ok
16:18:16.0841 0x2908  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:18:16.0856 0x2908  scfilter - ok
16:18:16.0872 0x2908  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\Windows\system32\schedsvc.dll
16:18:16.0903 0x2908  Schedule - ok
16:18:16.0919 0x2908  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:18:16.0935 0x2908  SCPolicySvc - ok
16:18:16.0935 0x2908  [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
16:18:16.0950 0x2908  sdbus - ok
16:18:16.0966 0x2908  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:18:16.0981 0x2908  SDRSVC - ok
16:18:16.0981 0x2908  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
16:18:16.0997 0x2908  sdstor - ok
16:18:16.0997 0x2908  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ]

Rolexx7 · 05.04.2016, 15:20

TDDS 2

Code:

ATTFilter

seclogon        C:\Windows\system32\seclogon.dll
16:18:17.0013 0x2908  seclogon - ok
16:18:17.0013 0x2908  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\Windows\System32\sens.dll
16:18:17.0044 0x2908  SENS - ok
16:18:17.0060 0x2908  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\Windows\System32\SensorDataService.exe
16:18:17.0106 0x2908  SensorDataService - ok
16:18:17.0122 0x2908  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\Windows\system32\SensorService.dll
16:18:17.0138 0x2908  SensorService - ok
16:18:17.0153 0x2908  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:18:17.0169 0x2908  SensrSvc - ok
16:18:17.0169 0x2908  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\Windows\system32\drivers\SerCx.sys
16:18:17.0185 0x2908  SerCx - ok
16:18:17.0185 0x2908  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
16:18:17.0200 0x2908  SerCx2 - ok
16:18:17.0200 0x2908  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\Windows\System32\drivers\serenum.sys
16:18:17.0216 0x2908  Serenum - ok
16:18:17.0216 0x2908  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\Windows\System32\drivers\serial.sys
16:18:17.0231 0x2908  Serial - ok
16:18:17.0231 0x2908  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
16:18:17.0247 0x2908  sermouse - ok
16:18:17.0263 0x2908  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\Windows\system32\sessenv.dll
16:18:17.0278 0x2908  SessionEnv - ok
16:18:17.0294 0x2908  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
16:18:17.0294 0x2908  sfloppy - ok
16:18:17.0310 0x2908  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:18:17.0341 0x2908  SharedAccess - ok
16:18:17.0341 0x2908  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:18:17.0388 0x2908  ShellHWDetection - ok
16:18:17.0388 0x2908  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:18:17.0403 0x2908  SiSRaid2 - ok
16:18:17.0403 0x2908  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:18:17.0419 0x2908  SiSRaid4 - ok
16:18:17.0419 0x2908  [ 51DE8F82A399ABD8305EA56CCFB923C0, 55AEE8345BB83A53331DD4765738E20AA25735B5F861039FBA1AD2ECE4151331 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
16:18:17.0419 0x2908  SmbDrvI - ok
16:18:17.0435 0x2908  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\Windows\System32\smphost.dll
16:18:17.0450 0x2908  smphost - ok
16:18:17.0450 0x2908  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
16:18:17.0482 0x2908  SmsRouter - ok
16:18:17.0497 0x2908  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:18:17.0513 0x2908  SNMPTRAP - ok
16:18:17.0513 0x2908  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\Windows\system32\drivers\spaceport.sys
16:18:17.0544 0x2908  spaceport - ok
16:18:17.0544 0x2908  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
16:18:17.0560 0x2908  SpbCx - ok
16:18:17.0575 0x2908  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\Windows\System32\spoolsv.exe
16:18:17.0607 0x2908  Spooler - ok
16:18:17.0716 0x2908  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\Windows\system32\sppsvc.exe
16:18:17.0841 0x2908  sppsvc - ok
16:18:17.0857 0x2908  [ F66D45AA6853B22083611E3D7E4CF6C0, 39745729D4A34FB5CE8C21548654A8028609720CF46936DFE5C735BEFC3B1B67 ] SQLAgent$JTLWAWI C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\SQLAGENT.EXE
16:18:17.0888 0x2908  SQLAgent$JTLWAWI - ok
16:18:17.0888 0x2908  [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:18:17.0903 0x2908  SQLBrowser - ok
16:18:17.0903 0x2908  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:18:17.0919 0x2908  SQLWriter - ok
16:18:17.0935 0x2908  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:18:17.0950 0x2908  srv - ok
16:18:17.0966 0x2908  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:18:17.0997 0x2908  srv2 - ok
16:18:17.0997 0x2908  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:18:18.0028 0x2908  srvnet - ok
16:18:18.0028 0x2908  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:18:18.0044 0x2908  SSDPSRV - ok
16:18:18.0060 0x2908  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:18:18.0075 0x2908  SstpSvc - ok
16:18:18.0122 0x2908  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\Windows\system32\windows.staterepository.dll
