Windows 7: Mailanhang als zip-Datei abgelegt, aber nicht geöffnet. Nicht sicher ob alles entfernt

Julemule2000 · 13.06.2016, 06:39

Hallo, gestern Abend habe ich blöderweise den Anhang einer Mail geöffnet, der als zip-Datei abgelegt unter TEMP abgelegt wurde. Sofort habe ich versucht, diese zu löschen, das ging natürlich nicht. Soweit ich das beurteilen kann, wurde diese nicht ausgeführt. Ich habe dann diverse Programme (Glaryuntilities, Spybot,Microsoftsecurityessentials) drüberlaufen und die Datei war gelöscht und ich habe auch keine Warnung bekommen. Dann habe ich mir zur FRST runtergeladen und drüber laufen lassen. Nun würde ich euch bitten, einmal den logfile anzuschauen, ob wirklich nichts passiert ist, denn draus werde ich nicht schlau. Vielen Dank

deeprybka · 13.06.2016, 08:00

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Julemule2000 · 13.06.2016, 08:21

Hallo Jürgen, vielen Dank:
anbei die erste FRST-Datei, bei der ich FRST nicht vom Desktop sondern vom Laufwerk installiert habe. Danach habe ich FRST noch mal vom Desktop installert, diese FRST-Datei hänge ich dahinter. Danach folgt die Addition-Datei (ebenfalls vom Desktop):

Erste FRST-txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2016 01
durchgeführt von Jula (Administrator) auf E5510 (13-06-2016 09:07:19)
Gestartet von D:\10 PC\00 Downloads
Geladene Profile: Jula & Administrator (Verfügbare Profile: Jula & Administrator)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
( ) C:\Windows\System32\lxdncoms.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Mindjet) C:\Program Files\Mindjet\MindManager 16\MmReminderService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\10 PC\00 Downloads\FRST(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [6306872 2012-08-15] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-08-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [555352 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM\...\Run: [MMReminderService] => C:\Program Files\Mindjet\MindManager 16\MMReminderService.exe [116424 2016-02-09] (Mindjet)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\!SASWinLogon: 
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15] (UPEK Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [271840 2010-10-12] (GP Software)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2016-05-30] (Glarysoft Ltd)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [837592 2010-10-12] (GP Software)
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-12-08] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-12-08] (Wave Systems Corp.)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Jula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
BootExecute: autocheck autochk *  

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{36BC7818-11A5-4630-BA32-3781D33CDA71}: [NameServer] 131.220.16.220,131.220.18.138
Tcpip\..\Interfaces\{6CD91C06-9AAC-4D0D-A3A4-05AA0F65019C}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
HKU\S-1-5-21-3618091561-1007512581-756703090-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USREL/8
HKU\S-1-5-21-3618091561-1007512581-756703090-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM -> DefaultScope {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> DefaultScope {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {293B375F-E823-4DC0-BB9A-00C65C3BF4C6} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {9CF7265E-55FF-4B82-8CFE-276ABC6D3D02} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=3CD9C364-A6B6-4802-9BDF-25C9DEDBF560&apn_sauid=08E07CA2-9A6A-49BF-BF22-DE6A3D563906
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-500 -> DefaultScope {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-500 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-500 -> {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 16\Mm8InternetExplorer.dll [2016-02-09] (Mindjet)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-15] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-15] (Oracle Corporation)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-500 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxps://www.google.de/
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Jula\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "http", "72.64.146.135"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-20] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\ecosia.xml [2015-10-29]
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\firefox-add-ons.xml [2012-11-23]
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\google-scholar.xml [2011-04-05]
FF Extension: NoScript - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: LEO Dictionaries - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\contextMenuExtension@leo.org.xpi [2016-05-02]
FF Extension: Tab Mix Plus - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-07]
FF Extension: British English Dictionary - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2015-12-20] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-29]
FF Extension: Adblock Plus - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF Extension: Iminent WebBooster - C:\Program Files\Mozilla Firefox\extensions\webbooster@iminent.com [2016-06-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-06-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-06-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-06-11]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-iminent.js [2011-08-26]

Chrome: 
=======
CHR Profile: C:\Users\Jula\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509440 2012-01-09] (Intel Corporation)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1787720 2012-02-02] (AuthenTec, Inc.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [131072 2011-11-30] (Broadcom Corporation) [Datei ist nicht signiert]
R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104208 2012-01-17] (Intel(R) Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [1569336 2012-08-15] (Dell Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [179592 2012-01-17] ()
S2 KMService; C:\Windows\system32\srvany.exe [8192 2011-11-09] () [Datei ist nicht signiert]
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [589824 2007-11-28] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1517448 2011-11-11] (Wave Systems Corp.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2010-08-16] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] () [Datei ist nicht signiert]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2864496 2011-12-08] (Wave Systems Corp.)
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1189376 2012-01-05] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [145408 2012-01-16] (Wave Systems Corp.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [141312 2012-01-09] (Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [141312 2012-01-09] (Windows (R) Win 7 DDK provider)
S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [103936 2011-08-22] (Broadcom Corporation)
S3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-06-06] (Broadcom Corporation.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-09-07] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-05-03] (Glarysoft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10383360 2012-09-30] (Intel Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2012-08-03] (Dell Inc)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [59904 2010-03-21] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38912 2010-03-21] (REDC)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [221784 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [69208 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [69208 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [94040 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [78936 2011-04-05] (Sunbelt Software, Inc.)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S0 PxHelp20; System32\Drivers\PxHelp20.sys [X]
S1 SBRE; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-13 07:12 - 2016-06-13 07:36 - 00032265 _____ C:\Users\Jula\Desktop\FRST.txt
2016-06-12 23:22 - 2016-06-13 07:23 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-06-12 23:14 - 2016-06-12 23:14 - 00003288 ____N C:\bootsqm.dat
2016-06-12 22:53 - 2016-06-12 22:53 - 00002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-12 22:53 - 2016-06-12 22:53 - 00002152 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-12 22:53 - 2016-06-12 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-12 22:53 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2016-06-12 22:48 - 2016-06-13 09:07 - 00000000 ____D C:\FRST
2016-06-11 11:07 - 2016-06-11 11:07 - 00001964 _____ C:\Users\Public\Desktop\Citavi 5.lnk
2016-06-11 11:07 - 2016-06-11 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2016-06-11 11:07 - 2016-06-11 11:07 - 00000000 ____D C:\Program Files\Citavi 5
2016-06-08 14:27 - 2016-06-10 12:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-07 19:53 - 2016-06-07 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-25 11:53 - 2016-05-25 11:53 - 00002123 _____ C:\Users\Public\Desktop\WISO steuer Start 2016.lnk
2016-05-25 11:53 - 2016-05-25 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2016-05-25 10:20 - 2016-05-25 11:48 - 00000000 ____D C:\Users\Jula\Desktop\WISO steuer-Start 2016 (PC Download)
2016-05-23 20:41 - 2016-05-25 10:12 - 00077526 _____ C:\Users\Jula\Desktop\Studierendenausweis_SS16_Werres_Jula.jpg.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-13 08:26 - 2015-06-15 11:32 - 00001198 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-06-13 08:16 - 2012-03-31 06:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-13 07:23 - 2012-05-04 17:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-13 07:17 - 2009-07-14 06:34 - 00025424 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-13 07:17 - 2009-07-14 06:34 - 00025424 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-13 07:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-06-13 07:09 - 2011-03-17 18:04 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-13 07:09 - 2009-07-14 10:47 - 00703192 _____ C:\Windows\system32\perfh007.dat
2016-06-13 07:09 - 2009-07-14 10:47 - 00150800 _____ C:\Windows\system32\perfc007.dat
2016-06-13 07:05 - 2011-04-27 11:44 - 00000000 ___RD C:\Users\Jula\Dropbox
2016-06-13 07:03 - 2015-06-15 11:32 - 00001194 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-06-13 07:03 - 2015-02-05 14:08 - 00000000 ____D C:\Program Files\Glary Utilities 5
2016-06-13 07:03 - 2011-04-01 14:55 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 07:02 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-13 07:02 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 23:23 - 2015-05-16 15:20 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-06-12 22:53 - 2011-08-03 10:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-12 22:44 - 2011-10-05 16:50 - 00000000 ____D C:\Windows\Minidump
2016-06-11 12:24 - 2011-09-11 21:27 - 00018432 _____ C:\Users\Jula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-11 11:08 - 2012-10-17 13:40 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2016-06-11 11:07 - 2011-03-21 19:52 - 00000000 ____D C:\Users\Jula\AppData\Local\Downloaded Installations
2016-06-11 10:47 - 2014-02-12 13:01 - 00000000 ____D C:\Users\Jula\Documents\Citavi 4
2016-06-10 12:56 - 2011-04-27 11:41 - 00000000 ____D C:\Users\Jula\AppData\Roaming\Dropbox
2016-06-10 12:54 - 2015-06-15 11:32 - 00000000 ____D C:\Users\Jula\AppData\Local\Dropbox
2016-06-07 20:05 - 2015-02-05 14:08 - 00001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-06-07 19:53 - 2015-06-15 11:32 - 00000000 ____D C:\Program Files\Dropbox
2016-06-03 07:12 - 2012-06-13 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-30 20:35 - 2015-04-18 03:43 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-25 12:16 - 2015-03-16 22:57 - 00000000 ____D C:\Users\Jula\Documents\steuer
2016-05-25 11:53 - 2014-10-14 11:52 - 00000000 ____D C:\Users\Jula\AppData\Local\Buhl
2016-05-25 11:52 - 2014-10-14 11:51 - 00000000 ____D C:\Program Files\WISO
2016-05-25 11:52 - 2011-03-17 18:03 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-25 10:20 - 2015-03-16 22:07 - 00000000 ____D C:\Users\Jula\Documents\Amazon Downloader Logs
2016-05-20 10:29 - 2011-10-08 17:24 - 00000000 ____D C:\Users\Jula\AppData\Local\ElevatedDiagnostics
2016-05-20 08:20 - 2012-03-31 06:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-20 08:20 - 2011-05-16 21:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-17 10:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-05-16 16:10 - 2011-11-17 10:11 - 00000000 ____D C:\Users\Jula\Desktop\Grafik
2016-05-16 16:10 - 2011-11-17 10:10 - 00000000 ____D C:\Users\Jula\Desktop\Sec
2016-05-16 16:10 - 2011-11-17 10:09 - 00000000 ____D C:\Users\Jula\Desktop\Office

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-07-26 11:45 - 2012-07-26 11:47 - 22657136 _____ () C:\Program Files\vlc-2.0.2-win32.exe
2011-03-21 18:27 - 2015-07-03 15:28 - 0003832 _____ () C:\Users\Jula\AppData\Roaming\Notepad2.ini
2011-09-11 21:27 - 2016-06-11 12:24 - 0018432 _____ () C:\Users\Jula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-19 21:25 - 2012-03-19 21:25 - 0000017 _____ () C:\Users\Jula\AppData\Local\resmon.resmoncfg
2011-12-23 23:51 - 2011-12-23 23:51 - 0000000 _____ () C:\Users\Jula\AppData\Local\{35FB1B8E-6DE5-4331-9DCB-239F15B00CC9}
2003-10-06 10:21 - 2003-10-06 10:21 - 0000000 ____H () C:\ProgramData\sdpsenv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\sdpsenv.dat


Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\1ebfc55a-2a43-4571-9d31-5769191b220e.dll
C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5e4j0j.dll
C:\Users\Administrator\AppData\Local\Temp\ea40bec2-cc6b-4f56-93da-7e25d313985b.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-07 21:48

==================== Ende vom FRST.txt ============================

Zweite FRST.txt

Code:

ATTFilter

LastRegBack: 2016-06-07 21:48

==================== Ende vom FRST.txt ============================

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:12-06-2016 01
durchgeführt von Jula (2016-06-13 09:10:34)
Gestartet von C:\Users\Jula\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-03-21 13:01:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3618091561-1007512581-756703090-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3618091561-1007512581-756703090-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3618091561-1007512581-756703090-1002 - Limited - Enabled)
Jula (S-1-5-21-3618091561-1007512581-756703090-1000 - Administrator - Enabled) => C:\Users\Jula

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AuthenTec Fingerprint Software (Version: 8.4.4.39 - AuthenTec, Inc.) Hidden
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{9B34CC4C-E7FF-4AC8-B771-1D09612D6430}) (Version: 15.0.8.5 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Citavi 4 (HKLM\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Citavi 5  (HKLM\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.3.1.0 - Swiss Academic Software)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
Dell Command | Update (HKLM\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.2.00003.008 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.39 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.39 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.40.28 - Creative Technology Ltd)
DellAccess (Version: 01.00.00.149 - Wave Systems Corp.) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.41.1 - Dropbox, Inc.) Hidden
EMBASSY Client Core (Version: 01.00.00.055 - Wave Systems Corp.) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Gemalto (Version: 01.01.01.0000 - Wave Systems Corp) Hidden
Glary Utilities 5.52 (HKLM\...\Glary Utilities 5) (Version: 5.52.0.73 - Glarysoft Ltd)
Google Drive (HKLM\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM\...\{556DF27F-5B74-11D5-B876-004005E12EF1}) (Version: 9.5.6.0 - GPSoftware)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
jv16 PowerTools 1.3 (HKLM\...\jv16 PowerTools_is1) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ICE (HKLM\...\{D92A40F4-7BDD-4FAB-922F-E8D6B469AD48}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mindjet MindManager 2016 (HKLM\...\{ADBD62AA-6605-4327-8FC6-7FD1EBF681B1}) (Version: 16.1.193 - Mindjet)
MiniTool Partition Wizard Free 9.0 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 en-US) (HKLM\...\Mozilla Thunderbird 45.1.1 (x86 en-US)) (Version: 45.1.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
NTRU TCG Software Stack (Version: 2.1.37 - Security Innovation, Inc.) Hidden
O2Micro OZ776 SCR Driver (Version: 1.1.4.213 - O2Micro) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507B}) (Version: 4.0.9 - dotPDN LLC)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
Preboot Manager (Version: 03.02.00.119 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.00.00.059 - Wave Systems Corp.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
SharePoint Client Components (HKLM\...\{95150004-1163-0409-0000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
SPBA 5.9 (Version: 5.9.4.6901 - UPEK Inc.) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Startup Manager 2.4.2 (HKLM\...\Startup_Manager_is1) (Version: 2.4.2 - Glenn Van Loon)
Trusted Drive Manager (Version: 4.5.0.136 - Wave Systems Corp.) Hidden
UnzipThemAll 1.3 (HKLM\...\UnzipThemAll_is1) (Version:  - Hervé Thouzard)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{FD1F398D-BD56-43E6-8E58-707857AC9A8C}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Wave Infrastructure Installer (Version: 07.03.60.0020 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.12.00.068 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (12/23/2011 8.4.4.25) (HKLM\...\B04E2F50E30B1E11964CD418CDF70A03C76B3051) (Version: 12/23/2011 8.4.4.25 - AuthenTec Inc.)
Windows-Treiberpaket - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WinRAR 5.31 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
WISO steuer:Start 2015 (HKLM\...\{8F1C45BF-24C9-4BE7-A66F-1CFA3DF6C046}) (Version: 22.00.8811 - Buhl Data Service GmbH)
WISO steuer:Start 2016 (HKLM\...\{250324BF-F5D6-4594-A4E9-825929514F77}) (Version: 23.00.1146 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3618091561-1007512581-756703090-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02926AD5-9223-4C12-B0E4-54145D466D84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {12828A33-9768-4BE8-B9AD-BDFF1202255D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-20] (Adobe Systems Incorporated)
Task: {1746A989-ADC6-4C7D-9733-85D3A29A9546} - System32\Tasks\Go for FilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {1B03EA8B-30FA-4BAA-9C64-CE762031D357} - System32\Tasks\{6A7FE66C-941E-4722-B7B8-6D248E5138AB} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {1F0BF830-CB7B-44ED-B32C-D44EA5E783E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {22011BA1-F3D3-4E3D-BFE8-57568E497734} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {250E6105-59A4-4AE8-BCDF-8C86AAA241CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {2943C3A9-0510-4B11-A1FF-59FDEC8EDBDD} - System32\Tasks\{9544A3F6-6217-48F0-B4A7-BD1BB9736712} => pcalua.exe -a "D:\10 PC\00 Downloads\irfanview_plugins_433_setup.exe" -d "D:\10 PC\00 Downloads"
Task: {312515B8-EC1F-499F-B3E7-26D652945F8E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3699788E-F2DF-45D3-8978-1A1CB7ECA956} - System32\Tasks\Dell\Command Update => C:\Program Files\Dell\CommandUpdate\DellCommandUpdate.exe [2014-05-05] (Dell Inc.)
Task: {447A8575-2067-442B-A542-08FF29EC47C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {56D976D4-320C-42DC-9BD7-0949B92B7135} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-09] (Dropbox, Inc.)
Task: {595D753D-F5A8-4D14-BEF4-ED889FEE06D0} - System32\Tasks\{5888484E-F97A-4428-A886-1B070A6E0FCA} => pcalua.exe -a "D:\10 PC\00 Downloads\iview441_setup.exe" -d "D:\10 PC\00 Downloads"
Task: {738D7206-B047-4273-8C61-66281627DB44} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {7EF71EEB-6839-49B8-9BDD-74F1158BB440} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {81FBACEB-202A-47A8-8154-0624BD7B2876} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2016-05-30] (Glarysoft Ltd)
Task: {BD060B6C-8A03-4284-9EDF-EB5FB7690A76} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {C0E7C24A-DD35-4B08-BE54-36D2822598FE} - System32\Tasks\{30C48FDE-36E0-4BAA-BDC1-F023D7B95E3B} => pcalua.exe -a "C:\Program Files\Microsoft Security Client\Setup.exe" -c /x
Task: {C449C243-7984-48C5-AC6B-F9FAE93BCD24} - System32\Tasks\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => pcalua.exe -a C:\Users\Jula\AppData\Local\Temp\dtemp-b5ffe2010843894-60.dop\Setup.exe -d C:\Users\Jula\AppData\Local\Temp\dtemp-b5ffe2010843894-60.dop
Task: {E051C26E-DA32-4628-940B-517CB022B311} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {EBD84048-0E6D-4C01-A857-77584200732B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-09] (Dropbox, Inc.)
Task: {EE49064F-8EF5-44DA-9061-FC2EA0B70838} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-05-22] (PC-Doctor, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-14 20:42 - 2009-08-13 12:02 - 00147968 ____N () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdndrpp.dll
2012-01-17 10:37 - 2012-01-17 10:37 - 00179592 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-01-17 10:36 - 2012-01-17 10:36 - 00030600 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2011-10-08 22:57 - 2011-10-08 22:57 - 00003072 _____ () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2011-11-07 06:24 - 2011-11-07 06:24 - 00084992 ____N () C:\Windows\system32\Wavx_ESC_Logging.dll
2016-06-12 22:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-12 22:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-12 22:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-12 22:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-12 22:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-10-03 10:40 - 2011-06-10 17:36 - 00094208 ____N () C:\Windows\System32\IccLibDll.dll
2016-06-07 19:53 - 2016-05-05 12:09 - 00034768 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2016-06-07 19:53 - 2016-05-05 12:09 - 00093640 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2015-12-11 23:51 - 2016-05-05 12:09 - 00018376 _____ () C:\Program Files\Dropbox\Client\select.pyd
2015-12-11 23:51 - 2016-05-31 20:34 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2015-12-11 23:51 - 2016-05-31 20:34 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 23:51 - 2016-05-05 12:09 - 00692688 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00021840 _____ () C:\Program Files\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00021832 _____ () C:\Program Files\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00023872 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00134088 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2016-06-07 19:53 - 2016-05-31 20:33 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00134608 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00240584 _____ () C:\Program Files\Dropbox\Client\jpegtran.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-07 19:53 - 2016-05-05 12:12 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2016-06-07 19:53 - 2016-05-31 20:34 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-07 19:53 - 2016-05-31 20:34 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 23:51 - 2016-05-05 12:10 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 03928880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 01971504 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00223544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00024904 _____ () C:\Program Files\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-07 19:53 - 2016-05-05 12:13 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2016-06-07 19:53 - 2016-05-05 12:13 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2015-07-15 07:23 - 2016-05-05 12:15 - 00697304 _____ () C:\Program Files\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-09 21:37 - 2016-02-09 21:37 - 00152752 _____ () C:\Program Files\Mindjet\MindManager 16\zlib.dll
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-05-30 03:17 - 2016-05-30 03:17 - 00086992 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2016-05-14 21:59 - 2016-05-14 21:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-04-04 09:01 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7905 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7905 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-500\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-03-14 13:00 - 2016-06-12 23:57 - 00452939 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	activate.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