16:18:18.0200 0x2908  StateRepository - ok
16:18:18.0216 0x2908  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:18:18.0216 0x2908  stexstor - ok
16:18:18.0232 0x2908  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:18:18.0232 0x2908  StillCam - ok
16:18:18.0247 0x2908  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\Windows\System32\wiaservc.dll
16:18:18.0278 0x2908  stisvc - ok
16:18:18.0294 0x2908  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\Windows\system32\drivers\storahci.sys
16:18:18.0294 0x2908  storahci - ok
16:18:18.0310 0x2908  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:18:18.0310 0x2908  storflt - ok
16:18:18.0325 0x2908  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\Windows\system32\drivers\stornvme.sys
16:18:18.0325 0x2908  stornvme - ok
16:18:18.0341 0x2908  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
16:18:18.0341 0x2908  storqosflt - ok
16:18:18.0357 0x2908  [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc         C:\Windows\system32\storsvc.dll
16:18:18.0388 0x2908  StorSvc - ok
16:18:18.0388 0x2908  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\Windows\system32\drivers\storufs.sys
16:18:18.0403 0x2908  storufs - ok
16:18:18.0403 0x2908  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:18:18.0419 0x2908  storvsc - ok
16:18:18.0419 0x2908  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\Windows\system32\svsvc.dll
16:18:18.0435 0x2908  svsvc - ok
16:18:18.0435 0x2908  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\Windows\System32\drivers\swenum.sys
16:18:18.0450 0x2908  swenum - ok
16:18:18.0466 0x2908  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\Windows\System32\swprv.dll
16:18:18.0497 0x2908  swprv - ok
16:18:18.0497 0x2908  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
16:18:18.0513 0x2908  Synth3dVsc - ok
16:18:18.0528 0x2908  [ 9DEA2FEBC85556ACE33F8ED89AC343BB, D523F727C2857D28593491A52A24291AC7E617654FC25CC536D8A9876777FE54 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:18:18.0544 0x2908  SynTP - ok
16:18:18.0544 0x2908  [ F9A7E789DF11F534F80387FD1CA61C1A, 5B376E7142A528355E99751BE6A8100FD089BD1C48DDF4BF337846F81EE088B7 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
16:18:18.0575 0x2908  SynTPEnhService - ok
16:18:18.0591 0x2908  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\Windows\system32\sysmain.dll
16:18:18.0638 0x2908  SysMain - ok
16:18:18.0638 0x2908  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:18:18.0669 0x2908  SystemEventsBroker - ok
16:18:18.0669 0x2908  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:18:18.0685 0x2908  TabletInputService - ok
16:18:18.0700 0x2908  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\System32\drivers\tap0901.sys
16:18:18.0700 0x2908  tap0901 - ok
16:18:18.0716 0x2908  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:18:18.0732 0x2908  TapiSrv - ok
16:18:18.0778 0x2974  Object send P2P result: true
16:18:18.0778 0x2974  Object required for P2P: [ 48E6D893CEEC2918208BDF8DD8AC03AF ] DisplayLinkService
16:18:18.0778 0x2908  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:18:18.0825 0x2908  Tcpip - ok
16:18:18.0888 0x2908  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
16:18:18.0950 0x2908  Tcpip6 - ok
16:18:18.0950 0x2908  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:18:18.0966 0x2908  tcpipreg - ok
16:18:18.0982 0x2908  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:18:18.0982 0x2908  tdx - ok
16:18:19.0091 0x2908  [ E9D702580349582413503A28F8329B32, 405CEA2DB2B9EE9EF87E454375BEA6A3F6FB30B95BBD9F397129C73D4CCCC282 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:18:19.0263 0x2908  TeamViewer - ok
16:18:19.0263 0x2908  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
16:18:19.0278 0x2908  terminpt - ok
16:18:19.0294 0x2908  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\Windows\System32\termsrv.dll
16:18:19.0341 0x2908  TermService - ok
16:18:19.0341 0x2908  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\Windows\system32\themeservice.dll
16:18:19.0357 0x2908  Themes - ok
16:18:19.0372 0x2908  [ 93EBCBD28E42875B223C6824AF66DFAA, 681DA2A03A7ABEF97593B45E458A0E2DA671350F3A8741DB6C43F8298DC21FF3 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
16:18:19.0372 0x2908  Thotkey - ok
16:18:19.0388 0x2908  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
16:18:19.0404 0x2908  TieringEngineService - ok
16:18:19.0419 0x2908  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
16:18:19.0450 0x2908  tiledatamodelsvc - ok
16:18:19.0450 0x2908  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
16:18:19.0466 0x2908  TimeBroker - ok
16:18:19.0466 0x2908  [ 9B0917DFF257E3F7F36F41BA6BDB0FC8, 87EAFB90BD146222CC81510CA8F3E0095D3601981392F780E76CAA7EF8534FB7 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
16:18:19.0482 0x2908  tosrfec - ok
16:18:19.0482 0x2908  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\Windows\System32\drivers\tpm.sys