Da befinden sich 15536 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3618091561-1007512581-756703090-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^Jula^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jula^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: 1&1_1&1 Office-Drive Manager => "C:\Program Files\1&1\1&1 Office-Drive Manager\DAVSRV.EXE" /hide
MSCONFIG\startupreg: CLCL => C:\00 zip\01 System\Clipboard Tools\clcl112_eng\CLCL.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => 
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: NokiaSuite.exe => 
MSCONFIG\startupreg: PDVD9LanguageShortcut => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => 
MSCONFIG\startupreg: SpybotSD TeaTimer => 
MSCONFIG\startupreg: TdmNotify => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{BE4FE66A-F847-47FA-BCBE-ACDEB9D51D1B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{85438921-8C31-4B7C-AA07-586C69265385}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{4823346F-F46B-40DD-B9A5-73B32404D705}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{97250298-6F14-4AFE-993C-9B8A813EF64A}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{D15D3157-F9D0-4BFC-99CB-B66ABB5BD65A}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{3F53ABAC-0DBE-419B-A658-1F31FA7E24DD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpswx.exe
FirewallRules: [{83691A3B-2C89-47A5-97F2-FFE9002C1C83}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpswx.exe
FirewallRules: [{E71FBEA3-2D9F-41D6-9D02-0AE6A46E9A58}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntime.exe
FirewallRules: [{DFA5337D-13C5-4DEA-AE05-FDD2EA419FB9}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntime.exe
FirewallRules: [{BA3AF271-7C7F-4312-BD28-9FD187975277}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjswx.exe
FirewallRules: [{C01299FC-190A-45D7-B226-F2FF5FA31CE2}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjswx.exe
FirewallRules: [{6799B307-68F7-4B5D-920E-0E3EAB51B0D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E88DB4AF-E591-43D0-A37F-9806F72905E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D40813E-BE61-48D4-B97E-D05109413D81}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{278F9E6E-5DC7-4FC6-8845-CA422D00675A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A5E7A480-371E-421D-AC8E-1AB7ABE14A37}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{635CF3F0-9F4D-434B-A8E3-8C3E7997FECB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{33B2C3D7-85F0-4843-ADAE-DB98FA56D6E4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C03FDC54-C031-4902-9DCB-85A6CB8D7A43}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7E910CB0-6CAE-4A7F-AC26-435E70A482DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{91178EEA-D64D-4721-B51F-99DF8EAC41F7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{8078720F-3CEA-4E87-B277-25F086E50CB7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AC2386D4-27AE-453F-A06B-F99E1A8BAFF6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6D557123-9575-4C02-B1E4-5A6010EE0744}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{B0A23B4C-B420-4024-8845-30CC0156C597}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{20A61E24-4D09-4247-9E37-DAAA9BA695E8}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{E42EB705-3071-4B4C-8AF0-5B7103832477}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{0EFAA020-F561-463C-A7AE-BE7C4CF141B7}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{4594F606-E5A7-4B36-93E2-D06A56D788EA}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [TCP Query User{B0D20A8B-0209-4CC4-B469-5E5F75B81919}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{DCC640A1-D6EB-4553-B76C-F737F071C7D4}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{576288FE-5290-4522-A24E-F968EB101758}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [UDP Query User{22E9A87F-D1D2-448F-87E4-640213D6B144}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [TCP Query User{7E722016-E52D-4F32-917C-A78BAE4862D0}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{37DF9715-FF6A-43FB-816E-9E951BEA5CC3}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{85728648-DEF8-45C4-8417-D2A3FA86B819}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{70EABD40-FC80-4BE7-80C6-5EFA4BA9A2E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3AE1D7CB-8EFA-4A5A-BD00-C7C54D1CBD2E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/13/2016 07:02:04 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/13/2016 07:02:04 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/13/2016 07:02:04 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 11:15:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 11:15:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 11:15:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 09:53:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 09:53:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/12/2016 09:53:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/10/2016 12:53:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (06/13/2016 07:04:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/13/2016 07:04:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/13/2016 07:04:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/13/2016 07:04:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/13/2016 07:04:56 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/13/2016 07:04:56 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/13/2016 07:04:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/13/2016 07:04:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/13/2016 07:04:46 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/13/2016 07:04:09 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3509.85 MB
Verfügbarer physikalischer RAM: 1166.72 MB
Summe virtueller Speicher: 7018.03 MB
Verfügbarer virtueller Speicher: 4249.31 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:74.15 GB) (Free:7.84 GB) NTFS
Drive d: () (Fixed) (Total:157.96 GB) (Free:50.17 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: C648A420)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=158 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=74.2 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

DANKE

deeprybka · 13.06.2016, 22:02

Spybot bitte deinstallieren.

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Julemule2000 · 15.06.2016, 13:49

Hallo Jürgen, das Ergebnis sieht gut aus

Code:

ATTFilter

14:44:12.0190 0x1190  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:44:15.0856 0x1190  ============================================================
14:44:15.0856 0x1190  Current date / time: 2016/06/15 14:44:15.0856
14:44:15.0856 0x1190  SystemInfo:
14:44:15.0856 0x1190  
14:44:15.0856 0x1190  OS Version: 6.1.7601 ServicePack: 1.0
14:44:15.0856 0x1190  Product type: Workstation
14:44:15.0856 0x1190  ComputerName: E5510
14:44:15.0856 0x1190  UserName: Jula
14:44:15.0856 0x1190  Windows directory: C:\Windows
14:44:15.0856 0x1190  System windows directory: C:\Windows
14:44:15.0856 0x1190  Processor architecture: Intel x86
14:44:15.0856 0x1190  Number of processors: 4
14:44:15.0856 0x1190  Page size: 0x1000
14:44:15.0856 0x1190  Boot type: Normal boot
14:44:15.0856 0x1190  ============================================================
14:44:16.0855 0x1190  KLMD registered as C:\Windows\system32\drivers\29935019.sys
14:44:19.0366 0x1190  System UUID: {7A8F1D94-8AFF-1AAE-D638-83EB35F85CF0}
14:44:20.0630 0x1190  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:44:20.0630 0x1190  ============================================================
14:44:20.0630 0x1190  \Device\Harddisk0\DR0:
14:44:20.0630 0x1190  MBR partitions:
14:44:20.0630 0x1190  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
14:44:20.0677 0x1190  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C800, BlocksNum 0x13BEB800
14:44:20.0677 0x1190  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13D78000, BlocksNum 0x944D000
14:44:20.0677 0x1190  ============================================================
14:44:20.0942 0x1190  C: <-> \Device\Harddisk0\DR0\Partition3
14:44:21.0004 0x1190  D: <-> \Device\Harddisk0\DR0\Partition2
14:44:21.0004 0x1190  ============================================================
14:44:21.0004 0x1190  Initialize success
14:44:21.0004 0x1190  ============================================================
14:44:23.0313 0x17a8  ============================================================
14:44:23.0313 0x17a8  Scan started
14:44:23.0313 0x17a8  Mode: Manual; 
14:44:23.0313 0x17a8  ============================================================
14:44:23.0313 0x17a8  KSN ping started
14:44:26.0012 0x17a8  KSN ping finished: true
14:44:30.0708 0x17a8  ================ Scan system memory ========================
14:44:30.0708 0x17a8  System memory - ok
14:44:30.0708 0x17a8  ================ Scan services =============================
14:44:31.0051 0x17a8  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:44:31.0051 0x17a8  1394ohci - ok
14:44:31.0191 0x17a8  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:44:31.0207 0x17a8  ACPI - ok
14:44:31.0659 0x17a8  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:44:31.0690 0x17a8  AcpiPmi - ok
14:44:31.0956 0x17a8  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:44:31.0971 0x17a8  AdobeFlashPlayerUpdateSvc - ok
14:44:32.0174 0x17a8  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:44:32.0190 0x17a8  adp94xx - ok
14:44:32.0314 0x17a8  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:44:32.0330 0x17a8  adpahci - ok
14:44:32.0392 0x17a8  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:44:32.0408 0x17a8  adpu320 - ok
14:44:32.0486 0x17a8  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:44:32.0486 0x17a8  AeLookupSvc - ok
14:44:33.0110 0x17a8  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe
14:44:33.0110 0x17a8  AESTFilters - ok
14:44:33.0313 0x17a8  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
14:44:33.0360 0x17a8  AFD - ok
14:44:33.0391 0x17a8  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
14:44:33.0391 0x17a8  agp440 - ok
14:44:33.0469 0x17a8  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
14:44:33.0484 0x17a8  aic78xx - ok
14:44:33.0516 0x17a8  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
14:44:33.0531 0x17a8  ALG - ok
14:44:33.0578 0x17a8  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:44:33.0578 0x17a8  aliide - ok
14:44:33.0625 0x17a8  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:44:33.0625 0x17a8  amdagp - ok
14:44:33.0656 0x17a8  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:44:33.0656 0x17a8  amdide - ok
14:44:33.0734 0x17a8  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:44:33.0750 0x17a8  AmdK8 - ok
14:44:33.0781 0x17a8  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:44:33.0781 0x17a8  AmdPPM - ok
14:44:33.0843 0x17a8  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:44:33.0843 0x17a8  amdsata - ok
14:44:33.0921 0x17a8  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:44:33.0921 0x17a8  amdsbs - ok
14:44:33.0952 0x17a8  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:44:33.0952 0x17a8  amdxata - ok
14:44:34.0077 0x17a8  [ ECE3D60C5E9B4EC10C12BD498260BEE3, DF8C8235C9BDE3ACFBFD90E8BAE9CB268BEDAAA9AACD8232F034DC67692A52C2 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
14:44:34.0093 0x17a8  AMPPAL - ok
14:44:34.0124 0x17a8  [ ECE3D60C5E9B4EC10C12BD498260BEE3, DF8C8235C9BDE3ACFBFD90E8BAE9CB268BEDAAA9AACD8232F034DC67692A52C2 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
14:44:34.0140 0x17a8  AMPPALP - ok
14:44:34.0280 0x17a8  [ 44E8C88E5A46FA1483C96C1933FF2ED4, 61EE1F89C7DB937130A684200F80A9AE4EBAA8FC67CCA3A3B4D3C9BA7EFAD9B9 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:44:34.0296 0x17a8  AMPPALR3 - ok
14:44:34.0389 0x17a8  [ 2471F498915DBE673FE75840AB0FB715, 0052DA33BCEC50102B791B05BEDAAB465A563899812EB5AD37C2E40619F6F866 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
14:44:34.0420 0x17a8  ApfiltrService - ok
14:44:34.0498 0x17a8  [ C7F5CAE0B450BE875EEE0E6DDFA771FE, 4FDDC802C245606C8A9140F8DF3445FDD6F7112A516F68A04EA15CEB92852E67 ] AppID           C:\Windows\system32\drivers\appid.sys
14:44:34.0732 0x17a8  AppID - ok
14:44:34.0779 0x17a8  [ 8333787D8FCA460C0DD70436464A8A8D, 00AE5CE2FB2DF53B5850B561120A29F757A482115E4D8A52D8033502A45B138D ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:44:34.0795 0x17a8  AppIDSvc - ok
14:44:34.0826 0x17a8  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
14:44:34.0826 0x17a8  Appinfo - ok
14:44:34.0888 0x17a8  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:44:34.0888 0x17a8  AppMgmt - ok
14:44:34.0935 0x17a8  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:44:34.0935 0x17a8  arc - ok
14:44:34.0951 0x17a8  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:44:34.0966 0x17a8  arcsas - ok
14:44:35.0185 0x17a8  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:44:35.0372 0x17a8  aspnet_state - ok
14:44:35.0403 0x17a8  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:44:35.0403 0x17a8  AsyncMac - ok
14:44:35.0481 0x17a8  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:44:35.0481 0x17a8  atapi - ok
14:44:35.0684 0x17a8  [ 3D8DD37D745F83F776B67121ECD49F2C, EF00FBF894426BF093C0618EA1A60AD3A006C8D1922E996F09C631E7343FBEEA ] ATService       C:\Program Files\Fingerprint Sensor\AtService.exe
14:44:35.0746 0x17a8  ATService - ok
14:44:35.0949 0x17a8  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:44:35.0965 0x17a8  AudioEndpointBuilder - ok
14:44:35.0980 0x17a8  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:44:35.0996 0x17a8  Audiosrv - ok
14:44:36.0074 0x17a8  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:44:36.0074 0x17a8  AxInstSV - ok
14:44:36.0214 0x17a8  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
14:44:36.0230 0x17a8  b06bdrv - ok
14:44:36.0339 0x17a8  [ 8EC7190368711C009DB21F037A108382, D583A3FF28C35501119F096A17F5E3B1CC207ECE60977DB2C81AC94A79EA32A5 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:44:36.0355 0x17a8  b57nd60x - ok
14:44:36.0433 0x17a8  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
14:44:36.0448 0x17a8  BDESVC - ok
14:44:36.0448 0x17a8  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:44:36.0448 0x17a8  Beep - ok
14:44:36.0651 0x17a8  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
14:44:36.0682 0x17a8  BFE - ok
14:44:36.0916 0x17a8  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
14:44:36.0932 0x17a8  BITS - ok
14:44:36.0963 0x17a8  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:44:36.0963 0x17a8  blbdrive - ok
14:44:37.0010 0x17a8  [ 0A5F1B94396C2757F1354881D5266CC1, 501371BC439552D7F8F1B63DC91D7A282A34824CDDEFFC0A77151B70812ACB77 ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
14:44:37.0026 0x17a8  Blfp - ok
14:44:37.0119 0x17a8  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:44:37.0119 0x17a8  bowser - ok
14:44:37.0244 0x17a8  [ 5E4F25A0F2182E51740A62914E6B020C, 79CC7322204F68214C58F214678F1765EA301C79EE86290D1EBCF9F4677A444D ] BrcmMgmtAgent   C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
14:44:37.0306 0x17a8  BrcmMgmtAgent - ok
14:44:37.0338 0x17a8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:44:37.0338 0x17a8  BrFiltLo - ok
14:44:37.0353 0x17a8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:44:37.0353 0x17a8  BrFiltUp - ok
14:44:37.0384 0x17a8  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
14:44:37.0400 0x17a8  Browser - ok
14:44:37.0478 0x17a8  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:44:37.0494 0x17a8  Brserid - ok
14:44:37.0525 0x17a8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:44:37.0525 0x17a8  BrSerWdm - ok
14:44:37.0540 0x17a8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:44:37.0540 0x17a8  BrUsbMdm - ok
14:44:37.0556 0x17a8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:44:37.0556 0x17a8  BrUsbSer - ok
14:44:37.0634 0x17a8  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:44:37.0634 0x17a8  BthEnum - ok
14:44:37.0650 0x17a8  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:44:37.0650 0x17a8  BTHMODEM - ok
14:44:37.0681 0x17a8  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:44:37.0696 0x17a8  BthPan - ok
14:44:37.0774 0x17a8  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:44:37.0790 0x17a8  BTHPORT - ok
14:44:37.0884 0x17a8  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
14:44:37.0884 0x17a8  bthserv - ok
14:44:37.0977 0x17a8  [ 28D82067B791489E63246E68CD32B29E, 2FDA5143D27C63164A66C18C2573F3E88AD2741DF0D89E17628DB87EDCEDB8D1 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:44:37.0977 0x17a8  BTHSSecurityMgr - ok
14:44:38.0024 0x17a8  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:44:38.0024 0x17a8  BTHUSB - ok
14:44:38.0196 0x17a8  [ 2A0DE6423D6BE95C96124FC66046176E, 84A5074B78752074130286E06801CB778FD81FAF3EDC75B18EC0DE6CC1A10C94 ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
14:44:38.0211 0x17a8  BTWAMPFL - ok
14:44:38.0289 0x17a8  btwaudio - ok
14:44:38.0305 0x17a8  btwavdt - ok
14:44:38.0320 0x17a8  btwl2cap - ok
14:44:38.0336 0x17a8  btwrchid - ok
14:44:38.0367 0x17a8  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:44:38.0367 0x17a8  cdfs - ok
14:44:38.0430 0x17a8  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:44:38.0430 0x17a8  cdrom - ok
14:44:38.0554 0x17a8  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:44:38.0570 0x17a8  CertPropSvc - ok
14:44:38.0617 0x17a8  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:44:38.0617 0x17a8  circlass - ok
14:44:38.0664 0x17a8  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
14:44:38.0664 0x17a8  CLFS - ok
14:44:38.0742 0x17a8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:44:38.0742 0x17a8  clr_optimization_v2.0.50727_32 - ok
14:44:38.0788 0x17a8  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:44:38.0913 0x17a8  clr_optimization_v4.0.30319_32 - ok
14:44:38.0929 0x17a8  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:44:38.0929 0x17a8  CmBatt - ok
14:44:38.0944 0x17a8  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:44:38.0944 0x17a8  cmdide - ok
14:44:39.0100 0x17a8  [ FAE0008AB5BF34E41EC95A8087E94454, AE97D2057FCC5CA2E7DFBE81EA9A84E5EF955CC1F0F21B437ECBB602C85F9B96 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:44:39.0116 0x17a8  CNG - ok
14:44:39.0194 0x17a8  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:44:39.0194 0x17a8  Compbatt - ok
14:44:39.0241 0x17a8  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:44:39.0241 0x17a8  CompositeBus - ok
14:44:39.0256 0x17a8  COMSysApp - ok
14:44:39.0288 0x17a8  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:44:39.0288 0x17a8  crcdisk - ok
14:44:39.0319 0x17a8  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:44:39.0334 0x17a8  CryptSvc - ok
14:44:39.0366 0x17a8  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
14:44:39.0381 0x17a8  CSC - ok
14:44:39.0444 0x17a8  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
14:44:39.0459 0x17a8  CscService - ok
14:44:39.0553 0x17a8  [ 0F538DF1673E5216F3BAACB6911D9D0F, 640A0BA1F897E7F927A01E44408202EF4884D2FE68E4CCB185F315D2B6F2E262 ] CtAudDrv        C:\Windows\system32\Drivers\CtAudDrv.sys
14:44:39.0553 0x17a8  CtAudDrv - ok
14:44:39.0584 0x17a8  [ AA52C0B88C46D5037809D05DD826C61E, 2538AE1DB7E0D1A1ABDA1140CB05D7B1B4CA0FA8125AAFD704124DFDDD4058BF ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:44:39.0584 0x17a8  CtClsFlt - ok
14:44:39.0693 0x17a8  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files\Dropbox\Update\DropboxUpdate.exe
14:44:39.0693 0x17a8  dbupdate - ok
14:44:39.0740 0x17a8  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files\Dropbox\Update\DropboxUpdate.exe
14:44:39.0756 0x17a8  dbupdatem - ok
14:44:39.0880 0x17a8  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:44:39.0880 0x17a8  DcomLaunch - ok
14:44:39.0912 0x17a8  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
14:44:39.0927 0x17a8  defragsvc - ok
14:44:40.0068 0x17a8  [ AB808D3220073FED540579E88AA17653, 96A8A8E0769E1B0DCE340423BDC6F73511182E92560865F1F74D39DEC471DDFD ] DFEPService     C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
14:44:40.0114 0x17a8  DFEPService - ok
14:44:40.0146 0x17a8  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:44:40.0146 0x17a8  DfsC - ok
14:44:40.0192 0x17a8  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:44:40.0192 0x17a8  Dhcp - ok
14:44:40.0286 0x17a8  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:44:40.0333 0x17a8  DiagTrack - ok
14:44:40.0348 0x17a8  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
14:44:40.0348 0x17a8  discache - ok
14:44:40.0380 0x17a8  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
14:44:40.0395 0x17a8  Disk - ok
14:44:40.0411 0x17a8  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:44:40.0426 0x17a8  Dnscache - ok
14:44:40.0473 0x17a8  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:44:40.0489 0x17a8  dot3svc - ok
14:44:40.0536 0x17a8  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
14:44:40.0536 0x17a8  DPS - ok
14:44:40.0567 0x17a8  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:44:40.0582 0x17a8  drmkaud - ok
14:44:40.0629 0x17a8  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:44:40.0645 0x17a8  DXGKrnl - ok
14:44:40.0692 0x17a8  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
14:44:40.0692 0x17a8  EapHost - ok
14:44:40.0863 0x17a8  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
14:44:40.0957 0x17a8  ebdrv - ok
14:44:40.0988 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] EFS             C:\Windows\System32\lsass.exe
14:44:41.0019 0x17a8  EFS - ok
14:44:41.0222 0x17a8  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:44:41.0238 0x17a8  ehRecvr - ok
14:44:41.0269 0x17a8  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
14:44:41.0269 0x17a8  ehSched - ok
14:44:41.0300 0x17a8  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:44:41.0316 0x17a8  elxstor - ok
14:44:41.0409 0x17a8  [ B49FD82B6412B98A162627817E5F1C8E, C70CEC301351A1932389FC40A239209E386C9680CD8C6B7FD64CE33CD229B8A9 ] EmbassyService  C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
14:44:41.0425 0x17a8  EmbassyService - ok
14:44:41.0440 0x17a8  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:44:41.0440 0x17a8  ErrDev - ok
14:44:41.0472 0x17a8  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
14:44:41.0472 0x17a8  EventSystem - ok
14:44:41.0503 0x17a8  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:44:41.0503 0x17a8  exfat - ok
14:44:41.0518 0x17a8  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:44:41.0534 0x17a8  fastfat - ok
14:44:41.0581 0x17a8  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
14:44:41.0596 0x17a8  Fax - ok
14:44:41.0628 0x17a8  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:44:41.0628 0x17a8  fdc - ok
14:44:41.0643 0x17a8  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
14:44:41.0643 0x17a8  fdPHost - ok
14:44:41.0659 0x17a8  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:44:41.0659 0x17a8  FDResPub - ok
14:44:41.0674 0x17a8  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:44:41.0674 0x17a8  FileInfo - ok
14:44:41.0706 0x17a8  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:44:41.0706 0x17a8  Filetrace - ok
14:44:41.0721 0x17a8  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:44:41.0737 0x17a8  flpydisk - ok
14:44:41.0737 0x17a8  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:44:41.0737 0x17a8  FltMgr - ok
14:44:41.0830 0x17a8  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
14:44:41.0908 0x17a8  FontCache - ok
14:44:41.0955 0x17a8  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:44:41.0955 0x17a8  FontCache3.0.0.0 - ok
14:44:41.0971 0x17a8  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:44:41.0971 0x17a8  FsDepends - ok
14:44:41.0986 0x17a8  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:44:41.0986 0x17a8  Fs_Rec - ok
14:44:42.0018 0x17a8  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:44:42.0018 0x17a8  fvevol - ok
14:44:42.0049 0x17a8  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:44:42.0049 0x17a8  gagp30kx - ok
14:44:42.0096 0x17a8  [ 1FEC299F19D64E30788F0F1572933AE1, A720D9CC558787B6880785533230000E12C309D10FDACC6AD489E2F34AC54DFE ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
14:44:42.0111 0x17a8  ggflt - ok
14:44:42.0174 0x17a8  [ F84723EF1733053581689B74C47F4DD2, D69E0DB817B82BC9E564B1136AD5D55EF3A66842B74C66D7DF96CE5528F414BD ] ggsomc          C:\Windows\system32\DRIVERS\ggsomc.sys
14:44:42.0220 0x17a8  ggsomc - ok
14:44:42.0267 0x17a8  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:44:42.0298 0x17a8  gpsvc - ok
14:44:42.0330 0x17a8  [ 05C11D2DA6B396F6AD8C590D32CF81D7, A62E03868A4EEBF3796D36DE8BA472F08091FDC1306E35214429D250CB56175C ] GUBootStartup   C:\Windows\System32\drivers\GUBootStartup.sys
14:44:42.0330 0x17a8  GUBootStartup - ok
14:44:42.0392 0x17a8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:44:42.0392 0x17a8  gupdate - ok
14:44:42.0408 0x17a8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:44:42.0423 0x17a8  gupdatem - ok
14:44:42.0454 0x17a8  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:44:42.0454 0x17a8  hcw85cir - ok
14:44:42.0501 0x17a8  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:44:42.0501 0x17a8  HdAudAddService - ok
14:44:42.0610 0x17a8  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:44:42.0610 0x17a8  HDAudBus - ok
14:44:42.0704 0x17a8  [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
14:44:42.0704 0x17a8  HECI - ok
14:44:42.0735 0x17a8  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:44:42.0735 0x17a8  HidBatt - ok
14:44:42.0766 0x17a8  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:44:42.0766 0x17a8  HidBth - ok
14:44:42.0782 0x17a8  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:44:42.0782 0x17a8  HidIr - ok
14:44:42.0844 0x17a8  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
14:44:42.0844 0x17a8  hidserv - ok
14:44:42.0969 0x17a8  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:44:43.0047 0x17a8  HidUsb - ok
14:44:43.0110 0x17a8  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:44:43.0125 0x17a8  hkmsvc - ok
14:44:43.0156 0x17a8  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:44:43.0172 0x17a8  HomeGroupListener - ok
14:44:43.0266 0x17a8  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:44:43.0281 0x17a8  HomeGroupProvider - ok
14:44:43.0359 0x17a8  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:44:43.0359 0x17a8  HpSAMD - ok
14:44:43.0515 0x17a8  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:44:43.0531 0x17a8  HTTP - ok
14:44:43.0578 0x17a8  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:44:43.0578 0x17a8  hwpolicy - ok
14:44:43.0624 0x17a8  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:44:43.0624 0x17a8  i8042prt - ok
14:44:43.0718 0x17a8  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:44:43.0734 0x17a8  iaStor - ok
14:44:44.0030 0x17a8  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:44:44.0030 0x17a8  IAStorDataMgrSvc - ok
14:44:44.0139 0x17a8  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:44:44.0155 0x17a8  iaStorV - ok
14:44:44.0482 0x17a8  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:44:44.0498 0x17a8  idsvc - ok
14:44:44.0607 0x17a8  IEEtwCollectorService - ok
14:44:45.0949 0x17a8  [ 3E03360B3DC0264DE66EF496F44A7AE0, 634278BBE8A4B28DA76AF3688F7D63ECB5CE27258B03EB2D835FDF0A38186962 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:44:46.0276 0x17a8  igfx - ok
14:44:46.0339 0x17a8  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:44:46.0339 0x17a8  iirsp - ok
14:44:46.0588 0x17a8  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:44:46.0635 0x17a8  IKEEXT - ok
14:44:46.0682 0x17a8  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
14:44:46.0682 0x17a8  Impcd - ok
14:44:46.0807 0x17a8  [ C4FA261B9B5C9822D26020949605AC43, BECBB28675759BEF7C86F1ACD66C6928BC86EF59FAE34F3067928AC0D2FB33A5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:44:46.0822 0x17a8  IntcDAud - ok
14:44:46.0885 0x17a8  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:44:46.0916 0x17a8  intelide - ok
14:44:46.0978 0x17a8  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:44:46.0978 0x17a8  intelppm - ok
14:44:47.0072 0x17a8  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:44:47.0072 0x17a8  IPBusEnum - ok
14:44:47.0103 0x17a8  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:44:47.0103 0x17a8  IpFilterDriver - ok
14:44:47.0244 0x17a8  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:44:47.0259 0x17a8  iphlpsvc - ok
14:44:47.0322 0x17a8  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:44:47.0337 0x17a8  IPMIDRV - ok
14:44:47.0400 0x17a8  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:44:47.0400 0x17a8  IPNAT - ok
14:44:47.0478 0x17a8  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:44:47.0478 0x17a8  IRENUM - ok
14:44:47.0540 0x17a8  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:44:47.0571 0x17a8  isapnp - ok
14:44:47.0665 0x17a8  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:44:47.0696 0x17a8  iScsiPrt - ok
14:44:47.0774 0x17a8  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:44:47.0774 0x17a8  kbdclass - ok
14:44:47.0868 0x17a8  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:44:47.0914 0x17a8  kbdhid - ok
14:44:47.0930 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] KeyIso          C:\Windows\system32\lsass.exe
14:44:47.0930 0x17a8  KeyIso - ok
14:44:48.0164 0x17a8  [ 4635935FC972C582632BF45C26BFCB0E, ABD4AFD71B3C2BD3F741BBE3CEC52C4FA63AC78D353101D2E7DC4DE2725D1CA1 ] KMService       C:\Windows\system32\srvany.exe
14:44:48.0164 0x17a8  KMService - ok
14:44:48.0258 0x17a8  [ 37507B2F0EA8C2A7CFE120E6EE2128B5, 0691D6F9E47FF46A7B58FB2A7298F13EABE3125848B7966F6B38A38A829820B9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:44:48.0273 0x17a8  KSecDD - ok
14:44:48.0367 0x17a8  [ D94D58A52BFC1352E82EBECADE518B6D, 8B5418D2026C2081BD5124D1BE167BED315AB5F88CC57A9BDBB688A30B50F8EE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:44:48.0398 0x17a8  KSecPkg - ok
14:44:48.0554 0x17a8  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:44:48.0570 0x17a8  KtmRm - ok
14:44:48.0648 0x17a8  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:44:48.0663 0x17a8  LanmanServer - ok
14:44:48.0679 0x17a8  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:44:48.0694 0x17a8  LanmanWorkstation - ok
14:44:48.0726 0x17a8  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:44:48.0726 0x17a8  lltdio - ok
14:44:48.0772 0x17a8  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:44:48.0788 0x17a8  lltdsvc - ok
14:44:48.0819 0x17a8  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:44:48.0819 0x17a8  lmhosts - ok
14:44:48.0897 0x17a8  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:44:48.0913 0x17a8  LSI_FC - ok
14:44:48.0960 0x17a8  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:44:48.0975 0x17a8  LSI_SAS - ok
14:44:49.0038 0x17a8  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:44:49.0053 0x17a8  LSI_SAS2 - ok
14:44:49.0084 0x17a8  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:44:49.0084 0x17a8  LSI_SCSI - ok
14:44:49.0147 0x17a8  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:44:49.0147 0x17a8  luafv - ok
14:44:49.0225 0x17a8  lxdn_device - ok
14:44:49.0287 0x17a8  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:44:49.0287 0x17a8  Mcx2Svc - ok
14:44:49.0318 0x17a8  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:44:49.0318 0x17a8  megasas - ok
14:44:49.0396 0x17a8  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:44:49.0412 0x17a8  MegaSR - ok
14:44:49.0599 0x17a8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
14:44:49.0599 0x17a8  MMCSS - ok
14:44:49.0630 0x17a8  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
14:44:49.0630 0x17a8  Modem - ok
14:44:49.0662 0x17a8  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:44:49.0662 0x17a8  monitor - ok
14:44:49.0677 0x17a8  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:44:49.0708 0x17a8  mouclass - ok
14:44:49.0740 0x17a8  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:44:49.0755 0x17a8  mouhid - ok
14:44:49.0833 0x17a8  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:44:49.0849 0x17a8  mountmgr - ok
14:44:50.0052 0x17a8  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:44:50.0067 0x17a8  MozillaMaintenance - ok
14:44:50.0254 0x17a8  [ 7F7FD183AEFC2F302EF1BF1CFCCB82CE, B13D8E8C92EDF1E885AF7E6FA5DD63978C3F319F200B59A955FE6AC3C9D26C32 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:44:50.0286 0x17a8  MpFilter - ok
14:44:50.0348 0x17a8  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:44:50.0348 0x17a8  mpio - ok
14:44:50.0395 0x17a8  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:44:50.0410 0x17a8  mpsdrv - ok
14:44:50.0613 0x17a8  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:44:50.0629 0x17a8  MpsSvc - ok
14:44:50.0676 0x17a8  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:44:50.0707 0x17a8  MRxDAV - ok
14:44:50.0769 0x17a8  [ C04D36B97BCEE4A83EC34325A3424768, 904C8A4875E0016C3F3659B5E1A748EE284789BF7C380E4F83148C2B1FC09D3B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:44:50.0832 0x17a8  mrxsmb - ok
14:44:50.0925 0x17a8  [ 84D65385A4DF3577C9CA697B67DFCE26, 19838CC40945403988C4533A2CF09CA5305BEBD8170093C7567722CC3E918AA5 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:44:51.0175 0x17a8  mrxsmb10 - ok
14:44:51.0268 0x17a8  [ 8758312AE2602620E6C972F527EC64ED, 4DFFEAE6A34F5EDBD8D53FCEE63A3742BEAF93A01769AD3BCB8D5C25C51D0A45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:44:51.0315 0x17a8  mrxsmb20 - ok
14:44:51.0362 0x17a8  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:44:51.0362 0x17a8  msahci - ok
14:44:51.0424 0x17a8  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:44:51.0440 0x17a8  msdsm - ok
14:44:51.0487 0x17a8  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
14:44:51.0643 0x17a8  MSDTC - ok
14:44:51.0705 0x17a8  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:44:51.0705 0x17a8  Msfs - ok
14:44:51.0721 0x17a8  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:44:51.0721 0x17a8  mshidkmdf - ok
14:44:51.0752 0x17a8  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:44:51.0752 0x17a8  msisadrv - ok
14:44:51.0814 0x17a8  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:44:51.0814 0x17a8  MSiSCSI - ok
14:44:51.0814 0x17a8  msiserver - ok
14:44:51.0877 0x17a8  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:44:51.0877 0x17a8  MSKSSRV - ok
14:44:52.0282 0x17a8  [ DC8B329D6B4026D2D6E957BC79336022, B1EC02B57F2F7AFACDD498C21E3CD7F32F798ABE7C8041A2824DECAB8276520F ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:44:52.0282 0x17a8  MsMpSvc - ok
14:44:52.0314 0x17a8  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:44:52.0314 0x17a8  MSPCLOCK - ok
14:44:52.0329 0x17a8  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:44:52.0345 0x17a8  MSPQM - ok
14:44:52.0423 0x17a8  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:44:52.0423 0x17a8  MsRPC - ok
14:44:52.0501 0x17a8  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:44:52.0501 0x17a8  mssmbios - ok
14:44:52.0579 0x17a8  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:44:52.0579 0x17a8  MSTEE - ok
14:44:52.0610 0x17a8  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:44:52.0641 0x17a8  MTConfig - ok
14:44:52.0657 0x17a8  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:44:52.0657 0x17a8  Mup - ok
14:44:52.0844 0x17a8  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
14:44:52.0860 0x17a8  napagent - ok
14:44:52.0906 0x17a8  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:44:52.0922 0x17a8  NativeWifiP - ok
14:44:53.0187 0x17a8  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:44:53.0218 0x17a8  NDIS - ok
14:44:53.0328 0x17a8  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:44:53.0328 0x17a8  NdisCap - ok
14:44:53.0406 0x17a8  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:44:53.0406 0x17a8  NdisTapi - ok
14:44:53.0515 0x17a8  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:44:53.0515 0x17a8  Ndisuio - ok
14:44:53.0577 0x17a8  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:44:53.0577 0x17a8  NdisWan - ok
14:44:53.0640 0x17a8  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:44:53.0655 0x17a8  NDProxy - ok
14:44:53.0718 0x17a8  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:44:53.0718 0x17a8  NetBIOS - ok
14:44:53.0827 0x17a8  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:44:53.0827 0x17a8  NetBT - ok
14:44:53.0874 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] Netlogon        C:\Windows\system32\lsass.exe
14:44:53.0889 0x17a8  Netlogon - ok
14:44:54.0014 0x17a8  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
14:44:54.0030 0x17a8  Netman - ok
14:44:54.0217 0x17a8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:44:54.0388 0x17a8  NetMsmqActivator - ok
14:44:54.0435 0x17a8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:44:54.0435 0x17a8  NetPipeActivator - ok
14:44:54.0560 0x17a8  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
14:44:54.0576 0x17a8  netprofm - ok