16:18:19.0497 0x2908  TPM - ok
16:18:19.0497 0x2908  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\Windows\System32\trkwks.dll
16:18:19.0529 0x2908  TrkWks - ok
16:18:19.0529 0x2908  [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
16:18:19.0544 0x2908  trufos - ok
16:18:19.0560 0x2908  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:18:19.0560 0x2908  TrustedInstaller - ok
16:18:19.0575 0x2908  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
16:18:19.0591 0x2908  tsusbflt - ok
16:18:19.0591 0x2908  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
16:18:19.0607 0x2908  TsUsbGD - ok
16:18:19.0607 0x2908  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\Windows\System32\drivers\tunnel.sys
16:18:19.0622 0x2908  tunnel - ok
16:18:19.0622 0x2908  [ 3C891273F76BCCA81DAA1CD1F752CE5F, 561961EB3D35F06ADF9D6DF4C1FE078AF0A242D8081465B19AE73DDB52C1C546 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
16:18:19.0638 0x2908  TVALZ - ok
16:18:19.0638 0x2908  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
16:18:19.0654 0x2908  tzautoupdate - ok
16:18:19.0669 0x2908  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:18:19.0669 0x2908  uagp35 - ok
16:18:19.0685 0x2908  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
16:18:19.0685 0x2908  UASPStor - ok
16:18:19.0700 0x2908  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
16:18:19.0700 0x2908  UcmCx0101 - ok
16:18:19.0716 0x2908  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
16:18:19.0732 0x2908  UcmUcsi - ok
16:18:19.0732 0x2908  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
16:18:19.0747 0x2908  Ucx01000 - ok
16:18:19.0747 0x2908  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
16:18:19.0763 0x2908  UdeCx - ok
16:18:19.0763 0x2908  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:18:19.0794 0x2908  udfs - ok
16:18:19.0794 0x2908  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
16:18:19.0810 0x2908  UEFI - ok
16:18:19.0810 0x2908  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
16:18:19.0825 0x2908  Ufx01000 - ok
16:18:19.0841 0x2908  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
16:18:19.0841 0x2908  UfxChipidea - ok
16:18:19.0857 0x2908  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
16:18:19.0872 0x2908  ufxsynopsys - ok
16:18:19.0872 0x2908  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:18:19.0888 0x2908  UI0Detect - ok
16:18:19.0888 0x2908  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:18:19.0904 0x2908  uliagpkx - ok
16:18:19.0904 0x2908  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\Windows\System32\drivers\umbus.sys
16:18:19.0919 0x2908  umbus - ok
16:18:19.0919 0x2908  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\Windows\System32\drivers\umpass.sys
16:18:19.0935 0x2908  UmPass - ok
16:18:19.0950 0x2908  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:18:19.0966 0x2908  UmRdpService - ok
16:18:19.0982 0x2908  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\Windows\System32\unistore.dll
16:18:20.0029 0x2908  UnistoreSvc - ok
16:18:20.0060 0x2908  [ 725A3BDFC3603897BF4E166A18995D64, 693FB4C65BE170609CA240F0E6A3DDB532B4D4F2EB982C14A27F72139FFC07FE ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
16:18:20.0075 0x2908  UPDATESRV - ok
16:18:20.0091 0x2908  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\Windows\System32\upnphost.dll
16:18:20.0107 0x2908  upnphost - ok
16:18:20.0122 0x2908  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
16:18:20.0122 0x2908  UrsChipidea - ok
16:18:20.0122 0x2908  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
16:18:20.0138 0x2908  UrsCx01000 - ok
16:18:20.0138 0x2908  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
16:18:20.0154 0x2908  UrsSynopsys - ok
16:18:20.0154 0x2908  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
16:18:20.0169 0x2908  USBAAPL64 - ok
16:18:20.0185 0x2908  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:18:20.0200 0x2908  usbaudio - ok
16:18:20.0200 0x2908  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
16:18:20.0216 0x2908  usbccgp - ok
16:18:20.0216 0x2908  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
16:18:20.0232 0x2908  usbcir - ok
16:18:20.0232 0x2908  [ 635686E528F2C9CB916EC1BB04EE6AD1, 080A0F209773232860F510F17005EF92650BA831F69BB0006AEF11A2BB0A4906 ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
16:18:20.0263 0x2908  UsbClientService - ok
16:18:20.0263 0x2908  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\Windows\System32\drivers\usbehci.sys
16:18:20.0279 0x2908  usbehci - ok
16:18:20.0279 0x2908  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\Windows\System32\drivers\usbhub.sys
16:18:20.0310 0x2908  usbhub - ok
16:18:20.0310 0x2908  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
16:18:20.0341 0x2908  USBHUB3 - ok
16:18:20.0341 0x2908  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
16:18:20.0357 0x2908  usbohci - ok
16:18:20.0357 0x2908  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
16:18:20.0372 0x2908  usbprint - ok
16:18:20.0372 0x2908  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\Windows\System32\drivers\usbser.sys
16:18:20.0388 0x2908  usbser - ok
16:18:20.0388 0x2908  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
16:18:20.0404 0x2908  USBSTOR - ok
16:18:20.0404 0x2908  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
16:18:20.0419 0x2908  usbuhci - ok
16:18:20.0435 0x2908  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:18:20.0450 0x2908  usbvideo - ok
16:18:20.0450 0x2908  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
16:18:20.0466 0x2908  USBXHCI - ok
16:18:20.0497 0x2908  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\Windows\System32\userdataservice.dll
16:18:20.0544 0x2908  UserDataSvc - ok
16:18:20.0591 0x2908  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\Windows\System32\usermgr.dll
16:18:20.0622 0x2908  UserManager - ok
16:18:20.0638 0x2908  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\Windows\system32\usocore.dll
16:18:20.0654 0x2908  UsoSvc - ok
16:18:20.0654 0x2908  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\Windows\system32\lsass.exe
16:18:20.0669 0x2908  VaultSvc - ok
16:18:20.0685 0x2908  [ 6F2C8F6969E1282FAAC560C04DECF0D1, C313E56E92203E7FDDF22052B751EAA76CC62F652B3FCA1871198441A0F85A1A ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
16:18:20.0716 0x2908  VBoxDrv - ok
16:18:20.0716 0x2908  [ F844DC3A071B9840B73A07BD81DED40B, B381CCD493660817544B6FED83C8E583028C4B60420AC812357440F6248D351E ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
16:18:20.0732 0x2908  VBoxNetAdp - ok
16:18:20.0732 0x2908  [ 73B84C1CE9731DA3EA0B11839C47F729, DE91D345DA348AB81992B7D75163EDB276E9A63724FA1B1E15A09DC33F47EF8D ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
16:18:20.0747 0x2908  VBoxNetLwf - ok
16:18:20.0747 0x2908  [ 45525D9AC80B2E2135C853060B4BE9C8, B6754927EE3FCE211360D06CD88B64BDDE7EB2823EEF665CDF976B96AA15BABA ] VBoxUSB         C:\Windows\System32\Drivers\VBoxUSB.sys
16:18:20.0763 0x2908  VBoxUSB - ok
16:18:20.0763 0x2908  [ 6AB7FC5FA41DCF67929F95D1431B18D1, 67684C16291CFCC0DF9AE307248DFFB34D2E301B350ABD868B2384FA75786DB6 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:18:20.0779 0x2908  VBoxUSBMon - ok
16:18:20.0779 0x2908  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:18:20.0794 0x2908  vdrvroot - ok
16:18:20.0810 0x2908  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\Windows\System32\vds.exe
16:18:20.0841 0x2908  vds - ok
16:18:20.0841 0x2908  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
16:18:20.0857 0x2908  VerifierExt - ok
16:18:20.0872 0x2908  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
16:18:20.0904 0x2908  vhdmp - ok
16:18:20.0904 0x2908  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\Windows\System32\drivers\vhf.sys
16:18:20.0919 0x2908  vhf - ok
16:18:20.0919 0x2908  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:18:20.0935 0x2908  vmbus - ok
16:18:20.0935 0x2908  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
16:18:20.0951 0x2908  VMBusHID - ok
16:18:20.0951 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:18:20.0982 0x2908  vmicguestinterface - ok
16:18:20.0997 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
16:18:21.0013 0x2908  vmicheartbeat - ok
16:18:21.0029 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:18:21.0060 0x2908  vmickvpexchange - ok
16:18:21.0060 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\Windows\System32\ICSvc.dll
16:18:21.0091 0x2908  vmicrdv - ok
16:18:21.0107 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\Windows\System32\ICSvc.dll
16:18:21.0122 0x2908  vmicshutdown - ok
16:18:21.0138 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\Windows\System32\ICSvc.dll
16:18:21.0169 0x2908  vmictimesync - ok
16:18:21.0169 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\Windows\System32\ICSvc.dll
16:18:21.0201 0x2908  vmicvmsession - ok
16:18:21.0216 0x2908  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\Windows\System32\ICSvc.dll
16:18:21.0232 0x2974  Object send P2P result: true
16:18:21.0247 0x2974  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
16:18:21.0247 0x2908  vmicvss - ok
16:18:21.0247 0x2908  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:18:21.0263 0x2908  volmgr - ok
16:18:21.0279 0x2908  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:18:21.0294 0x2908  volmgrx - ok
16:18:21.0310 0x2908  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:18:21.0326 0x2908  volsnap - ok
16:18:21.0326 0x2908  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\Windows\System32\drivers\vpci.sys
16:18:21.0341 0x2908  vpci - ok
16:18:21.0357 0x2908  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:18:21.0357 0x2908  vsmraid - ok
16:18:21.0388 0x2908  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\Windows\system32\vssvc.exe
16:18:21.0451 0x2908  VSS - ok