14:44:54.0638 0x17a8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:44:54.0654 0x17a8  NetTcpActivator - ok
14:44:54.0669 0x17a8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:44:54.0669 0x17a8  NetTcpPortSharing - ok
14:44:56.0042 0x17a8  [ 64177D4E118C93585F1F20D90A294291, 5244A6125825B7AD2664CADC9928B2E1A2FC6841C2D1A4E33FD67A081154AE3C ] NETwNs32        C:\Windows\system32\DRIVERS\Netwsn00.sys
14:44:56.0323 0x17a8  NETwNs32 - ok
14:44:56.0370 0x17a8  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:44:56.0370 0x17a8  nfrd960 - ok
14:44:56.0432 0x17a8  [ BFD3B47A46BF2BB6BB0CEC7127EE929E, 6DD73FD0AC57D025A1290D494BC4405A6A5D89AE76A3EC4E3F20C3F8A45A5E24 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:44:56.0432 0x17a8  NisDrv - ok
14:44:56.0572 0x17a8  [ F36D4743BCB636F1779E7CB36E950525, 176E3547B30579CE2D8901B5F9AE06C5BF493E81253A4A351FD304A561C8B3F1 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
14:44:56.0604 0x17a8  NisSrv - ok
14:44:56.0697 0x17a8  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:44:56.0728 0x17a8  NlaSvc - ok
14:44:56.0775 0x17a8  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:44:56.0775 0x17a8  Npfs - ok
14:44:56.0869 0x17a8  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
14:44:56.0869 0x17a8  nsi - ok
14:44:56.0900 0x17a8  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:44:56.0900 0x17a8  nsiproxy - ok
14:44:57.0181 0x17a8  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:44:57.0212 0x17a8  Ntfs - ok
14:44:57.0243 0x17a8  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
14:44:57.0243 0x17a8  Null - ok
14:44:57.0274 0x17a8  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:44:57.0290 0x17a8  nvraid - ok
14:44:57.0384 0x17a8  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:44:57.0399 0x17a8  nvstor - ok
14:44:57.0493 0x17a8  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:44:57.0508 0x17a8  nv_agp - ok
14:44:57.0555 0x17a8  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:44:57.0571 0x17a8  ohci1394 - ok
14:44:57.0820 0x17a8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:44:57.0836 0x17a8  ose - ok
14:44:58.0522 0x17a8  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:44:58.0710 0x17a8  osppsvc - ok
14:44:58.0866 0x17a8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:44:58.0881 0x17a8  p2pimsvc - ok
14:44:58.0928 0x17a8  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:44:58.0928 0x17a8  p2psvc - ok
14:44:58.0975 0x17a8  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:44:58.0975 0x17a8  Parport - ok
14:44:59.0006 0x17a8  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:44:59.0006 0x17a8  partmgr - ok
14:44:59.0022 0x17a8  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:44:59.0022 0x17a8  Parvdm - ok
14:44:59.0053 0x17a8  [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
14:44:59.0053 0x17a8  PBADRV - ok
14:44:59.0068 0x17a8  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:44:59.0084 0x17a8  PcaSvc - ok
14:44:59.0115 0x17a8  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:44:59.0115 0x17a8  pccsmcfd - ok
14:44:59.0146 0x17a8  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
14:44:59.0146 0x17a8  pci - ok
14:44:59.0162 0x17a8  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:44:59.0178 0x17a8  pciide - ok
14:44:59.0193 0x17a8  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:44:59.0193 0x17a8  pcmcia - ok
14:44:59.0209 0x17a8  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:44:59.0209 0x17a8  pcw - ok
14:44:59.0256 0x17a8  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:44:59.0271 0x17a8  PEAUTH - ok
14:44:59.0583 0x17a8  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:44:59.0614 0x17a8  PeerDistSvc - ok
14:45:00.0020 0x17a8  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
14:45:00.0051 0x17a8  pla - ok
14:45:00.0145 0x17a8  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:45:00.0145 0x17a8  PlugPlay - ok
14:45:00.0176 0x17a8  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:45:00.0176 0x17a8  PNRPAutoReg - ok
14:45:00.0285 0x17a8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:45:00.0285 0x17a8  PNRPsvc - ok
14:45:00.0519 0x17a8  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:45:00.0535 0x17a8  PolicyAgent - ok
14:45:00.0597 0x17a8  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
14:45:00.0613 0x17a8  Power - ok
14:45:00.0753 0x17a8  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:45:00.0769 0x17a8  PptpMiniport - ok
14:45:00.0816 0x17a8  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:45:00.0816 0x17a8  Processor - ok
14:45:00.0940 0x17a8  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:45:00.0956 0x17a8  ProfSvc - ok
14:45:00.0987 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:45:00.0987 0x17a8  ProtectedStorage - ok
14:45:01.0174 0x17a8  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:45:01.0190 0x17a8  Psched - ok
14:45:01.0533 0x17a8  [ 3A6489DCB6F28970B6BBD9687777FA00, 23F8C7B8A4B95925AA53D7F0AA4C349EA38CBEDF31AC9EAC17189CBBEAEF7B5C ] pwdrvio         C:\Windows\system32\pwdrvio.sys
14:45:01.0533 0x17a8  pwdrvio - ok
14:45:01.0752 0x17a8  [ 9D00D015159B6ADF0980BAEEB5DCC5E4, C944564FD992084E86DD581B73E8DFDA54DBDA8A4396F6675BDA771ED50AF6C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
14:45:01.0752 0x17a8  pwdspio - ok
14:45:01.0767 0x17a8  PxHelp20 - ok
14:45:02.0251 0x17a8  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:45:02.0282 0x17a8  ql2300 - ok
14:45:02.0376 0x17a8  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:45:02.0376 0x17a8  ql40xx - ok
14:45:02.0594 0x17a8  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
14:45:02.0610 0x17a8  QWAVE - ok
14:45:02.0656 0x17a8  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:45:02.0656 0x17a8  QWAVEdrv - ok
14:45:02.0781 0x17a8  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:45:02.0781 0x17a8  RasAcd - ok
14:45:02.0906 0x17a8  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:45:02.0906 0x17a8  RasAgileVpn - ok
14:45:02.0984 0x17a8  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
14:45:03.0000 0x17a8  RasAuto - ok
14:45:03.0140 0x17a8  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:45:03.0140 0x17a8  Rasl2tp - ok
14:45:03.0452 0x17a8  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
14:45:03.0483 0x17a8  RasMan - ok
14:45:03.0546 0x17a8  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:45:03.0561 0x17a8  RasPppoe - ok
14:45:03.0655 0x17a8  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:45:03.0655 0x17a8  RasSstp - ok
14:45:03.0795 0x17a8  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:45:03.0811 0x17a8  rdbss - ok
14:45:03.0858 0x17a8  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:45:03.0858 0x17a8  rdpbus - ok
14:45:03.0920 0x17a8  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:45:03.0920 0x17a8  RDPCDD - ok
14:45:04.0029 0x17a8  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:45:04.0045 0x17a8  RDPDR - ok
14:45:04.0076 0x17a8  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:45:04.0092 0x17a8  RDPENCDD - ok
14:45:04.0107 0x17a8  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:45:04.0107 0x17a8  RDPREFMP - ok
14:45:04.0185 0x17a8  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:45:04.0201 0x17a8  RDPWD - ok
14:45:04.0263 0x17a8  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:45:04.0263 0x17a8  rdyboost - ok
14:45:04.0294 0x17a8  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:45:04.0310 0x17a8  RemoteAccess - ok
14:45:04.0372 0x17a8  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:45:04.0372 0x17a8  RemoteRegistry - ok
14:45:04.0404 0x17a8  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:45:04.0419 0x17a8  RFCOMM - ok
14:45:04.0450 0x17a8  [ E891F07815AF88075705EF6A248711F6, E21FEAD2A2E5A036B87A1C38F5190B507B76A59486FF9FD70890D2EF9BD03612 ] rimspci         C:\Windows\system32\DRIVERS\rimspe86.sys
14:45:04.0450 0x17a8  rimspci - ok
14:45:04.0466 0x17a8  [ 5312F15DBEB47D906DCA2E334DC4C97D, BBD747F8657F03FE5D29FC6844D6AC8A551D68F7148802B716B34F4B518AC2A5 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe86.sys
14:45:04.0466 0x17a8  risdpcie - ok
14:45:04.0497 0x17a8  [ CF2DE2365FD99E5B8E38C9F3467DCDB8, B9D79545A027AAA183B1BE4B52EA1A443D0C8580604C0DCD9294CEFA0C868149 ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe86.sys
14:45:04.0497 0x17a8  rixdpcie - ok
14:45:04.0513 0x17a8  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:45:04.0528 0x17a8  RpcEptMapper - ok
14:45:04.0560 0x17a8  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
14:45:04.0560 0x17a8  RpcLocator - ok
14:45:04.0591 0x17a8  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
14:45:04.0606 0x17a8  RpcSs - ok
14:45:04.0653 0x17a8  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:45:04.0653 0x17a8  rspndr - ok
14:45:04.0762 0x17a8  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:45:04.0762 0x17a8  s3cap - ok
14:45:04.0778 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] SamSs           C:\Windows\system32\lsass.exe
14:45:04.0778 0x17a8  SamSs - ok
14:45:05.0012 0x17a8  [ 9C9BCC79AEF0AA97F16766C498002D36, 7A5D756EF4443FFD0B5B83A887C8A72589E38785EF05A9C82016E94277BFD00B ] SbFw            C:\Windows\system32\drivers\SbFw.sys
14:45:05.0012 0x17a8  SbFw - ok
14:45:05.0168 0x17a8  [ F27B38D70B7621378161D6F48BE04D2C, D545DE0249BB532DB3B18DA7E8810D84FC5214ED0002B7DD94BA914E47FBA3C8 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
14:45:05.0184 0x17a8  SBFWIMCL - ok
14:45:05.0262 0x17a8  [ F27B38D70B7621378161D6F48BE04D2C, D545DE0249BB532DB3B18DA7E8810D84FC5214ED0002B7DD94BA914E47FBA3C8 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
14:45:05.0262 0x17a8  SBFWIMCLMP - ok
14:45:05.0293 0x17a8  [ 53E5E7DC26BB920B97F258BBD52ABFDC, EAA0F863F5486F35182BE634BE4F618C6583B42EC1A73A2844D6AAF8A18E6738 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
14:45:05.0308 0x17a8  sbhips - ok
14:45:05.0355 0x17a8  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:45:05.0355 0x17a8  sbp2port - ok
14:45:05.0355 0x17a8  SBRE - ok
14:45:05.0386 0x17a8  [ 6468E2973E04525DECC105947DDD0D34, 4C170C58C0E4DFA899F1D1D0E44E83B7613FC5EE4E1689842EFB4DBE85B0F773 ] SbTis           C:\Windows\system32\drivers\sbtis.sys
14:45:05.0386 0x17a8  SbTis - ok
14:45:05.0464 0x17a8  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:45:05.0480 0x17a8  SCardSvr - ok
14:45:05.0511 0x17a8  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:45:05.0527 0x17a8  scfilter - ok
14:45:05.0698 0x17a8  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
14:45:05.0730 0x17a8  Schedule - ok
14:45:05.0761 0x17a8  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:45:05.0776 0x17a8  SCPolicySvc - ok
14:45:05.0823 0x17a8  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:45:05.0823 0x17a8  SDRSVC - ok
14:45:05.0901 0x17a8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:45:05.0901 0x17a8  secdrv - ok
14:45:05.0917 0x17a8  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
14:45:06.0541 0x17a8  seclogon - ok
14:45:06.0837 0x17a8  [ 657B2004CAD6D17C6C2F6278600E5832, 4E208EE9F3B9B9474AC78E75E624ED006517826341BE0F9E9BBE5C42018C68BB ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
14:45:06.0884 0x17a8  SecureStorageService - ok
14:45:06.0915 0x17a8  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
14:45:06.0915 0x17a8  SENS - ok
14:45:06.0962 0x17a8  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:45:06.0962 0x17a8  SensrSvc - ok
14:45:07.0009 0x17a8  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:45:07.0009 0x17a8  Serenum - ok
14:45:07.0056 0x17a8  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:45:07.0056 0x17a8  Serial - ok
14:45:07.0102 0x17a8  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:45:07.0102 0x17a8  sermouse - ok
14:45:07.0149 0x17a8  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:45:07.0149 0x17a8  SessionEnv - ok
14:45:07.0180 0x17a8  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:45:07.0180 0x17a8  sffdisk - ok
14:45:07.0212 0x17a8  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:45:07.0212 0x17a8  sffp_mmc - ok
14:45:07.0227 0x17a8  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:45:07.0227 0x17a8  sffp_sd - ok
14:45:07.0258 0x17a8  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:45:07.0274 0x17a8  sfloppy - ok
14:45:07.0368 0x17a8  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:45:07.0383 0x17a8  SharedAccess - ok
14:45:07.0430 0x17a8  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:45:07.0446 0x17a8  ShellHWDetection - ok
14:45:07.0477 0x17a8  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:45:07.0477 0x17a8  sisagp - ok
14:45:07.0508 0x17a8  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:45:07.0508 0x17a8  SiSRaid2 - ok
14:45:07.0524 0x17a8  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:45:07.0539 0x17a8  SiSRaid4 - ok
14:45:07.0586 0x17a8  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:45:07.0586 0x17a8  Smb - ok
14:45:07.0680 0x17a8  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:45:07.0711 0x17a8  SNMPTRAP - ok
14:45:07.0758 0x17a8  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:45:07.0758 0x17a8  spldr - ok
14:45:07.0804 0x17a8  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
14:45:07.0820 0x17a8  Spooler - ok
14:45:08.0023 0x17a8  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
14:45:08.0101 0x17a8  sppsvc - ok
14:45:08.0132 0x17a8  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:45:08.0148 0x17a8  sppuinotify - ok
14:45:08.0210 0x17a8  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:45:08.0210 0x17a8  srv - ok
14:45:08.0257 0x17a8  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:45:08.0272 0x17a8  srv2 - ok
14:45:08.0304 0x17a8  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:45:08.0304 0x17a8  srvnet - ok
14:45:08.0725 0x17a8  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:45:08.0787 0x17a8  SSDPSRV - ok
14:45:08.0881 0x17a8  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:45:08.0881 0x17a8  SstpSvc - ok
14:45:09.0349 0x17a8  [ 7AEFC130355AA99307B31EE678614380, 3DE11EF705725D5B6C9BCD24AD983EFA030A1182FD7FEFA78E54927E74EF2901 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
14:45:09.0364 0x17a8  STacSV - ok
14:45:09.0442 0x17a8  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:45:09.0442 0x17a8  stexstor - ok
14:45:09.0583 0x17a8  [ EC4B4125BA14F7436B1740F63F7BFF21, B1D30A8CBC3EDACDE46C43A4C4CD36D09CFB6AD75ACCD063CE31BEFFEFF9C7A5 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
14:45:09.0598 0x17a8  STHDA - ok
14:45:10.0160 0x17a8  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:45:10.0160 0x17a8  StiSvc - ok
14:45:10.0269 0x17a8  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:45:10.0269 0x17a8  storflt - ok
14:45:10.0332 0x17a8  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
14:45:10.0332 0x17a8  StorSvc - ok
14:45:10.0394 0x17a8  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:45:10.0394 0x17a8  storvsc - ok
14:45:10.0456 0x17a8  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:45:10.0456 0x17a8  swenum - ok
14:45:10.0628 0x17a8  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
14:45:10.0644 0x17a8  swprv - ok
14:45:11.0314 0x17a8  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
14:45:11.0346 0x17a8  SysMain - ok
14:45:11.0424 0x17a8  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
14:45:11.0424 0x17a8  TabletInputService - ok
14:45:11.0689 0x17a8  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:45:11.0689 0x17a8  TapiSrv - ok
14:45:12.0250 0x17a8  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:45:12.0297 0x17a8  Tcpip - ok
14:45:12.0391 0x17a8  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:45:12.0438 0x17a8  TCPIP6 - ok
14:45:12.0516 0x17a8  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:45:12.0516 0x17a8  tcpipreg - ok
14:45:12.0890 0x17a8  [ BD7964E9019C6E60CF806922BB4577D0, 5CAE591A1B8CF513DF6F64508E2E8ABAB40314AF286D4EE144C33D3523DC8511 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
14:45:14.0076 0x17a8  tcsd_win32.exe - ok
14:45:14.0856 0x17a8  [ 219FEF4AE160298559A4E0C16880F351, FC09DE15FBF6BBDB7A57CE0C9867EE0F8A60E6A1B567E73E5259E71944C103AA ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
14:45:14.0934 0x17a8  TdmService - ok
14:45:14.0980 0x17a8  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:45:14.0996 0x17a8  TDPIPE - ok
14:45:15.0043 0x17a8  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:45:15.0043 0x17a8  TDTCP - ok
14:45:15.0105 0x17a8  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:45:15.0339 0x17a8  tdx - ok
14:45:15.0355 0x17a8  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:45:15.0355 0x17a8  TermDD - ok
14:45:15.0464 0x17a8  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
14:45:15.0480 0x17a8  TermService - ok
14:45:15.0526 0x17a8  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
14:45:15.0526 0x17a8  Themes - ok
14:45:15.0558 0x17a8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:45:15.0573 0x17a8  THREADORDER - ok
14:45:15.0636 0x17a8  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
14:45:15.0636 0x17a8  TrkWks - ok
14:45:15.0745 0x17a8  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:45:15.0760 0x17a8  TrustedInstaller - ok
14:45:15.0807 0x17a8  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:45:15.0807 0x17a8  tssecsrv - ok
14:45:15.0901 0x17a8  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:45:15.0901 0x17a8  TsUsbFlt - ok
14:45:15.0979 0x17a8  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:45:15.0979 0x17a8  tunnel - ok
14:45:16.0041 0x17a8  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:45:16.0041 0x17a8  uagp35 - ok
14:45:16.0072 0x17a8  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:45:16.0088 0x17a8  udfs - ok
14:45:16.0135 0x17a8  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:45:16.0150 0x17a8  UI0Detect - ok
14:45:16.0182 0x17a8  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:45:16.0182 0x17a8  uliagpkx - ok
14:45:16.0275 0x17a8  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:45:16.0275 0x17a8  umbus - ok
14:45:16.0322 0x17a8  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:45:16.0322 0x17a8  UmPass - ok
14:45:16.0540 0x17a8  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:45:16.0540 0x17a8  UmRdpService - ok
14:45:16.0572 0x17a8  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
14:45:16.0587 0x17a8  upnphost - ok
14:45:16.0634 0x17a8  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:45:16.0650 0x17a8  usbccgp - ok
14:45:16.0915 0x17a8  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:45:16.0915 0x17a8  usbcir - ok
14:45:16.0962 0x17a8  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:45:16.0962 0x17a8  usbehci - ok
14:45:17.0040 0x17a8  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:45:17.0040 0x17a8  usbhub - ok
14:45:17.0071 0x17a8  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:45:17.0071 0x17a8  usbohci - ok
14:45:17.0149 0x17a8  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:45:17.0149 0x17a8  usbprint - ok
14:45:17.0258 0x17a8  [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser          C:\Windows\system32\drivers\usbser.sys
14:45:17.0258 0x17a8  usbser - ok
14:45:17.0289 0x17a8  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:45:17.0336 0x17a8  USBSTOR - ok
14:45:17.0367 0x17a8  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:45:17.0367 0x17a8  usbuhci - ok
14:45:17.0523 0x17a8  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:45:17.0539 0x17a8  usbvideo - ok
14:45:17.0617 0x17a8  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
14:45:17.0632 0x17a8  UxSms - ok
14:45:17.0679 0x17a8  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] VaultSvc        C:\Windows\system32\lsass.exe
14:45:17.0679 0x17a8  VaultSvc - ok
14:45:17.0757 0x17a8  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:45:17.0757 0x17a8  vdrvroot - ok
14:45:17.0929 0x17a8  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
14:45:17.0944 0x17a8  vds - ok
14:45:18.0210 0x17a8  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:45:18.0210 0x17a8  vga - ok
14:45:18.0303 0x17a8  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:45:18.0303 0x17a8  VgaSave - ok
14:45:18.0397 0x17a8  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:45:18.0412 0x17a8  vhdmp - ok
14:45:18.0475 0x17a8  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:45:18.0506 0x17a8  viaagp - ok
14:45:18.0553 0x17a8  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
14:45:18.0553 0x17a8  ViaC7 - ok
14:45:18.0615 0x17a8  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:45:18.0615 0x17a8  viaide - ok
14:45:18.0693 0x17a8  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:45:18.0709 0x17a8  vmbus - ok
14:45:18.0787 0x17a8  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:45:18.0787 0x17a8  VMBusHID - ok
14:45:18.0834 0x17a8  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:45:18.0834 0x17a8  volmgr - ok
14:45:18.0958 0x17a8  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:45:18.0958 0x17a8  volmgrx - ok
14:45:19.0005 0x17a8  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:45:19.0021 0x17a8  volsnap - ok
14:45:19.0130 0x17a8  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:45:19.0130 0x17a8  vsmraid - ok
14:45:19.0411 0x17a8  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
14:45:19.0442 0x17a8  VSS - ok
14:45:19.0489 0x17a8  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:45:19.0489 0x17a8  vwifibus - ok
14:45:19.0707 0x17a8  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:45:19.0707 0x17a8  vwififlt - ok
14:45:19.0832 0x17a8  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:45:19.0832 0x17a8  vwifimp - ok
14:45:19.0926 0x17a8  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
14:45:19.0926 0x17a8  W32Time - ok
14:45:20.0019 0x17a8  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:45:20.0035 0x17a8  WacomPen - ok
14:45:20.0128 0x17a8  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:45:20.0144 0x17a8  WANARP - ok
14:45:20.0144 0x17a8  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:45:20.0144 0x17a8  Wanarpv6 - ok
14:45:20.0862 0x17a8  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:45:20.0908 0x17a8  WatAdminSvc - ok
14:45:21.0361 0x17a8  [ 54F65FAC962F006019CFE0137CC16FD2, 286AD158CF3727C8C084C9058016D2065E26BC976A133600CCCCB6C1B3352547 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
14:45:21.0688 0x17a8  Wave Authentication Manager Service - ok
14:45:22.0375 0x17a8  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
14:45:22.0453 0x17a8  wbengine - ok
14:45:22.0578 0x17a8  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:45:22.0593 0x17a8  WbioSrvc - ok
14:45:22.0765 0x17a8  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:45:22.0780 0x17a8  wcncsvc - ok
14:45:22.0905 0x17a8  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:45:22.0921 0x17a8  WcsPlugInService - ok
14:45:22.0983 0x17a8  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:45:22.0983 0x17a8  Wd - ok
14:45:23.0202 0x17a8  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
14:45:23.0217 0x17a8  WDC_SAM - ok
14:45:23.0467 0x17a8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:45:23.0482 0x17a8  Wdf01000 - ok
14:45:23.0576 0x17a8  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:45:23.0576 0x17a8  WdiServiceHost - ok
14:45:23.0592 0x17a8  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:45:23.0607 0x17a8  WdiSystemHost - ok
14:45:23.0872 0x17a8  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
14:45:23.0888 0x17a8  WebClient - ok
14:45:23.0997 0x17a8  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:45:23.0997 0x17a8  Wecsvc - ok
14:45:24.0091 0x17a8  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:45:24.0091 0x17a8  wercplsupport - ok
14:45:24.0294 0x17a8  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
14:45:24.0294 0x17a8  WerSvc - ok
14:45:24.0434 0x17a8  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:45:24.0450 0x17a8  WfpLwf - ok
14:45:24.0496 0x17a8  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:45:24.0496 0x17a8  WIMMount - ok
14:45:24.0980 0x17a8  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:45:25.0183 0x17a8  WinDefend - ok
14:45:25.0214 0x17a8  WinHttpAutoProxySvc - ok
14:45:25.0994 0x17a8  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:45:25.0994 0x17a8  Winmgmt - ok
14:45:26.0400 0x17a8  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:45:26.0431 0x17a8  WinRM - ok
14:45:26.0571 0x17a8  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
14:45:26.0587 0x17a8  WinUsb - ok
14:45:26.0946 0x17a8  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:45:26.0977 0x17a8  Wlansvc - ok
14:45:27.0086 0x17a8  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:45:27.0086 0x17a8  WmiAcpi - ok
14:45:27.0148 0x17a8  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:45:27.0164 0x17a8  wmiApSrv - ok
14:45:27.0445 0x17a8  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:45:27.0507 0x17a8  WMPNetworkSvc - ok
14:45:27.0554 0x17a8  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:45:27.0570 0x17a8  WPCSvc - ok
14:45:27.0601 0x17a8  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:45:27.0616 0x17a8  WPDBusEnum - ok
14:45:27.0679 0x17a8  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:45:27.0679 0x17a8  ws2ifsl - ok
14:45:27.0726 0x17a8  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:45:27.0741 0x17a8  wscsvc - ok
14:45:28.0084 0x17a8  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:45:28.0084 0x17a8  WSDPrintDevice - ok
14:45:28.0084 0x17a8  WSearch - ok
14:45:28.0381 0x17a8  [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:45:28.0506 0x17a8  wuauserv - ok
14:45:28.0568 0x17a8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:45:28.0568 0x17a8  WudfPf - ok
14:45:28.0802 0x17a8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:45:28.0818 0x17a8  WUDFRd - ok
14:45:28.0849 0x17a8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:45:28.0864 0x17a8  wudfsvc - ok
14:45:29.0005 0x17a8  [ 78CB45CE99F0EC3F96C64AC185D8233B, 76DD6D450D19524C5EAD3409D4AD950DEF9D21780DBB3DD6495A4004F7A9397E ] WvPCR           C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
14:45:29.0067 0x17a8  WvPCR - ok
14:45:29.0208 0x17a8  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:45:29.0223 0x17a8  WwanSvc - ok
14:45:29.0395 0x17a8  ================ Scan global ===============================
14:45:29.0457 0x17a8  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
14:45:29.0520 0x17a8  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
14:45:29.0801 0x17a8  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
14:45:29.0941 0x17a8  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
14:45:30.0050 0x17a8  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
14:45:30.0050 0x17a8  [ Global ] - ok
14:45:30.0050 0x17a8  ================ Scan MBR ==================================
14:45:30.0097 0x17a8  [ F6A7A18A127F5FB24848062BEC55D1D7 ] \Device\Harddisk0\DR0
14:45:31.0017 0x17a8  \Device\Harddisk0\DR0 - ok
14:45:31.0017 0x17a8  ================ Scan VBR ==================================
14:45:31.0017 0x17a8  [ 6BDB1D186D2C9DDA8405E84E1B83528A ] \Device\Harddisk0\DR0\Partition1
14:45:31.0033 0x17a8  \Device\Harddisk0\DR0\Partition1 - ok
14:45:31.0080 0x17a8  [ C63AA91B9083F06CB9E9E81AC4D640FA ] \Device\Harddisk0\DR0\Partition2
14:45:31.0158 0x17a8  \Device\Harddisk0\DR0\Partition2 - ok
14:45:31.0220 0x17a8  [ FDA01DE7C1B32A752A6E1C1D878DB76F ] \Device\Harddisk0\DR0\Partition3
14:45:31.0220 0x17a8  \Device\Harddisk0\DR0\Partition3 - ok
14:45:31.0220 0x17a8  ================ Scan generic autorun ======================
14:45:33.0233 0x17a8  [ B511C30947831C26550D1F851CF61224, 2A33A1EBCC1838DBFE20D5B5565B74E06527284BAEFD3442BE8AE12E4E89BFA1 ] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
14:45:33.0467 0x17a8  DFEPApplication - ok
14:45:33.0576 0x17a8  [ B6B6D96D7048E0033D7DB07E552761A3, 970D1CA7AF32444100C72787A777195ABA8134D7986E0177620141E7B09EB27B ] C:\Windows\system32\igfxpers.exe
14:45:33.0576 0x17a8  Persistence - ok
14:45:33.0654 0x17a8  [ D197E0C2F3CA44A70E2963F16FC9B487, 4D05F7DA3CAFEDDFB34A99CBEB88A17388D1544BE5F56BEB43987614313D9413 ] C:\Program Files\IDT\WDM\sttray.exe
14:45:33.0685 0x17a8  SysTrayApp - ok
14:45:33.0919 0x17a8  [ B6D8F2B18DB114ECE5F4955FE336BDF3, AC67A8147C9F150C7570A8B07DD1A11C003539F5DCCACB0A0965BC1F8D8073DB ] C:\Program Files\DellTPad\Apoint.exe
14:45:33.0935 0x17a8  Apoint - ok
14:45:34.0153 0x17a8  [ EE4223FEE8AB8B9202FCA18036F157AE, 1B81391127BAB64E47DFC3C82143D8C370B80D4166CE5FFE30B96321C4DCCD51 ] C:\Program Files\Microsoft Security Client\msseces.exe
14:45:34.0184 0x17a8  MSC - ok
14:45:34.0418 0x17a8  Dropbox - ok
14:45:34.0746 0x17a8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:45:34.0777 0x17a8  Sidebar - ok
14:45:34.0886 0x17a8  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:45:34.0902 0x17a8  mctadmin - ok
14:45:34.0949 0x17a8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:45:34.0980 0x17a8  Sidebar - ok
14:45:34.0980 0x17a8  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:45:34.0995 0x17a8  mctadmin - ok
14:45:35.0136 0x17a8  [ D78FF6626984B03327728893BBC68F15, 11E50B19E25258C0E804C2CD9488C2F609FDF077D1C395A5E8C05B43512650FB ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
14:45:35.0198 0x17a8  Directory Opus Desktop Dblclk - ok
14:45:36.0165 0x17a8  [ B458D331858CCD6C8A36E9167DBAFB2A, 9B277AE2E46EEF84A670B8D47A34A083C7E1294119F0FBF0FDC1937315DBB837 ] C:\Program Files\CCleaner\CCleaner.exe
14:45:36.0384 0x17a8  CCleaner Monitoring - ok
14:45:36.0680 0x17a8  [ BF3F3A59F4CB4688F17F625E5DAE7DA9, 291BD701B649B0126C90C8A3F80011252C181A3E434014945A83B6A3030AFD51 ] C:\Program Files\Glary Utilities 5\StartupManager.exe
14:45:36.0680 0x17a8  GUDelayStartup - ok
14:45:37.0133 0x17a8  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:45:37.0694 0x17a8  SpybotPostWindows10UpgradeReInstall - ok
14:45:37.0694 0x17a8  Waiting for KSN requests completion. In queue: 13
14:45:38.0708 0x17a8  Waiting for KSN requests completion. In queue: 13
14:45:39.0722 0x17a8  Waiting for KSN requests completion. In queue: 13
14:45:40.0752 0x17a8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
14:45:40.0767 0x17a8  Win FW state via NFP2: enabled ( trusted )
14:45:43.0482 0x17a8  ============================================================
14:45:43.0482 0x17a8  Scan finished
14:45:43.0482 0x17a8  ============================================================
14:45:43.0497 0x101c  Detected object count: 0
14:45:43.0497 0x101c  Actual detected object count: 0