16:18:21.0466 0x2908  [ E51C698AB0B45A11E661391A65027D92, 1CC134FD44E24EAF2A44E9B2ADB711466268BD61426CC2320A2898B88D82F801 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
16:18:21.0513 0x2908  VSSERV - ok
16:18:21.0513 0x2908  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
16:18:21.0529 0x2908  VSTXRAID - ok
16:18:21.0544 0x2908  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:18:21.0560 0x2908  vwifibus - ok
16:18:21.0560 0x2908  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
16:18:21.0576 0x2908  vwififlt - ok
16:18:21.0576 0x2908  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
16:18:21.0591 0x2908  vwifimp - ok
16:18:21.0607 0x2908  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\Windows\system32\w32time.dll
16:18:21.0638 0x2908  W32Time - ok
16:18:21.0638 0x2908  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
16:18:21.0654 0x2908  WacomPen - ok
16:18:21.0669 0x2908  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\Windows\system32\WalletService.dll
16:18:21.0685 0x2908  WalletService - ok
16:18:21.0701 0x2908  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:18:21.0716 0x2908  wanarp - ok
16:18:21.0716 0x2908  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:18:21.0732 0x2908  wanarpv6 - ok
16:18:21.0763 0x2908  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\Windows\system32\wbengine.exe
16:18:21.0810 0x2908  wbengine - ok
16:18:21.0826 0x2908  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:18:21.0857 0x2908  WbioSrvc - ok
16:18:21.0872 0x2908  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
16:18:21.0904 0x2908  Wcmsvc - ok
16:18:21.0919 0x2908  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:18:21.0935 0x2908  wcncsvc - ok
16:18:21.0951 0x2908  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:18:21.0966 0x2908  WcsPlugInService - ok
16:18:21.0966 0x2908  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
16:18:21.0982 0x2908  WdBoot - ok
16:18:21.0997 0x2908  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:18:22.0013 0x2908  Wdf01000 - ok
16:18:22.0029 0x2908  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
16:18:22.0044 0x2908  WdFilter - ok
16:18:22.0044 0x2908  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:18:22.0060 0x2908  WdiServiceHost - ok
16:18:22.0076 0x2908  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:18:22.0091 0x2908  WdiSystemHost - ok
16:18:22.0107 0x2908  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
16:18:22.0138 0x2908  wdiwifi - ok
16:18:22.0138 0x2908  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
16:18:22.0154 0x2908  WdNisDrv - ok
16:18:22.0154 0x2908  WdNisSvc - ok
16:18:22.0154 0x2908  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\Windows\System32\webclnt.dll
16:18:22.0185 0x2908  WebClient - ok
16:18:22.0185 0x2908  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:18:22.0216 0x2908  Wecsvc - ok
16:18:22.0216 0x2908  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
16:18:22.0232 0x2908  WEPHOSTSVC - ok
16:18:22.0232 0x2908  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:18:22.0263 0x2908  wercplsupport - ok
16:18:22.0263 0x2908  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:18:22.0279 0x2908  WerSvc - ok
16:18:22.0294 0x2908  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
16:18:22.0310 0x2908  WFPLWFS - ok
16:18:22.0310 0x2908  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\Windows\System32\wiarpc.dll
16:18:22.0326 0x2908  WiaRpc - ok
16:18:22.0326 0x2908  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:18:22.0341 0x2908  WIMMount - ok
16:18:22.0341 0x2908  WinDefend - ok
16:18:22.0357 0x2908  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
16:18:22.0357 0x2908  WindowsTrustedRT - ok
16:18:22.0372 0x2908  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
16:18:22.0372 0x2908  WindowsTrustedRTProxy - ok
16:18:22.0388 0x2908  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:18:22.0435 0x2908  WinHttpAutoProxySvc - ok
16:18:22.0435 0x2908  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\Windows\System32\drivers\winmad.sys
16:18:22.0451 0x2908  WinMad - ok
16:18:22.0466 0x2908  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:18:22.0482 0x2908  Winmgmt - ok
16:18:22.0544 0x2908  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\Windows\system32\WsmSvc.dll
16:18:22.0623 0x2908  WinRM - ok
16:18:22.0638 0x2908  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
16:18:22.0654 0x2908  WINUSB - ok
16:18:22.0654 0x2908  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
16:18:22.0669 0x2908  WinVerbs - ok
16:18:22.0701 0x2908  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\Windows\System32\wlansvc.dll
16:18:22.0779 0x2908  WlanSvc - ok
16:18:22.0826 0x2908  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
16:18:22.0888 0x2908  wlidsvc - ok
16:18:22.0888 0x2908  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
16:18:22.0904 0x2908  WmiAcpi - ok