deeprybka · 15.06.2016, 19:55

Scan wurde nicht nach Anleitung durchgeführt. Bitte wiederholen. Bei Funden Log posten.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Julemule2000 · 15.06.2016, 22:19

Hallo Jürgen, ich hoffe jetzt stimmts:

Code:

ATTFilter

22:46:37.0186 0x11a8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:46:52.0131 0x11a8  ============================================================
22:46:52.0131 0x11a8  Current date / time: 2016/06/15 22:46:52.0131
22:46:52.0131 0x11a8  SystemInfo:
22:46:52.0131 0x11a8  
22:46:52.0131 0x11a8  OS Version: 6.1.7601 ServicePack: 1.0
22:46:52.0131 0x11a8  Product type: Workstation
22:46:52.0131 0x11a8  ComputerName: E5510
22:46:52.0147 0x11a8  UserName: Jula
22:46:52.0147 0x11a8  Windows directory: C:\Windows
22:46:52.0147 0x11a8  System windows directory: C:\Windows
22:46:52.0147 0x11a8  Processor architecture: Intel x86
22:46:52.0147 0x11a8  Number of processors: 4
22:46:52.0147 0x11a8  Page size: 0x1000
22:46:52.0147 0x11a8  Boot type: Normal boot
22:46:52.0147 0x11a8  ============================================================
22:46:53.0036 0x11a8  KLMD registered as C:\Windows\system32\drivers\33089334.sys
22:46:54.0658 0x11a8  System UUID: {7A8F1D94-8AFF-1AAE-D638-83EB35F85CF0}
22:46:55.0594 0x11a8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:46:55.0594 0x11a8  ============================================================
22:46:55.0594 0x11a8  \Device\Harddisk0\DR0:
22:46:55.0594 0x11a8  MBR partitions:
22:46:55.0594 0x11a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
22:46:55.0594 0x11a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C800, BlocksNum 0x13BEB800
22:46:55.0594 0x11a8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13D78000, BlocksNum 0x944D000
22:46:55.0594 0x11a8  ============================================================
22:46:55.0641 0x11a8  C: <-> \Device\Harddisk0\DR0\Partition3
22:46:55.0672 0x11a8  D: <-> \Device\Harddisk0\DR0\Partition2
22:46:55.0672 0x11a8  ============================================================
22:46:55.0672 0x11a8  Initialize success
22:46:55.0672 0x11a8  ============================================================
22:49:35.0952 0x14e0  ============================================================
22:49:35.0952 0x14e0  Scan started
22:49:35.0952 0x14e0  Mode: Manual; 
22:49:35.0952 0x14e0  ============================================================
22:49:35.0952 0x14e0  KSN ping started
22:49:48.0448 0x14e0  KSN ping finished: false
22:49:49.0573 0x14e0  ================ Scan system memory ========================
22:49:49.0573 0x14e0  System memory - ok
22:49:49.0576 0x14e0  ================ Scan services =============================
22:49:49.0744 0x14e0  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:49:49.0748 0x14e0  1394ohci - ok
22:49:49.0800 0x14e0  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:49:49.0811 0x14e0  ACPI - ok
22:49:49.0834 0x14e0  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:49:49.0835 0x14e0  AcpiPmi - ok
22:49:49.0924 0x14e0  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:49:49.0931 0x14e0  AdobeFlashPlayerUpdateSvc - ok
22:49:49.0994 0x14e0  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:49:50.0017 0x14e0  adp94xx - ok
22:49:50.0054 0x14e0  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:49:50.0062 0x14e0  adpahci - ok
22:49:50.0080 0x14e0  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:49:50.0085 0x14e0  adpu320 - ok
22:49:50.0122 0x14e0  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:49:50.0124 0x14e0  AeLookupSvc - ok
22:49:50.0210 0x14e0  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe
22:49:50.0213 0x14e0  AESTFilters - ok
22:49:50.0298 0x14e0  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
22:49:50.0366 0x14e0  AFD - ok
22:49:50.0411 0x14e0  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:49:50.0414 0x14e0  agp440 - ok
22:49:50.0457 0x14e0  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:49:50.0461 0x14e0  aic78xx - ok
22:49:50.0515 0x14e0  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
22:49:50.0517 0x14e0  ALG - ok
22:49:50.0556 0x14e0  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:49:50.0558 0x14e0  aliide - ok
22:49:50.0597 0x14e0  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:49:50.0600 0x14e0  amdagp - ok
22:49:50.0627 0x14e0  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:49:50.0629 0x14e0  amdide - ok
22:49:50.0640 0x14e0  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:49:50.0643 0x14e0  AmdK8 - ok
22:49:50.0650 0x14e0  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:49:50.0652 0x14e0  AmdPPM - ok
22:49:50.0690 0x14e0  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:49:50.0734 0x14e0  amdsata - ok
22:49:50.0782 0x14e0  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:49:50.0788 0x14e0  amdsbs - ok
22:49:50.0814 0x14e0  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:49:50.0815 0x14e0  amdxata - ok
22:49:50.0916 0x14e0  [ ECE3D60C5E9B4EC10C12BD498260BEE3, DF8C8235C9BDE3ACFBFD90E8BAE9CB268BEDAAA9AACD8232F034DC67692A52C2 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
22:49:50.0920 0x14e0  AMPPAL - ok
22:49:50.0957 0x14e0  [ ECE3D60C5E9B4EC10C12BD498260BEE3, DF8C8235C9BDE3ACFBFD90E8BAE9CB268BEDAAA9AACD8232F034DC67692A52C2 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
22:49:50.0961 0x14e0  AMPPALP - ok
22:49:51.0024 0x14e0  [ 44E8C88E5A46FA1483C96C1933FF2ED4, 61EE1F89C7DB937130A684200F80A9AE4EBAA8FC67CCA3A3B4D3C9BA7EFAD9B9 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
22:49:51.0048 0x14e0  AMPPALR3 - ok
22:49:51.0114 0x14e0  [ 2471F498915DBE673FE75840AB0FB715, 0052DA33BCEC50102B791B05BEDAAB465A563899812EB5AD37C2E40619F6F866 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
22:49:51.0129 0x14e0  ApfiltrService - ok
22:49:51.0165 0x14e0  [ C7F5CAE0B450BE875EEE0E6DDFA771FE, 4FDDC802C245606C8A9140F8DF3445FDD6F7112A516F68A04EA15CEB92852E67 ] AppID           C:\Windows\system32\drivers\appid.sys
22:49:51.0189 0x14e0  AppID - ok
22:49:51.0238 0x14e0  [ 8333787D8FCA460C0DD70436464A8A8D, 00AE5CE2FB2DF53B5850B561120A29F757A482115E4D8A52D8033502A45B138D ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:49:51.0256 0x14e0  AppIDSvc - ok
22:49:51.0298 0x14e0  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
22:49:51.0300 0x14e0  Appinfo - ok
22:49:51.0337 0x14e0  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:49:51.0342 0x14e0  AppMgmt - ok
22:49:51.0390 0x14e0  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:49:51.0393 0x14e0  arc - ok
22:49:51.0416 0x14e0  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:49:51.0419 0x14e0  arcsas - ok
22:49:51.0519 0x14e0  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:49:51.0521 0x14e0  aspnet_state - ok
22:49:51.0549 0x14e0  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:49:51.0550 0x14e0  AsyncMac - ok
22:49:51.0585 0x14e0  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:49:51.0587 0x14e0  atapi - ok
22:49:51.0705 0x14e0  [ 3D8DD37D745F83F776B67121ECD49F2C, EF00FBF894426BF093C0618EA1A60AD3A006C8D1922E996F09C631E7343FBEEA ] ATService       C:\Program Files\Fingerprint Sensor\AtService.exe
22:49:51.0795 0x14e0  ATService - ok
22:49:51.0868 0x14e0  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:49:51.0895 0x14e0  AudioEndpointBuilder - ok
22:49:51.0913 0x14e0  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:49:51.0926 0x14e0  Audiosrv - ok
22:49:51.0974 0x14e0  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:49:51.0978 0x14e0  AxInstSV - ok
22:49:52.0024 0x14e0  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:49:52.0045 0x14e0  b06bdrv - ok
22:49:52.0112 0x14e0  [ 8EC7190368711C009DB21F037A108382, D583A3FF28C35501119F096A17F5E3B1CC207ECE60977DB2C81AC94A79EA32A5 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:49:52.0122 0x14e0  b57nd60x - ok
22:49:52.0168 0x14e0  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
22:49:52.0172 0x14e0  BDESVC - ok
22:49:52.0188 0x14e0  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:49:52.0189 0x14e0  Beep - ok
22:49:52.0240 0x14e0  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
22:49:52.0263 0x14e0  BFE - ok
22:49:52.0336 0x14e0  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
22:49:52.0377 0x14e0  BITS - ok
22:49:52.0409 0x14e0  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:49:52.0411 0x14e0  blbdrive - ok
22:49:52.0446 0x14e0  [ 0A5F1B94396C2757F1354881D5266CC1, 501371BC439552D7F8F1B63DC91D7A282A34824CDDEFFC0A77151B70812ACB77 ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
22:49:52.0450 0x14e0  Blfp - ok
22:49:52.0491 0x14e0  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:49:52.0494 0x14e0  bowser - ok
22:49:52.0543 0x14e0  [ 5E4F25A0F2182E51740A62914E6B020C, 79CC7322204F68214C58F214678F1765EA301C79EE86290D1EBCF9F4677A444D ] BrcmMgmtAgent   C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
22:49:52.0628 0x14e0  BrcmMgmtAgent - ok
22:49:52.0682 0x14e0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:49:52.0684 0x14e0  BrFiltLo - ok
22:49:52.0701 0x14e0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:49:52.0702 0x14e0  BrFiltUp - ok
22:49:52.0732 0x14e0  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
22:49:52.0736 0x14e0  Browser - ok
22:49:52.0762 0x14e0  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:49:52.0769 0x14e0  Brserid - ok
22:49:52.0801 0x14e0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:49:52.0804 0x14e0  BrSerWdm - ok
22:49:52.0817 0x14e0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:49:52.0818 0x14e0  BrUsbMdm - ok
22:49:52.0823 0x14e0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:49:52.0825 0x14e0  BrUsbSer - ok
22:49:52.0864 0x14e0  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:49:52.0866 0x14e0  BthEnum - ok
22:49:52.0876 0x14e0  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:49:52.0879 0x14e0  BTHMODEM - ok
22:49:52.0911 0x14e0  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:49:52.0914 0x14e0  BthPan - ok
22:49:52.0962 0x14e0  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:49:52.0984 0x14e0  BTHPORT - ok
22:49:53.0026 0x14e0  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
22:49:53.0029 0x14e0  bthserv - ok
22:49:53.0061 0x14e0  [ 28D82067B791489E63246E68CD32B29E, 2FDA5143D27C63164A66C18C2573F3E88AD2741DF0D89E17628DB87EDCEDB8D1 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
22:49:53.0064 0x14e0  BTHSSecurityMgr - ok
22:49:53.0096 0x14e0  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:49:53.0099 0x14e0  BTHUSB - ok
22:49:53.0149 0x14e0  [ 2A0DE6423D6BE95C96124FC66046176E, 84A5074B78752074130286E06801CB778FD81FAF3EDC75B18EC0DE6CC1A10C94 ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
22:49:53.0157 0x14e0  BTWAMPFL - ok
22:49:53.0176 0x14e0  btwaudio - ok
22:49:53.0193 0x14e0  btwavdt - ok
22:49:53.0199 0x14e0  btwl2cap - ok
22:49:53.0206 0x14e0  btwrchid - ok
22:49:53.0230 0x14e0  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:49:53.0233 0x14e0  cdfs - ok
22:49:53.0271 0x14e0  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:49:53.0274 0x14e0  cdrom - ok
22:49:53.0311 0x14e0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:49:53.0314 0x14e0  CertPropSvc - ok
22:49:53.0329 0x14e0  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:49:53.0331 0x14e0  circlass - ok
22:49:53.0357 0x14e0  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
22:49:53.0364 0x14e0  CLFS - ok
22:49:53.0410 0x14e0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:49:53.0413 0x14e0  clr_optimization_v2.0.50727_32 - ok
22:49:53.0448 0x14e0  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:49:53.0451 0x14e0  clr_optimization_v4.0.30319_32 - ok
22:49:53.0468 0x14e0  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:49:53.0470 0x14e0  CmBatt - ok
22:49:53.0489 0x14e0  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:49:53.0490 0x14e0  cmdide - ok
22:49:53.0550 0x14e0  [ FAE0008AB5BF34E41EC95A8087E94454, AE97D2057FCC5CA2E7DFBE81EA9A84E5EF955CC1F0F21B437ECBB602C85F9B96 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:49:53.0606 0x14e0  CNG - ok
22:49:53.0644 0x14e0  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:49:53.0646 0x14e0  Compbatt - ok
22:49:53.0676 0x14e0  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:49:53.0677 0x14e0  CompositeBus - ok
22:49:53.0700 0x14e0  COMSysApp - ok
22:49:53.0721 0x14e0  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:49:53.0723 0x14e0  crcdisk - ok
22:49:53.0762 0x14e0  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:49:53.0766 0x14e0  CryptSvc - ok
22:49:53.0811 0x14e0  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
22:49:53.0824 0x14e0  CSC - ok
22:49:53.0873 0x14e0  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
22:49:53.0899 0x14e0  CscService - ok
22:49:53.0950 0x14e0  [ 0F538DF1673E5216F3BAACB6911D9D0F, 640A0BA1F897E7F927A01E44408202EF4884D2FE68E4CCB185F315D2B6F2E262 ] CtAudDrv        C:\Windows\system32\Drivers\CtAudDrv.sys
22:49:53.0954 0x14e0  CtAudDrv - ok
22:49:53.0982 0x14e0  [ AA52C0B88C46D5037809D05DD826C61E, 2538AE1DB7E0D1A1ABDA1140CB05D7B1B4CA0FA8125AAFD704124DFDDD4058BF ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:49:53.0986 0x14e0  CtClsFlt - ok
22:49:54.0096 0x14e0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files\Dropbox\Update\DropboxUpdate.exe
22:49:54.0100 0x14e0  dbupdate - ok
22:49:54.0129 0x14e0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files\Dropbox\Update\DropboxUpdate.exe
22:49:54.0132 0x14e0  dbupdatem - ok
22:49:54.0209 0x14e0  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:49:54.0218 0x14e0  DcomLaunch - ok
22:49:54.0272 0x14e0  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
22:49:54.0281 0x14e0  defragsvc - ok
22:49:54.0406 0x14e0  [ AB808D3220073FED540579E88AA17653, 96A8A8E0769E1B0DCE340423BDC6F73511182E92560865F1F74D39DEC471DDFD ] DFEPService     C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
22:49:54.0462 0x14e0  DFEPService - ok
22:49:54.0487 0x14e0  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:49:54.0490 0x14e0  DfsC - ok
22:49:54.0529 0x14e0  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:49:54.0537 0x14e0  Dhcp - ok
22:49:54.0614 0x14e0  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:49:54.0658 0x14e0  DiagTrack - ok
22:49:54.0681 0x14e0  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
22:49:54.0682 0x14e0  discache - ok
22:49:54.0721 0x14e0  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
22:49:54.0724 0x14e0  Disk - ok
22:49:54.0750 0x14e0  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:49:54.0754 0x14e0  Dnscache - ok
22:49:54.0787 0x14e0  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:49:54.0794 0x14e0  dot3svc - ok
22:49:54.0841 0x14e0  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
22:49:54.0846 0x14e0  DPS - ok
22:49:54.0881 0x14e0  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:49:54.0893 0x14e0  drmkaud - ok
22:49:54.0940 0x14e0  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:49:54.0975 0x14e0  DXGKrnl - ok
22:49:55.0012 0x14e0  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
22:49:55.0016 0x14e0  EapHost - ok
22:49:55.0108 0x14e0  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Jula\AppData\Local\Temp\ehdrv.sys
22:49:55.0112 0x14e0  eapihdrv - ok
22:49:55.0254 0x14e0  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:49:55.0373 0x14e0  ebdrv - ok
22:49:55.0399 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] EFS             C:\Windows\System32\lsass.exe
22:49:55.0444 0x14e0  EFS - ok
22:49:55.0503 0x14e0  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:49:55.0527 0x14e0  ehRecvr - ok
22:49:55.0580 0x14e0  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
22:49:55.0583 0x14e0  ehSched - ok
22:49:55.0632 0x14e0  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:49:55.0654 0x14e0  elxstor - ok
22:49:55.0763 0x14e0  [ B49FD82B6412B98A162627817E5F1C8E, C70CEC301351A1932389FC40A239209E386C9680CD8C6B7FD64CE33CD229B8A9 ] EmbassyService  C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
22:49:55.0768 0x14e0  EmbassyService - ok
22:49:55.0794 0x14e0  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:49:55.0795 0x14e0  ErrDev - ok
22:49:55.0821 0x14e0  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
22:49:55.0829 0x14e0  EventSystem - ok
22:49:55.0851 0x14e0  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:49:55.0856 0x14e0  exfat - ok
22:49:55.0876 0x14e0  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:49:55.0880 0x14e0  fastfat - ok
22:49:55.0928 0x14e0  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
22:49:55.0953 0x14e0  Fax - ok
22:49:55.0971 0x14e0  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:49:55.0973 0x14e0  fdc - ok
22:49:55.0984 0x14e0  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
22:49:55.0986 0x14e0  fdPHost - ok
22:49:56.0002 0x14e0  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:49:56.0004 0x14e0  FDResPub - ok
22:49:56.0020 0x14e0  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:49:56.0022 0x14e0  FileInfo - ok
22:49:56.0033 0x14e0  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:49:56.0035 0x14e0  Filetrace - ok
22:49:56.0053 0x14e0  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:49:56.0054 0x14e0  flpydisk - ok
22:49:56.0064 0x14e0  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:49:56.0071 0x14e0  FltMgr - ok
22:49:56.0131 0x14e0  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
22:49:56.0217 0x14e0  FontCache - ok
22:49:56.0281 0x14e0  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:49:56.0283 0x14e0  FontCache3.0.0.0 - ok
22:49:56.0297 0x14e0  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:49:56.0299 0x14e0  FsDepends - ok
22:49:56.0325 0x14e0  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:49:56.0326 0x14e0  Fs_Rec - ok
22:49:56.0349 0x14e0  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:49:56.0354 0x14e0  fvevol - ok
22:49:56.0383 0x14e0  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:49:56.0386 0x14e0  gagp30kx - ok
22:49:56.0491 0x14e0  [ 1FEC299F19D64E30788F0F1572933AE1, A720D9CC558787B6880785533230000E12C309D10FDACC6AD489E2F34AC54DFE ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
22:49:56.0512 0x14e0  ggflt - ok
22:49:56.0566 0x14e0  [ F84723EF1733053581689B74C47F4DD2, D69E0DB817B82BC9E564B1136AD5D55EF3A66842B74C66D7DF96CE5528F414BD ] ggsomc          C:\Windows\system32\DRIVERS\ggsomc.sys
22:49:56.0598 0x14e0  ggsomc - ok
22:49:56.0653 0x14e0  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:49:56.0684 0x14e0  gpsvc - ok
22:49:56.0727 0x14e0  [ 05C11D2DA6B396F6AD8C590D32CF81D7, A62E03868A4EEBF3796D36DE8BA472F08091FDC1306E35214429D250CB56175C ] GUBootStartup   C:\Windows\System32\drivers\GUBootStartup.sys
22:49:56.0730 0x14e0  GUBootStartup - ok
22:49:56.0801 0x14e0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:49:56.0805 0x14e0  gupdate - ok
22:49:56.0820 0x14e0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:49:56.0824 0x14e0  gupdatem - ok
22:49:56.0843 0x14e0  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:49:56.0845 0x14e0  hcw85cir - ok
22:49:56.0889 0x14e0  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:49:56.0898 0x14e0  HdAudAddService - ok
22:49:56.0951 0x14e0  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:49:56.0956 0x14e0  HDAudBus - ok
22:49:57.0032 0x14e0  [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
22:49:57.0034 0x14e0  HECI - ok
22:49:57.0057 0x14e0  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:49:57.0058 0x14e0  HidBatt - ok
22:49:57.0074 0x14e0  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:49:57.0078 0x14e0  HidBth - ok
22:49:57.0098 0x14e0  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:49:57.0100 0x14e0  HidIr - ok
22:49:57.0148 0x14e0  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
22:49:57.0151 0x14e0  hidserv - ok
22:49:57.0195 0x14e0  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:49:57.0214 0x14e0  HidUsb - ok
22:49:57.0254 0x14e0  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:49:57.0260 0x14e0  hkmsvc - ok
22:49:57.0326 0x14e0  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:49:57.0332 0x14e0  HomeGroupListener - ok
22:49:57.0360 0x14e0  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:49:57.0367 0x14e0  HomeGroupProvider - ok
22:49:57.0399 0x14e0  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:49:57.0403 0x14e0  HpSAMD - ok
22:49:57.0450 0x14e0  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:49:57.0475 0x14e0  HTTP - ok
22:49:57.0500 0x14e0  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:49:57.0500 0x14e0  hwpolicy - ok