16:18:22.0919 0x2908  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:18:22.0935 0x2908  wmiApSrv - ok
16:18:22.0935 0x2908  WMPNetworkSvc - ok
16:18:22.0935 0x2908  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\Windows\system32\drivers\Wof.sys
16:18:22.0951 0x2908  Wof - ok
16:18:22.0998 0x2908  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
16:18:23.0060 0x2908  workfolderssvc - ok
16:18:23.0060 0x2908  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
16:18:23.0076 0x2908  wpcfltr - ok
16:18:23.0076 0x2908  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:18:23.0091 0x2908  WPDBusEnum - ok
16:18:23.0091 0x2908  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
16:18:23.0107 0x2908  WpdUpFltr - ok
16:18:23.0107 0x2908  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\Windows\system32\WpnService.dll
16:18:23.0123 0x2908  WpnService - ok
16:18:23.0123 0x2908  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:18:23.0138 0x2908  ws2ifsl - ok
16:18:23.0154 0x2908  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:18:23.0169 0x2908  wscsvc - ok
16:18:23.0169 0x2908  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
16:18:23.0185 0x2908  WSDPrintDevice - ok
16:18:23.0185 0x2908  WSearch - ok
16:18:23.0248 0x2908  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\Windows\System32\WSService.dll
16:18:23.0326 0x2908  WSService - ok
16:18:23.0373 0x2908  [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:18:23.0435 0x2908  wuauserv - ok
16:18:23.0451 0x2908  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:18:23.0466 0x2908  WudfPf - ok
16:18:23.0466 0x2908  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\Windows\system32\drivers\WudfRd.sys
16:18:23.0482 0x2908  WUDFRd - ok
16:18:23.0498 0x2908  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:18:23.0513 0x2908  wudfsvc - ok
16:18:23.0513 0x2908  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
16:18:23.0529 0x2908  WUDFWpdFs - ok
16:18:23.0544 0x2908  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
16:18:23.0560 0x2908  WUDFWpdMtp - ok
16:18:23.0576 0x2908  [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:18:23.0623 0x2908  WwanSvc - ok
16:18:23.0638 0x2908  [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
16:18:23.0669 0x2974  Object send P2P result: true
16:18:23.0669 0x2974  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
16:18:23.0685 0x2908  XblAuthManager - ok
16:18:23.0701 0x2908  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
16:18:23.0748 0x2908  XblGameSave - ok
16:18:23.0748 0x2908  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
16:18:23.0779 0x2908  xboxgip - ok
16:18:23.0794 0x2908  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
16:18:23.0826 0x2908  XboxNetApiSvc - ok
16:18:23.0841 0x2908  [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
16:18:23.0857 0x2908  xinputhid - ok
16:18:23.0857 0x2908  ================ Scan global ===============================
16:18:23.0857 0x2908  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\Windows\system32\basesrv.dll
16:18:23.0857 0x2908  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\Windows\system32\winsrv.dll
16:18:23.0873 0x2908  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\Windows\system32\sxssrv.dll
16:18:23.0888 0x2908  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\Windows\system32\services.exe
16:18:23.0888 0x2908  [ Global ] - ok
16:18:23.0888 0x2908  ================ Scan MBR ==================================
16:18:23.0888 0x2908  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:18:23.0982 0x2908  \Device\Harddisk0\DR0 - ok
16:18:23.0982 0x2908  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
16:18:24.0185 0x2908  \Device\Harddisk2\DR2 - ok
16:18:24.0185 0x2908  ================ Scan VBR ==================================
16:18:24.0185 0x2908  [ A102C8BAD16B2920B7FC82ADFAB6D5A9 ] \Device\Harddisk0\DR0\Partition1
16:18:24.0185 0x2908  \Device\Harddisk0\DR0\Partition1 - ok
16:18:24.0201 0x2908  [ 186B583239E73035FF0B14CAE14F07E7 ] \Device\Harddisk0\DR0\Partition2
16:18:24.0201 0x2908  \Device\Harddisk0\DR0\Partition2 - ok
16:18:24.0201 0x2908  [ 17C0F80B68878E991EA883BF5806BB8D ] \Device\Harddisk2\DR2\Partition1
16:18:24.0201 0x2908  \Device\Harddisk2\DR2\Partition1 - ok
16:18:24.0201 0x2908  ================ Scan generic autorun ======================
16:18:24.0420 0x2908  [ F072EF002CE7B945DC7DBBA6F9664FCF, DA298765E774C6F8EC8A54947FF48DC56D56537C7AC270667EACFE77AE5B5DCD ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:18:24.0654 0x2908  RtHDVCpl - ok
16:18:24.0654 0x2908  SynTPEnh - ok
16:18:24.0685 0x2908  [ BEC86CDCAE5916463ACF0154D704CE5C, 23D41C26A02CBECACA2E65CFA007E16DF22177D4D8834A3435E46FC3C65A5ABC ] C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
16:18:24.0716 0x2908  Bdagent - ok
16:18:24.0732 0x2908  [ F4B462319256598A123CA6A661FA935B, 7949CCC9C634B9A04B941DB870A8E2F2B193028B4F7D54488AD302C35DB18FAA ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:18:24.0763 0x2908  AdobeAAMUpdater-1.0 - ok
16:18:24.0763 0x2908  [ 93787FF75E6323CF1D5467CA119CF76D, 9CBD2B9BF44FCE78AA87FD7A26A65AEE9DD04C43991142528F57FF9A0E2FC4A4 ] C:\Program Files\Greenshot\Greenshot.exe
16:18:24.0795 0x2908  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
16:18:26.0092 0x2974  Object send P2P result: true
16:18:26.0092 0x2974  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
16:18:27.0154 0x2908  Object required for P2P: [ 93787FF75E6323CF1D5467CA119CF76D ] C:\Program Files\Greenshot\Greenshot.exe
16:18:28.0623 0x2974  Object send P2P result: true
16:18:29.0592 0x2908  Object send P2P result: true
16:18:29.0592 0x2908  Detect skipped due to KSN trusted
16:18:29.0592 0x2908  Greenshot - ok
16:18:29.0748 0x2908  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:18:29.0889 0x2908  OneDriveSetup - ok
16:18:30.0014 0x2908  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:18:30.0155 0x2908  OneDriveSetup - ok
16:18:30.0170 0x2908  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\kyrox\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:18:30.0186 0x2908  OneDrive - ok
16:18:30.0202 0x29b0  Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
16:18:30.0233 0x2908  [ 829E3CA7279EE952DB698F7DAC447028, 465250752EBA5D4B0B4A099E89306EB11EFC80B3DFA6AABCA8A4123E71C9336E ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
16:18:30.0264 0x2908  Bitdefender-Geldbörse-Agent - ok
16:18:30.0311 0x2908  [ 81842625465D708AFAF95DBCB2833B67, A4D69205D34DA7C83C47BFA7C959F2703B44A5D4F16C8093B4CF5AAA1CBECC54 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
16:18:30.0373 0x2908  KeePass Password Safe 2 - ok
16:18:30.0405 0x2908  [ 67E3BD0F8FB0F39C241A2D60CC7D98EF, 09586F6A11AB10BBD38E8C44A88AFA9AD915981B908EEDA20B9AD2C34BFF7543 ] C:\Users\kyrox\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:18:30.0436 0x2908  Spotify Web Helper - ok
16:18:30.0561 0x2908  [ 9DAAC1D41C100188FED722ABE446E010, ABA62E96C73FCEE2875E09931852E11B01F8077AF8C18ABED5EBC843E63A1E9F ] C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe
16:18:31.0014 0x2908  Spotify - ok
16:18:31.0061 0x2908  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
16:18:31.0108 0x2908  HP Officejet Pro 8600 (NET) - ok
16:18:31.0186 0x2908  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\kyrox\AppData\Local\Akamai\netsession_win.exe
16:18:31.0295 0x2908  Akamai NetSession Interface - ok
16:18:31.0436 0x2908  [ C224456660839CFCAD2CD8DFB293F38B, D99B862217BBF99BF26B78615B3FDC1484607BA0A34E61C445345CD8D49501D4 ] C:\Program Files\CCleaner\CCleaner64.exe
16:18:31.0592 0x2908  CCleaner Monitoring - ok
16:18:31.0717 0x2908  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:18:31.0858 0x2908  OneDriveSetup - ok
16:18:31.0858 0x2908  Waiting for KSN requests completion. In queue: 237
16:18:32.0639 0x29b0  Object send P2P result: true
16:18:32.0639 0x29b0  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
16:18:32.0874 0x2908  Waiting for KSN requests completion. In queue: 197
16:18:33.0874 0x2908  Waiting for KSN requests completion. In queue: 197
16:18:34.0280 0x1248  Object required for P2P: [ 67E3BD0F8FB0F39C241A2D60CC7D98EF ] C:\Users\kyrox\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:18:34.0874 0x2908  Waiting for KSN requests completion. In queue: 191
16:18:35.0078 0x29b0  Object send P2P result: true
16:18:35.0078 0x29b0  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
16:18:35.0890 0x2908  Waiting for KSN requests completion. In queue: 165
16:18:36.0750 0x1248  Object send P2P result: true
16:18:36.0750 0x1248  Object required for P2P: [ 9DAAC1D41C100188FED722ABE446E010 ] C:\Users\kyrox\AppData\Roaming\Spotify\Spotify.exe
16:18:36.0890 0x2908  Waiting for KSN requests completion. In queue: 164
16:18:37.0531 0x29b0  Object send P2P result: true
16:18:37.0547 0x29b0  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
16:18:37.0906 0x2908  Waiting for KSN requests completion. In queue: 72
16:18:38.0906 0x2908  Waiting for KSN requests completion. In queue: 72
16:18:39.0578 0x1248  Object send P2P result: true
16:18:39.0922 0x2908  Waiting for KSN requests completion. In queue: 68
16:18:39.0984 0x29b0  Object send P2P result: true
16:18:40.0953 0x2908  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
16:18:40.0953 0x2908  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.25.1399 ), 0x41000 ( enabled : updated )
16:18:40.0953 0x2908  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.25.1399 ), 0x41010 ( enabled )
16:18:43.0329 0x2908  ============================================================
16:18:43.0329 0x2908  Scan finished
16:18:43.0329 0x2908  ============================================================
16:18:43.0329 0x2910  Detected object count: 1
16:18:43.0329 0x2910  Actual detected object count: 1
16:18:55.0581 0x2910  ose ( UnsignedFile.Multi.Generic ) - skipped by user
16:18:55.0581 0x2910  ose ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:04.0645 0x28f0  Deinitialize success