22:49:57.0512 0x14e0  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:49:57.0515 0x14e0  i8042prt - ok
22:49:57.0561 0x14e0  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:49:57.0571 0x14e0  iaStor - ok
22:49:57.0660 0x14e0  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:49:57.0661 0x14e0  IAStorDataMgrSvc - ok
22:49:57.0683 0x14e0  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:49:57.0694 0x14e0  iaStorV - ok
22:49:57.0776 0x14e0  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:49:57.0834 0x14e0  idsvc - ok
22:49:57.0871 0x14e0  IEEtwCollectorService - ok
22:49:58.0290 0x14e0  [ 3E03360B3DC0264DE66EF496F44A7AE0, 634278BBE8A4B28DA76AF3688F7D63ECB5CE27258B03EB2D835FDF0A38186962 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:49:58.0690 0x14e0  igfx - ok
22:49:58.0728 0x14e0  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:49:58.0730 0x14e0  iirsp - ok
22:49:58.0783 0x14e0  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:49:58.0816 0x14e0  IKEEXT - ok
22:49:58.0844 0x14e0  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
22:49:58.0848 0x14e0  Impcd - ok
22:49:58.0884 0x14e0  [ C4FA261B9B5C9822D26020949605AC43, BECBB28675759BEF7C86F1ACD66C6928BC86EF59FAE34F3067928AC0D2FB33A5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:49:58.0891 0x14e0  IntcDAud - ok
22:49:58.0913 0x14e0  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:49:58.0915 0x14e0  intelide - ok
22:49:58.0930 0x14e0  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:49:58.0931 0x14e0  intelppm - ok
22:49:58.0976 0x14e0  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:49:58.0981 0x14e0  IPBusEnum - ok
22:49:59.0000 0x14e0  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:49:59.0004 0x14e0  IpFilterDriver - ok
22:49:59.0035 0x14e0  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:49:59.0060 0x14e0  iphlpsvc - ok
22:49:59.0079 0x14e0  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:49:59.0082 0x14e0  IPMIDRV - ok
22:49:59.0103 0x14e0  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:49:59.0107 0x14e0  IPNAT - ok
22:49:59.0134 0x14e0  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:49:59.0136 0x14e0  IRENUM - ok
22:49:59.0152 0x14e0  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:49:59.0154 0x14e0  isapnp - ok
22:49:59.0190 0x14e0  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:49:59.0196 0x14e0  iScsiPrt - ok
22:49:59.0229 0x14e0  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:49:59.0231 0x14e0  kbdclass - ok
22:49:59.0246 0x14e0  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:49:59.0270 0x14e0  kbdhid - ok
22:49:59.0282 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] KeyIso          C:\Windows\system32\lsass.exe
22:49:59.0284 0x14e0  KeyIso - ok
22:49:59.0338 0x14e0  [ 4635935FC972C582632BF45C26BFCB0E, ABD4AFD71B3C2BD3F741BBE3CEC52C4FA63AC78D353101D2E7DC4DE2725D1CA1 ] KMService       C:\Windows\system32\srvany.exe
22:49:59.0341 0x14e0  KMService - ok
22:49:59.0371 0x14e0  [ 37507B2F0EA8C2A7CFE120E6EE2128B5, 0691D6F9E47FF46A7B58FB2A7298F13EABE3125848B7966F6B38A38A829820B9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:49:59.0376 0x14e0  KSecDD - ok
22:49:59.0403 0x14e0  [ D94D58A52BFC1352E82EBECADE518B6D, 8B5418D2026C2081BD5124D1BE167BED315AB5F88CC57A9BDBB688A30B50F8EE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:49:59.0408 0x14e0  KSecPkg - ok
22:49:59.0447 0x14e0  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:49:59.0457 0x14e0  KtmRm - ok
22:49:59.0466 0x14e0  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:49:59.0476 0x14e0  LanmanServer - ok
22:49:59.0503 0x14e0  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:49:59.0508 0x14e0  LanmanWorkstation - ok
22:49:59.0528 0x14e0  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:49:59.0531 0x14e0  lltdio - ok
22:49:59.0565 0x14e0  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:49:59.0572 0x14e0  lltdsvc - ok
22:49:59.0586 0x14e0  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:49:59.0589 0x14e0  lmhosts - ok
22:49:59.0620 0x14e0  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:49:59.0623 0x14e0  LSI_FC - ok
22:49:59.0632 0x14e0  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:49:59.0637 0x14e0  LSI_SAS - ok
22:49:59.0645 0x14e0  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:49:59.0648 0x14e0  LSI_SAS2 - ok
22:49:59.0656 0x14e0  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:49:59.0660 0x14e0  LSI_SCSI - ok
22:49:59.0691 0x14e0  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:49:59.0694 0x14e0  luafv - ok
22:49:59.0716 0x14e0  lxdn_device - ok
22:49:59.0767 0x14e0  [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:49:59.0772 0x14e0  MBAMSwissArmy - ok
22:49:59.0807 0x14e0  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:49:59.0811 0x14e0  Mcx2Svc - ok
22:49:59.0817 0x14e0  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:49:59.0819 0x14e0  megasas - ok
22:49:59.0828 0x14e0  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:49:59.0835 0x14e0  MegaSR - ok
22:49:59.0856 0x14e0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
22:49:59.0861 0x14e0  MMCSS - ok
22:49:59.0866 0x14e0  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
22:49:59.0869 0x14e0  Modem - ok
22:49:59.0908 0x14e0  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:49:59.0909 0x14e0  monitor - ok
22:49:59.0925 0x14e0  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:49:59.0926 0x14e0  mouclass - ok
22:49:59.0940 0x14e0  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:49:59.0980 0x14e0  mouhid - ok
22:50:00.0022 0x14e0  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:50:00.0024 0x14e0  mountmgr - ok
22:50:00.0078 0x14e0  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:50:00.0083 0x14e0  MozillaMaintenance - ok
22:50:00.0147 0x14e0  [ 7F7FD183AEFC2F302EF1BF1CFCCB82CE, B13D8E8C92EDF1E885AF7E6FA5DD63978C3F319F200B59A955FE6AC3C9D26C32 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:50:00.0154 0x14e0  MpFilter - ok
22:50:00.0183 0x14e0  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:50:00.0187 0x14e0  mpio - ok
22:50:00.0210 0x14e0  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:50:00.0212 0x14e0  mpsdrv - ok
22:50:00.0257 0x14e0  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:50:00.0280 0x14e0  MpsSvc - ok
22:50:00.0324 0x14e0  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:50:00.0379 0x14e0  MRxDAV - ok
22:50:00.0416 0x14e0  [ C04D36B97BCEE4A83EC34325A3424768, 904C8A4875E0016C3F3659B5E1A748EE284789BF7C380E4F83148C2B1FC09D3B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:50:00.0443 0x14e0  mrxsmb - ok
22:50:00.0474 0x14e0  [ 84D65385A4DF3577C9CA697B67DFCE26, 19838CC40945403988C4533A2CF09CA5305BEBD8170093C7567722CC3E918AA5 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:50:00.0536 0x14e0  mrxsmb10 - ok
22:50:00.0564 0x14e0  [ 8758312AE2602620E6C972F527EC64ED, 4DFFEAE6A34F5EDBD8D53FCEE63A3742BEAF93A01769AD3BCB8D5C25C51D0A45 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:50:00.0603 0x14e0  mrxsmb20 - ok
22:50:00.0636 0x14e0  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:50:00.0638 0x14e0  msahci - ok
22:50:00.0673 0x14e0  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:50:00.0677 0x14e0  msdsm - ok
22:50:00.0696 0x14e0  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
22:50:00.0702 0x14e0  MSDTC - ok
22:50:00.0731 0x14e0  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:50:00.0732 0x14e0  Msfs - ok
22:50:00.0737 0x14e0  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:50:00.0739 0x14e0  mshidkmdf - ok
22:50:00.0758 0x14e0  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:50:00.0759 0x14e0  msisadrv - ok
22:50:00.0800 0x14e0  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:50:00.0805 0x14e0  MSiSCSI - ok
22:50:00.0811 0x14e0  msiserver - ok
22:50:00.0833 0x14e0  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:50:00.0834 0x14e0  MSKSSRV - ok
22:50:00.0934 0x14e0  [ DC8B329D6B4026D2D6E957BC79336022, B1EC02B57F2F7AFACDD498C21E3CD7F32F798ABE7C8041A2824DECAB8276520F ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:50:00.0935 0x14e0  MsMpSvc - ok
22:50:00.0950 0x14e0  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:50:00.0952 0x14e0  MSPCLOCK - ok
22:50:00.0971 0x14e0  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:50:00.0973 0x14e0  MSPQM - ok
22:50:00.0992 0x14e0  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:50:00.0997 0x14e0  MsRPC - ok
22:50:01.0014 0x14e0  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:50:01.0015 0x14e0  mssmbios - ok
22:50:01.0032 0x14e0  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:50:01.0033 0x14e0  MSTEE - ok
22:50:01.0040 0x14e0  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:50:01.0042 0x14e0  MTConfig - ok
22:50:01.0057 0x14e0  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:50:01.0060 0x14e0  Mup - ok
22:50:01.0097 0x14e0  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
22:50:01.0107 0x14e0  napagent - ok
22:50:01.0142 0x14e0  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:50:01.0149 0x14e0  NativeWifiP - ok
22:50:01.0208 0x14e0  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:50:01.0242 0x14e0  NDIS - ok
22:50:01.0266 0x14e0  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:50:01.0268 0x14e0  NdisCap - ok
22:50:01.0302 0x14e0  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:50:01.0304 0x14e0  NdisTapi - ok
22:50:01.0328 0x14e0  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:50:01.0330 0x14e0  Ndisuio - ok
22:50:01.0354 0x14e0  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:50:01.0358 0x14e0  NdisWan - ok
22:50:01.0379 0x14e0  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:50:01.0381 0x14e0  NDProxy - ok
22:50:01.0396 0x14e0  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:50:01.0398 0x14e0  NetBIOS - ok
22:50:01.0427 0x14e0  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:50:01.0432 0x14e0  NetBT - ok
22:50:01.0448 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] Netlogon        C:\Windows\system32\lsass.exe
22:50:01.0450 0x14e0  Netlogon - ok
22:50:01.0487 0x14e0  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
22:50:01.0496 0x14e0  Netman - ok
22:50:01.0579 0x14e0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:01.0583 0x14e0  NetMsmqActivator - ok
22:50:01.0602 0x14e0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:01.0605 0x14e0  NetPipeActivator - ok
22:50:01.0619 0x14e0  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
22:50:01.0630 0x14e0  netprofm - ok
22:50:01.0659 0x14e0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:01.0662 0x14e0  NetTcpActivator - ok
22:50:01.0675 0x14e0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:50:01.0678 0x14e0  NetTcpPortSharing - ok
22:50:02.0087 0x14e0  [ 64177D4E118C93585F1F20D90A294291, 5244A6125825B7AD2664CADC9928B2E1A2FC6841C2D1A4E33FD67A081154AE3C ] NETwNs32        C:\Windows\system32\DRIVERS\Netwsn00.sys
22:50:02.0462 0x14e0  NETwNs32 - ok
22:50:02.0522 0x14e0  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:50:02.0524 0x14e0  nfrd960 - ok
22:50:02.0577 0x14e0  [ BFD3B47A46BF2BB6BB0CEC7127EE929E, 6DD73FD0AC57D025A1290D494BC4405A6A5D89AE76A3EC4E3F20C3F8A45A5E24 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:50:02.0581 0x14e0  NisDrv - ok
22:50:02.0637 0x14e0  [ F36D4743BCB636F1779E7CB36E950525, 176E3547B30579CE2D8901B5F9AE06C5BF493E81253A4A351FD304A561C8B3F1 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
22:50:02.0646 0x14e0  NisSrv - ok
22:50:02.0677 0x14e0  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:50:02.0685 0x14e0  NlaSvc - ok
22:50:02.0698 0x14e0  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:50:02.0715 0x14e0  Npfs - ok
22:50:02.0749 0x14e0  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
22:50:02.0751 0x14e0  nsi - ok
22:50:02.0766 0x14e0  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:50:02.0767 0x14e0  nsiproxy - ok
22:50:02.0835 0x14e0  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:50:02.0886 0x14e0  Ntfs - ok
22:50:02.0901 0x14e0  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
22:50:02.0902 0x14e0  Null - ok
22:50:02.0918 0x14e0  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:50:02.0921 0x14e0  nvraid - ok
22:50:02.0951 0x14e0  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:50:02.0957 0x14e0  nvstor - ok
22:50:02.0982 0x14e0  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:50:02.0985 0x14e0  nv_agp - ok
22:50:03.0010 0x14e0  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:50:03.0013 0x14e0  ohci1394 - ok
22:50:03.0084 0x14e0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:50:03.0089 0x14e0  ose - ok
22:50:03.0295 0x14e0  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:50:03.0493 0x14e0  osppsvc - ok
22:50:03.0530 0x14e0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:50:03.0539 0x14e0  p2pimsvc - ok
22:50:03.0564 0x14e0  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:50:03.0577 0x14e0  p2psvc - ok
22:50:03.0611 0x14e0  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:50:03.0613 0x14e0  Parport - ok
22:50:03.0663 0x14e0  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:50:03.0690 0x14e0  partmgr - ok
22:50:03.0708 0x14e0  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:50:03.0709 0x14e0  Parvdm - ok
22:50:03.0730 0x14e0  [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
22:50:03.0732 0x14e0  PBADRV - ok
22:50:03.0751 0x14e0  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:50:03.0757 0x14e0  PcaSvc - ok
22:50:03.0804 0x14e0  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:50:03.0805 0x14e0  pccsmcfd - ok
22:50:03.0828 0x14e0  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
22:50:03.0834 0x14e0  pci - ok
22:50:03.0853 0x14e0  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:50:03.0854 0x14e0  pciide - ok
22:50:03.0870 0x14e0  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:50:03.0876 0x14e0  pcmcia - ok
22:50:03.0883 0x14e0  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:50:03.0885 0x14e0  pcw - ok
22:50:03.0937 0x14e0  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:50:03.0962 0x14e0  PEAUTH - ok
22:50:04.0037 0x14e0  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:50:04.0095 0x14e0  PeerDistSvc - ok
22:50:04.0201 0x14e0  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
22:50:04.0265 0x14e0  pla - ok
22:50:04.0298 0x14e0  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:50:04.0308 0x14e0  PlugPlay - ok
22:50:04.0323 0x14e0  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:50:04.0327 0x14e0  PNRPAutoReg - ok
22:50:04.0345 0x14e0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:50:04.0352 0x14e0  PNRPsvc - ok
22:50:04.0386 0x14e0  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:50:04.0401 0x14e0  PolicyAgent - ok
22:50:04.0433 0x14e0  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
22:50:04.0439 0x14e0  Power - ok
22:50:04.0458 0x14e0  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:50:04.0461 0x14e0  PptpMiniport - ok
22:50:04.0477 0x14e0  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:50:04.0480 0x14e0  Processor - ok
22:50:04.0509 0x14e0  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:50:04.0517 0x14e0  ProfSvc - ok
22:50:04.0531 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:50:04.0533 0x14e0  ProtectedStorage - ok
22:50:04.0562 0x14e0  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:50:04.0565 0x14e0  Psched - ok
22:50:04.0611 0x14e0  [ 3A6489DCB6F28970B6BBD9687777FA00, 23F8C7B8A4B95925AA53D7F0AA4C349EA38CBEDF31AC9EAC17189CBBEAEF7B5C ] pwdrvio         C:\Windows\system32\pwdrvio.sys
22:50:04.0615 0x14e0  pwdrvio - ok
22:50:04.0643 0x14e0  [ 9D00D015159B6ADF0980BAEEB5DCC5E4, C944564FD992084E86DD581B73E8DFDA54DBDA8A4396F6675BDA771ED50AF6C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
22:50:04.0646 0x14e0  pwdspio - ok
22:50:04.0654 0x14e0  PxHelp20 - ok
22:50:04.0721 0x14e0  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:50:04.0784 0x14e0  ql2300 - ok
22:50:04.0795 0x14e0  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:50:04.0798 0x14e0  ql40xx - ok
22:50:04.0824 0x14e0  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
22:50:04.0832 0x14e0  QWAVE - ok
22:50:04.0842 0x14e0  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:50:04.0844 0x14e0  QWAVEdrv - ok
22:50:04.0853 0x14e0  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:50:04.0854 0x14e0  RasAcd - ok
22:50:04.0891 0x14e0  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:50:04.0893 0x14e0  RasAgileVpn - ok
22:50:04.0910 0x14e0  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
22:50:04.0915 0x14e0  RasAuto - ok
22:50:04.0936 0x14e0  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:50:04.0939 0x14e0  Rasl2tp - ok
22:50:04.0964 0x14e0  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
22:50:04.0974 0x14e0  RasMan - ok
22:50:04.0986 0x14e0  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:50:04.0989 0x14e0  RasPppoe - ok
22:50:05.0012 0x14e0  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:50:05.0015 0x14e0  RasSstp - ok
22:50:05.0039 0x14e0  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:50:05.0046 0x14e0  rdbss - ok
22:50:05.0061 0x14e0  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:50:05.0062 0x14e0  rdpbus - ok
22:50:05.0077 0x14e0  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:50:05.0078 0x14e0  RDPCDD - ok
22:50:05.0103 0x14e0  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:50:05.0107 0x14e0  RDPDR - ok
22:50:05.0135 0x14e0  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:50:05.0136 0x14e0  RDPENCDD - ok
22:50:05.0153 0x14e0  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:50:05.0154 0x14e0  RDPREFMP - ok
22:50:05.0183 0x14e0  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:50:05.0190 0x14e0  RDPWD - ok
22:50:05.0220 0x14e0  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:50:05.0226 0x14e0  rdyboost - ok
22:50:05.0253 0x14e0  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:50:05.0257 0x14e0  RemoteAccess - ok
22:50:05.0279 0x14e0  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:50:05.0286 0x14e0  RemoteRegistry - ok
22:50:05.0326 0x14e0  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:50:05.0330 0x14e0  RFCOMM - ok
22:50:05.0364 0x14e0  [ E891F07815AF88075705EF6A248711F6, E21FEAD2A2E5A036B87A1C38F5190B507B76A59486FF9FD70890D2EF9BD03612 ] rimspci         C:\Windows\system32\DRIVERS\rimspe86.sys
22:50:05.0367 0x14e0  rimspci - ok
22:50:05.0385 0x14e0  [ 5312F15DBEB47D906DCA2E334DC4C97D, BBD747F8657F03FE5D29FC6844D6AC8A551D68F7148802B716B34F4B518AC2A5 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe86.sys
22:50:05.0387 0x14e0  risdpcie - ok
22:50:05.0403 0x14e0  [ CF2DE2365FD99E5B8E38C9F3467DCDB8, B9D79545A027AAA183B1BE4B52EA1A443D0C8580604C0DCD9294CEFA0C868149 ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe86.sys
22:50:05.0405 0x14e0  rixdpcie - ok
22:50:05.0430 0x14e0  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:50:05.0434 0x14e0  RpcEptMapper - ok
22:50:05.0454 0x14e0  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
22:50:05.0458 0x14e0  RpcLocator - ok
22:50:05.0491 0x14e0  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
22:50:05.0501 0x14e0  RpcSs - ok
22:50:05.0512 0x14e0  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:50:05.0515 0x14e0  rspndr - ok
22:50:05.0534 0x14e0  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:50:05.0536 0x14e0  s3cap - ok
22:50:05.0541 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] SamSs           C:\Windows\system32\lsass.exe
22:50:05.0544 0x14e0  SamSs - ok
22:50:05.0608 0x14e0  [ 9C9BCC79AEF0AA97F16766C498002D36, 7A5D756EF4443FFD0B5B83A887C8A72589E38785EF05A9C82016E94277BFD00B ] SbFw            C:\Windows\system32\drivers\SbFw.sys
22:50:05.0614 0x14e0  SbFw - ok
22:50:05.0669 0x14e0  [ F27B38D70B7621378161D6F48BE04D2C, D545DE0249BB532DB3B18DA7E8810D84FC5214ED0002B7DD94BA914E47FBA3C8 ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
22:50:05.0671 0x14e0  SBFWIMCL - ok
22:50:05.0699 0x14e0  [ F27B38D70B7621378161D6F48BE04D2C, D545DE0249BB532DB3B18DA7E8810D84FC5214ED0002B7DD94BA914E47FBA3C8 ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
22:50:05.0701 0x14e0  SBFWIMCLMP - ok
22:50:05.0740 0x14e0  [ 53E5E7DC26BB920B97F258BBD52ABFDC, EAA0F863F5486F35182BE634BE4F618C6583B42EC1A73A2844D6AAF8A18E6738 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
22:50:05.0743 0x14e0  sbhips - ok
22:50:05.0786 0x14e0  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:50:05.0790 0x14e0  sbp2port - ok