M-K-D-B · 05.04.2016, 17:09

Servus,

wie ich sehe, hast du AdwCleaner bereits ausgeführt. Das hättest du ruhig erwähnen und die Logdatei dazu posten können... bitte nachholen.

Bitte setze deine Brower wie folgt zurück:
IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

FF :::
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

CHR:::
Setze Google Chrome nach dieser Anleitung zurück.

Rolexx7 · 05.04.2016, 18:21

Code:

ATTFilter

# AdwCleaner v5.109 - Bericht erstellt am 05/04/2016 um 16:11:29
# Aktualisiert am 04/04/2016 von Xplode
# Datenbank : 2016-04-05.1 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : kyriakos - DESKTOP-20BAH8O
# Gestartet von : C:\Users\kyrox\Downloads\AdwCleaner_5.109.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\DriverToolkit
[-] Ordner gelöscht : C:\ProgramData\Application Data\lavasoft\web companion
[-] Ordner gelöscht : C:\Users\kyrox\AppData\Local\DriverToolkit
[-] Ordner gelöscht : C:\Users\kyrox\AppData\Local\PackageAware
[-] Ordner gelöscht : C:\Users\kyrox\AppData\Local\VirtualStore\Program Files (x86)\browsing secure
[-] Ordner gelöscht : C:\Users\kyrox\AppData\Roaming\Easeware

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : DRIVERTOOLKIT AUTORUN

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht : HKCU\Software\DriverToolkit
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Lavasoft\Web Companion

***** [ Internetbrowser ] *****


*************************

:: "Tracing" schlüssel löschen
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2579 Bytes] - [05/04/2016 16:11:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [2582 Bytes] - [05/04/2016 16:10:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2725 Bytes] ##########

Hallo.. Es ist immernoch das gleiche Problem

M-K-D-B · 05.04.2016, 20:58

Servus,

Ich bräuchte die genaue Meldung in den Internetbrowsern.

Schritt 1
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

M-K-D-B · 09.04.2016, 21:03

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

09.04.2016, 21:03	#9
M-K-D-B /// TB-Ausbilder	Attention Required Problem mit Browser Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Attention Required Problem mit Browser

Plagegeister aller Art und deren Bekämpfung: Attention Required Problem mit Browser