22:50:05.0797 0x14e0  SBRE - ok
22:50:05.0835 0x14e0  [ 6468E2973E04525DECC105947DDD0D34, 4C170C58C0E4DFA899F1D1D0E44E83B7613FC5EE4E1689842EFB4DBE85B0F773 ] SbTis           C:\Windows\system32\drivers\sbtis.sys
22:50:05.0838 0x14e0  SbTis - ok
22:50:05.0864 0x14e0  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:50:05.0870 0x14e0  SCardSvr - ok
22:50:05.0887 0x14e0  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:50:05.0889 0x14e0  scfilter - ok
22:50:05.0946 0x14e0  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
22:50:05.0980 0x14e0  Schedule - ok
22:50:06.0036 0x14e0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:50:06.0038 0x14e0  SCPolicySvc - ok
22:50:06.0065 0x14e0  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:50:06.0071 0x14e0  SDRSVC - ok
22:50:06.0097 0x14e0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:50:06.0098 0x14e0  secdrv - ok
22:50:06.0117 0x14e0  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
22:50:06.0136 0x14e0  seclogon - ok
22:50:06.0236 0x14e0  [ 657B2004CAD6D17C6C2F6278600E5832, 4E208EE9F3B9B9474AC78E75E624ED006517826341BE0F9E9BBE5C42018C68BB ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
22:50:06.0297 0x14e0  SecureStorageService - ok
22:50:06.0316 0x14e0  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
22:50:06.0320 0x14e0  SENS - ok
22:50:06.0365 0x14e0  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:50:06.0368 0x14e0  SensrSvc - ok
22:50:06.0399 0x14e0  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:50:06.0400 0x14e0  Serenum - ok
22:50:06.0416 0x14e0  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:50:06.0419 0x14e0  Serial - ok
22:50:06.0451 0x14e0  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:50:06.0453 0x14e0  sermouse - ok
22:50:06.0495 0x14e0  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:50:06.0501 0x14e0  SessionEnv - ok
22:50:06.0529 0x14e0  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:50:06.0530 0x14e0  sffdisk - ok
22:50:06.0540 0x14e0  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:50:06.0542 0x14e0  sffp_mmc - ok
22:50:06.0554 0x14e0  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:50:06.0556 0x14e0  sffp_sd - ok
22:50:06.0564 0x14e0  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:50:06.0566 0x14e0  sfloppy - ok
22:50:06.0617 0x14e0  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:50:06.0627 0x14e0  SharedAccess - ok
22:50:06.0648 0x14e0  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:50:06.0664 0x14e0  ShellHWDetection - ok
22:50:06.0677 0x14e0  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:50:06.0680 0x14e0  sisagp - ok
22:50:06.0715 0x14e0  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:50:06.0718 0x14e0  SiSRaid2 - ok
22:50:06.0740 0x14e0  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:50:06.0743 0x14e0  SiSRaid4 - ok
22:50:06.0783 0x14e0  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:50:06.0787 0x14e0  Smb - ok
22:50:06.0827 0x14e0  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:50:06.0832 0x14e0  SNMPTRAP - ok
22:50:06.0842 0x14e0  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:50:06.0844 0x14e0  spldr - ok
22:50:06.0876 0x14e0  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
22:50:06.0894 0x14e0  Spooler - ok
22:50:07.0024 0x14e0  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
22:50:07.0142 0x14e0  sppsvc - ok
22:50:07.0175 0x14e0  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:50:07.0179 0x14e0  sppuinotify - ok
22:50:07.0214 0x14e0  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:50:07.0222 0x14e0  srv - ok
22:50:07.0246 0x14e0  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:50:07.0254 0x14e0  srv2 - ok
22:50:07.0266 0x14e0  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:50:07.0270 0x14e0  srvnet - ok
22:50:07.0296 0x14e0  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:50:07.0302 0x14e0  SSDPSRV - ok
22:50:07.0325 0x14e0  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:50:07.0330 0x14e0  SstpSvc - ok
22:50:07.0386 0x14e0  [ 7AEFC130355AA99307B31EE678614380, 3DE11EF705725D5B6C9BCD24AD983EFA030A1182FD7FEFA78E54927E74EF2901 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
22:50:07.0393 0x14e0  STacSV - ok
22:50:07.0412 0x14e0  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:50:07.0413 0x14e0  stexstor - ok
22:50:07.0479 0x14e0  [ EC4B4125BA14F7436B1740F63F7BFF21, B1D30A8CBC3EDACDE46C43A4C4CD36D09CFB6AD75ACCD063CE31BEFFEFF9C7A5 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
22:50:07.0499 0x14e0  STHDA - ok
22:50:07.0551 0x14e0  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:50:07.0576 0x14e0  StiSvc - ok
22:50:07.0616 0x14e0  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:50:07.0618 0x14e0  storflt - ok
22:50:07.0643 0x14e0  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
22:50:07.0647 0x14e0  StorSvc - ok
22:50:07.0666 0x14e0  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:50:07.0668 0x14e0  storvsc - ok
22:50:07.0683 0x14e0  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:50:07.0684 0x14e0  swenum - ok
22:50:07.0714 0x14e0  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
22:50:07.0733 0x14e0  swprv - ok
22:50:07.0813 0x14e0  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
22:50:07.0858 0x14e0  SysMain - ok
22:50:07.0877 0x14e0  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:07.0883 0x14e0  TabletInputService - ok
22:50:07.0909 0x14e0  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:50:07.0917 0x14e0  TapiSrv - ok
22:50:07.0987 0x14e0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:50:08.0041 0x14e0  Tcpip - ok
22:50:08.0102 0x14e0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:50:08.0128 0x14e0  TCPIP6 - ok
22:50:08.0149 0x14e0  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:50:08.0151 0x14e0  tcpipreg - ok
22:50:08.0253 0x14e0  [ BD7964E9019C6E60CF806922BB4577D0, 5CAE591A1B8CF513DF6F64508E2E8ABAB40314AF286D4EE144C33D3523DC8511 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
22:50:09.0445 0x14e0  tcsd_win32.exe - ok
22:50:09.0584 0x14e0  [ 219FEF4AE160298559A4E0C16880F351, FC09DE15FBF6BBDB7A57CE0C9867EE0F8A60E6A1B567E73E5259E71944C103AA ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
22:50:09.0710 0x14e0  TdmService - ok
22:50:09.0747 0x14e0  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:50:09.0749 0x14e0  TDPIPE - ok
22:50:09.0773 0x14e0  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:50:09.0774 0x14e0  TDTCP - ok
22:50:09.0812 0x14e0  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:50:09.0835 0x14e0  tdx - ok
22:50:09.0851 0x14e0  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:50:09.0853 0x14e0  TermDD - ok
22:50:09.0902 0x14e0  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
22:50:09.0928 0x14e0  TermService - ok
22:50:09.0956 0x14e0  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
22:50:09.0960 0x14e0  Themes - ok
22:50:09.0972 0x14e0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:50:09.0975 0x14e0  THREADORDER - ok
22:50:09.0996 0x14e0  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
22:50:10.0000 0x14e0  TrkWks - ok
22:50:10.0047 0x14e0  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:10.0052 0x14e0  TrustedInstaller - ok
22:50:10.0082 0x14e0  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:10.0084 0x14e0  tssecsrv - ok
22:50:10.0140 0x14e0  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:50:10.0142 0x14e0  TsUsbFlt - ok
22:50:10.0184 0x14e0  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:50:10.0188 0x14e0  tunnel - ok
22:50:10.0217 0x14e0  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:50:10.0219 0x14e0  uagp35 - ok
22:50:10.0246 0x14e0  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:50:10.0253 0x14e0  udfs - ok
22:50:10.0276 0x14e0  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:50:10.0280 0x14e0  UI0Detect - ok
22:50:10.0303 0x14e0  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:50:10.0305 0x14e0  uliagpkx - ok
22:50:10.0342 0x14e0  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:50:10.0344 0x14e0  umbus - ok
22:50:10.0355 0x14e0  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:50:10.0357 0x14e0  UmPass - ok
22:50:10.0394 0x14e0  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:50:10.0401 0x14e0  UmRdpService - ok
22:50:10.0424 0x14e0  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
22:50:10.0438 0x14e0  upnphost - ok
22:50:10.0466 0x14e0  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:10.0506 0x14e0  usbccgp - ok
22:50:10.0539 0x14e0  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:50:10.0542 0x14e0  usbcir - ok
22:50:10.0561 0x14e0  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:50:10.0563 0x14e0  usbehci - ok
22:50:10.0597 0x14e0  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:50:10.0604 0x14e0  usbhub - ok
22:50:10.0620 0x14e0  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:50:10.0622 0x14e0  usbohci - ok
22:50:10.0647 0x14e0  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:50:10.0648 0x14e0  usbprint - ok
22:50:10.0682 0x14e0  [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser          C:\Windows\system32\drivers\usbser.sys
22:50:10.0684 0x14e0  usbser - ok
22:50:10.0713 0x14e0  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:50:10.0735 0x14e0  USBSTOR - ok
22:50:10.0757 0x14e0  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:50:10.0759 0x14e0  usbuhci - ok
22:50:10.0796 0x14e0  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:50:10.0800 0x14e0  usbvideo - ok
22:50:10.0822 0x14e0  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
22:50:10.0826 0x14e0  UxSms - ok
22:50:10.0839 0x14e0  [ 910ED0DF49A5A02059BB224B99C689D2, 2A92C06DF0D18F80466B9CC0938EFC9DD04B4BACBAB28D18D10366EF26E15F09 ] VaultSvc        C:\Windows\system32\lsass.exe
22:50:10.0841 0x14e0  VaultSvc - ok
22:50:10.0857 0x14e0  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:50:10.0859 0x14e0  vdrvroot - ok
22:50:10.0904 0x14e0  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
22:50:10.0929 0x14e0  vds - ok
22:50:10.0949 0x14e0  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:10.0951 0x14e0  vga - ok
22:50:10.0976 0x14e0  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:50:10.0978 0x14e0  VgaSave - ok
22:50:11.0028 0x14e0  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:50:11.0049 0x14e0  vhdmp - ok
22:50:11.0072 0x14e0  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:50:11.0075 0x14e0  viaagp - ok
22:50:11.0096 0x14e0  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:50:11.0099 0x14e0  ViaC7 - ok
22:50:11.0127 0x14e0  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:50:11.0130 0x14e0  viaide - ok
22:50:11.0147 0x14e0  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:50:11.0153 0x14e0  vmbus - ok
22:50:11.0169 0x14e0  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:50:11.0170 0x14e0  VMBusHID - ok
22:50:11.0187 0x14e0  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:50:11.0190 0x14e0  volmgr - ok
22:50:11.0218 0x14e0  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:50:11.0225 0x14e0  volmgrx - ok
22:50:11.0244 0x14e0  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:50:11.0251 0x14e0  volsnap - ok
22:50:11.0282 0x14e0  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:50:11.0287 0x14e0  vsmraid - ok
22:50:11.0350 0x14e0  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
22:50:11.0392 0x14e0  VSS - ok
22:50:11.0418 0x14e0  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:50:11.0419 0x14e0  vwifibus - ok
22:50:11.0451 0x14e0  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:50:11.0453 0x14e0  vwififlt - ok
22:50:11.0488 0x14e0  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:50:11.0490 0x14e0  vwifimp - ok
22:50:11.0517 0x14e0  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
22:50:11.0528 0x14e0  W32Time - ok
22:50:11.0556 0x14e0  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:50:11.0558 0x14e0  WacomPen - ok
22:50:11.0575 0x14e0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:50:11.0577 0x14e0  WANARP - ok
22:50:11.0584 0x14e0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:50:11.0587 0x14e0  Wanarpv6 - ok
22:50:11.0674 0x14e0  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:50:11.0753 0x14e0  WatAdminSvc - ok
22:50:11.0869 0x14e0  [ 54F65FAC962F006019CFE0137CC16FD2, 286AD158CF3727C8C084C9058016D2065E26BC976A133600CCCCB6C1B3352547 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
22:50:12.0100 0x14e0  Wave Authentication Manager Service - ok
22:50:12.0159 0x14e0  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
22:50:12.0210 0x14e0  wbengine - ok
22:50:12.0237 0x14e0  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:50:12.0244 0x14e0  WbioSrvc - ok
22:50:12.0275 0x14e0  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:50:12.0284 0x14e0  wcncsvc - ok
22:50:12.0307 0x14e0  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:12.0311 0x14e0  WcsPlugInService - ok
22:50:12.0329 0x14e0  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:50:12.0331 0x14e0  Wd - ok
22:50:12.0372 0x14e0  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
22:50:12.0374 0x14e0  WDC_SAM - ok
22:50:12.0418 0x14e0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:50:12.0443 0x14e0  Wdf01000 - ok
22:50:12.0473 0x14e0  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:50:12.0478 0x14e0  WdiServiceHost - ok
22:50:12.0487 0x14e0  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:50:12.0492 0x14e0  WdiSystemHost - ok
22:50:12.0516 0x14e0  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
22:50:12.0524 0x14e0  WebClient - ok
22:50:12.0549 0x14e0  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:50:12.0557 0x14e0  Wecsvc - ok
22:50:12.0575 0x14e0  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:50:12.0579 0x14e0  wercplsupport - ok
22:50:12.0606 0x14e0  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
22:50:12.0612 0x14e0  WerSvc - ok
22:50:12.0635 0x14e0  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:12.0636 0x14e0  WfpLwf - ok
22:50:12.0642 0x14e0  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:50:12.0643 0x14e0  WIMMount - ok
22:50:12.0702 0x14e0  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:50:12.0729 0x14e0  WinDefend - ok
22:50:12.0749 0x14e0  WinHttpAutoProxySvc - ok
22:50:12.0795 0x14e0  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:50:12.0800 0x14e0  Winmgmt - ok
22:50:12.0861 0x14e0  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:50:12.0914 0x14e0  WinRM - ok
22:50:12.0948 0x14e0  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
22:50:12.0950 0x14e0  WinUsb - ok
22:50:12.0990 0x14e0  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:50:13.0032 0x14e0  Wlansvc - ok
22:50:13.0068 0x14e0  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:50:13.0068 0x14e0  WmiAcpi - ok
22:50:13.0097 0x14e0  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:50:13.0102 0x14e0  wmiApSrv - ok
22:50:13.0164 0x14e0  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:50:13.0210 0x14e0  WMPNetworkSvc - ok
22:50:13.0230 0x14e0  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:50:13.0234 0x14e0  WPCSvc - ok
22:50:13.0262 0x14e0  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:50:13.0267 0x14e0  WPDBusEnum - ok
22:50:13.0287 0x14e0  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:50:13.0289 0x14e0  ws2ifsl - ok
22:50:13.0307 0x14e0  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:50:13.0311 0x14e0  wscsvc - ok
22:50:13.0351 0x14e0  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
22:50:13.0353 0x14e0  WSDPrintDevice - ok
22:50:13.0361 0x14e0  WSearch - ok
22:50:13.0465 0x14e0  [ E51B294DC4A0A944DDE468356CFBB4AC, 0C1B8768C0F8CD7A76E926A068AA994D9FC546A4FBFC8935C93F683A9A052762 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:50:13.0579 0x14e0  wuauserv - ok
22:50:13.0632 0x14e0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:50:13.0635 0x14e0  WudfPf - ok
22:50:13.0659 0x14e0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:13.0664 0x14e0  WUDFRd - ok
22:50:13.0701 0x14e0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:50:13.0706 0x14e0  wudfsvc - ok
22:50:13.0774 0x14e0  [ 78CB45CE99F0EC3F96C64AC185D8233B, 76DD6D450D19524C5EAD3409D4AD950DEF9D21780DBB3DD6495A4004F7A9397E ] WvPCR           C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
22:50:13.0842 0x14e0  WvPCR - ok
22:50:13.0870 0x14e0  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:50:13.0878 0x14e0  WwanSvc - ok
22:50:13.0902 0x14e0  ================ Scan global ===============================
22:50:13.0921 0x14e0  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
22:50:13.0938 0x14e0  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
22:50:14.0009 0x14e0  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
22:50:14.0039 0x14e0  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:50:14.0065 0x14e0  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
22:50:14.0074 0x14e0  [ Global ] - ok
22:50:14.0075 0x14e0  ================ Scan MBR ==================================
22:50:14.0097 0x14e0  [ F6A7A18A127F5FB24848062BEC55D1D7 ] \Device\Harddisk0\DR0
22:50:14.0377 0x14e0  \Device\Harddisk0\DR0 - ok
22:50:14.0380 0x14e0  ================ Scan VBR ==================================
22:50:14.0383 0x14e0  [ 6BDB1D186D2C9DDA8405E84E1B83528A ] \Device\Harddisk0\DR0\Partition1
22:50:14.0384 0x14e0  \Device\Harddisk0\DR0\Partition1 - ok
22:50:14.0390 0x14e0  [ C63AA91B9083F06CB9E9E81AC4D640FA ] \Device\Harddisk0\DR0\Partition2
22:50:14.0422 0x14e0  \Device\Harddisk0\DR0\Partition2 - ok
22:50:14.0427 0x14e0  [ FDA01DE7C1B32A752A6E1C1D878DB76F ] \Device\Harddisk0\DR0\Partition3
22:50:14.0429 0x14e0  \Device\Harddisk0\DR0\Partition3 - ok
22:50:14.0432 0x14e0  ================ Scan generic autorun ======================
22:50:14.0694 0x14e0  [ B511C30947831C26550D1F851CF61224, 2A33A1EBCC1838DBFE20D5B5565B74E06527284BAEFD3442BE8AE12E4E89BFA1 ] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
22:50:14.0921 0x14e0  DFEPApplication - ok
22:50:14.0955 0x14e0  [ B6B6D96D7048E0033D7DB07E552761A3, 970D1CA7AF32444100C72787A777195ABA8134D7986E0177620141E7B09EB27B ] C:\Windows\system32\igfxpers.exe
22:50:14.0960 0x14e0  Persistence - ok
22:50:14.0997 0x14e0  [ D197E0C2F3CA44A70E2963F16FC9B487, 4D05F7DA3CAFEDDFB34A99CBEB88A17388D1544BE5F56BEB43987614313D9413 ] C:\Program Files\IDT\WDM\sttray.exe
22:50:15.0018 0x14e0  SysTrayApp - ok
22:50:15.0081 0x14e0  [ B6D8F2B18DB114ECE5F4955FE336BDF3, AC67A8147C9F150C7570A8B07DD1A11C003539F5DCCACB0A0965BC1F8D8073DB ] C:\Program Files\DellTPad\Apoint.exe
22:50:15.0106 0x14e0  Apoint - ok
22:50:15.0173 0x14e0  [ EE4223FEE8AB8B9202FCA18036F157AE, 1B81391127BAB64E47DFC3C82143D8C370B80D4166CE5FFE30B96321C4DCCD51 ] C:\Program Files\Microsoft Security Client\msseces.exe
22:50:15.0216 0x14e0  MSC - ok
22:50:15.0250 0x14e0  Dropbox - ok
22:50:15.0333 0x14e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:50:15.0378 0x14e0  Sidebar - ok
22:50:15.0403 0x14e0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:50:15.0407 0x14e0  mctadmin - ok
22:50:15.0443 0x14e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:50:15.0465 0x14e0  Sidebar - ok
22:50:15.0474 0x14e0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:50:15.0479 0x14e0  mctadmin - ok
22:50:15.0526 0x14e0  [ D78FF6626984B03327728893BBC68F15, 11E50B19E25258C0E804C2CD9488C2F609FDF077D1C395A5E8C05B43512650FB ] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
22:50:15.0532 0x14e0  Directory Opus Desktop Dblclk - ok
22:50:15.0781 0x14e0  [ B458D331858CCD6C8A36E9167DBAFB2A, 9B277AE2E46EEF84A670B8D47A34A083C7E1294119F0FBF0FDC1937315DBB837 ] C:\Program Files\CCleaner\CCleaner.exe
22:50:16.0038 0x14e0  CCleaner Monitoring - ok
22:50:16.0086 0x14e0  [ BF3F3A59F4CB4688F17F625E5DAE7DA9, 291BD701B649B0126C90C8A3F80011252C181A3E434014945A83B6A3030AFD51 ] C:\Program Files\Glary Utilities 5\StartupManager.exe
22:50:16.0088 0x14e0  GUDelayStartup - ok
22:50:16.0167 0x14e0  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:50:16.0187 0x14e0  SpybotPostWindows10UpgradeReInstall - ok
22:50:16.0202 0x14e0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
22:50:16.0206 0x14e0  Win FW state via NFP2: enabled ( trusted )
22:50:16.0207 0x14e0  ============================================================
22:50:16.0207 0x14e0  Scan finished
22:50:16.0207 0x14e0  ============================================================
22:50:16.0217 0x1560  Detected object count: 0
22:50:16.0217 0x1560  Actual detected object count: 0

Jetzt der logfile von adaware:

Code:

ATTFilter

# AdwCleaner v5.200 - Bericht erstellt am 15/06/2016 um 21:40:51
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-15.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : Jula - E5510
# Gestartet von : C:\Users\Jula\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files\pc speed up
[#] Ordner gelöscht : C:\Program Files\PC Speed Up
[-] Ordner gelöscht : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
[-] Ordner gelöscht : C:\Users\Jula\AppData\Local\PackageAware
[-] Ordner gelöscht : C:\Users\Jula\AppData\Roaming\goforfiles
[#] Ordner gelöscht : C:\Users\Jula\AppData\Roaming\GoforFiles
[-] Ordner gelöscht : C:\Users\Administrator\AppData\Local\PackageAware

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Go for FilesUpdate

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\{13C8734A-1AD2-4500-9F65-10D99AD80F54}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel gelöscht : HKCU\Software\distromatic
[-] Schlüssel gelöscht : HKCU\Software\GoforFiles
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\GoforFiles
[-] Schlüssel gelöscht : HKLM\SOFTWARE\OpenCandy
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Uniblue
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CF7265E-55FF-4B82-8CFE-276ABC6D3D02}

***** [ Internetbrowser ] *****

[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("extensions.crossrider.bic", "13cf364df3300db1e2dc9a5c1b43add6");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("extensions.webbooster@iminent.com.install-event-fired", true);
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1319549671759");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1319549671756");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1319549671761");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent128", "1319887731087");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1319545056445");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent135", "1317554478187");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent137", "1319118688460");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1319538998243");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent0", "1314686538501");
[-] [C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\prefs.js] gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1314686538499");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9826 Bytes] - [15/06/2016 21:40:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [9849 Bytes] - [15/06/2016 21:38:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9972 Bytes] ##########

Dann kommt Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 15.06.2016 22:06, SYSTEM, E5510, Manual, Rootkit Database, 2016.2.8.1, 2016.5.27.1, 
Update, 15.06.2016 22:06, SYSTEM, E5510, Manual, Remediation Database, 2016.2.12.1, 2016.5.25.1, 
Update, 15.06.2016 22:06, SYSTEM, E5510, Manual, IP Database, 2016.2.8.1, 2016.6.15.1, 
Update, 15.06.2016 22:06, SYSTEM, E5510, Manual, Domain Database, 2016.2.16.8, 2016.6.15.5, 
Update, 15.06.2016 22:08, SYSTEM, E5510, Manual, Malware Database, 2016.2.16.6, 2016.6.15.5, 
Scan, 15.06.2016 22:36, SYSTEM, E5510, Manual, Start: 15.06.2016 22:08, Dauer: 23 Min. 26 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 6 Nicht-Malware-Erkennungen, 

(end)

eset folgt noch.
Danke schon mal

Julemule2000 · 16.06.2016, 02:56

Esetlogfile mit Bagle ...

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bef5c278400a1c469ad2bdbec930c9b9
# end=init
# utc_time=2016-06-15 08:44:59
# local_time=2016-06-15 10:44:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 29808
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bef5c278400a1c469ad2bdbec930c9b9
# end=updated
# utc_time=2016-06-15 08:53:59
# local_time=2016-06-15 10:53:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=bef5c278400a1c469ad2bdbec930c9b9
# engine=29808
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-16 01:23:27
# local_time=2016-06-16 03:23:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 9473845 107349923 0 0
# scanned=205121
# found=5
# cleaned=4
# scan_time=16168
sh=18E402D4BAA881D68A8FAF8017EE7787D59D3B5E ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip"
sh=18E402D4BAA881D68A8FAF8017EE7787D59D3B5E ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip"
sh=16C0AABDA781E793A412F313CF74614BF5A5A598 ft=1 fh=e03a054ae78bd9f3 vn="Variante von Win32/Systweak.A evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht)" ac=C fn="D:\10 PC\00 Downloads\dffsetup-qtcore4.exe"
sh=2426DE370B79432170FF9D0719017C0E718CCC6D ft=1 fh=da0a375f84e334b7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="D:\10 PC\00 Downloads\FreeMind - CHIP-Installer.exe"
sh=375A112B109A801ACC55812F2B836258B631B2D3 ft=1 fh=3bd779fb8d516121 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="D:\10 PC\00 Downloads\Perfect Effects Free - CHIP-Installer.exe"

deeprybka · 16.06.2016, 18:15

Mit dem Befolgen von Anweisungen und Anleitungen hast es wohl nicht so?

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Julemule2000 · 17.06.2016, 13:23

I´m so sorry, was habe ich denn falsch gemacht?

Hier der FRST log

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:16-06-2016 01
durchgeführt von Jula (Administrator) auf E5510 (17-06-2016 14:14:31)
Gestartet von C:\Users\Jula\Desktop
Geladene Profile: Jula (Verfügbare Profile: Jula & Administrator)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
( ) C:\Windows\System32\lxdncoms.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [6306872 2012-08-15] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-08-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [555352 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
Winlogon\Notify\!SASWinLogon: 
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll [2010-09-15] (UPEK Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [271840 2010-10-12] (GP Software)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [43984 2016-05-30] (Glarysoft Ltd)
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [837592 2010-10-12] (GP Software)
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-12-08] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-12-08] (Wave Systems Corp.)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Jula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2012-12-03]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
BootExecute: autocheck autochk *  

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{36BC7818-11A5-4630-BA32-3781D33CDA71}: [NameServer] 131.220.16.220,131.220.14.203
Tcpip\..\Interfaces\{6CD91C06-9AAC-4D0D-A3A4-05AA0F65019C}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM -> DefaultScope {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> DefaultScope {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {293B375F-E823-4DC0-BB9A-00C65C3BF4C6} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> {6389DEB7-BB35-4A97-B92D-674BA5070224} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-15] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-15] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxps://www.google.de/
FF NetworkProxy: "autoconfig_url", "file:///C:\\Users\\Jula\\AppData\\Local\\Temp\\proxtube.pac"
FF NetworkProxy: "http", "72.64.146.135"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-20] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\ecosia.xml [2015-10-29]
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\firefox-add-ons.xml [2012-11-23]
FF SearchPlugin: C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\searchplugins\google-scholar.xml [2011-04-05]
FF Extension: NoScript - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: LEO Dictionaries - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\contextMenuExtension@leo.org.xpi [2016-05-02]
FF Extension: Tab Mix Plus - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-07]
FF Extension: British English Dictionary - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2015-12-20] [ist nicht signiert]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-29]
FF Extension: Adblock Plus - C:\Users\Jula\AppData\Roaming\Mozilla\Firefox\Profiles\8idefssf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-06-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-06-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-06-11]

Chrome: 
=======
CHR Profile: C:\Users\Jula\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509440 2012-01-09] (Intel Corporation)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1787720 2012-02-02] (AuthenTec, Inc.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [131072 2011-11-30] (Broadcom Corporation) [Datei ist nicht signiert]
R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104208 2012-01-17] (Intel(R) Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-09] (Dropbox, Inc.)
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [1569336 2012-08-15] (Dell Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [179592 2012-01-17] ()
S2 KMService; C:\Windows\system32\srvany.exe [8192 2011-11-09] () [Datei ist nicht signiert]
R2 lxdn_device; C:\Windows\system32\lxdncoms.exe [589824 2007-11-28] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1517448 2011-11-11] (Wave Systems Corp.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2010-08-16] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] () [Datei ist nicht signiert]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2864496 2011-12-08] (Wave Systems Corp.)
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1189376 2012-01-05] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [145408 2012-01-16] (Wave Systems Corp.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [141312 2012-01-09] (Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [141312 2012-01-09] (Windows (R) Win 7 DDK provider)
S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [103936 2011-08-22] (Broadcom Corporation)
S3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-06-06] (Broadcom Corporation.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-09-07] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-05-03] (Glarysoft Ltd)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-06-15] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10383360 2012-09-30] (Intel Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2012-08-03] (Dell Inc)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [59904 2010-03-21] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38912 2010-03-21] (REDC)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [221784 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [69208 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [69208 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [94040 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [78936 2011-04-05] (Sunbelt Software, Inc.)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 eapihdrv; \??\C:\Users\Jula\AppData\Local\Temp\ehdrv.sys [X]
S0 PxHelp20; System32\Drivers\PxHelp20.sys [X]
S1 SBRE; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-17 14:14 - 2016-06-17 14:14 - 01737216 _____ (Farbar) C:\Users\Jula\Desktop\FRST.exe
2016-06-17 14:14 - 2016-06-17 14:14 - 00000000 ____D C:\Users\Jula\Desktop\FRST-OlderVersion
2016-06-16 03:59 - 2016-06-16 03:59 - 00002472 _____ C:\Users\Jula\Desktop\eset logfile.txt
2016-06-15 22:46 - 2016-06-15 22:58 - 00214130 _____ C:\TDSSKiller.3.1.0.9_15.06.2016_22.46.37_log.txt
2016-06-15 22:46 - 2016-06-15 14:44 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Jula\Desktop\tdsskiller.exe
2016-06-15 22:42 - 2016-06-15 22:42 - 00000714 _____ C:\Users\Jula\Desktop\Scan-Protokoll Malwarebytes.txt
2016-06-15 22:29 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 22:25 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 22:25 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-15 22:25 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 22:24 - 2016-06-06 17:26 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 22:24 - 2016-06-06 17:23 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 22:24 - 2016-06-03 15:04 - 01225216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 22:24 - 2016-05-27 15:05 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-15 22:24 - 2016-05-27 15:05 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 22:24 - 2016-05-27 15:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 22:24 - 2016-05-27 15:05 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-15 22:24 - 2016-05-22 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 22:24 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 22:24 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 22:24 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-15 22:24 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-15 22:24 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 22:24 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-15 22:21 - 2016-06-15 22:21 - 00010054 _____ C:\Users\Jula\Desktop\AdwCleaner[C1].txt
2016-06-15 22:03 - 2016-06-15 22:40 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-15 22:03 - 2016-06-15 22:03 - 00001093 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-15 22:03 - 2016-06-15 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-15 22:03 - 2016-06-15 22:03 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-06-15 22:03 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-15 22:03 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-15 22:03 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-15 21:50 - 2016-06-15 21:50 - 00003288 ____N C:\bootsqm.dat
2016-06-15 21:38 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 21:38 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-15 21:38 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 21:38 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 21:38 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 21:38 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-15 21:38 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 21:38 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-15 21:38 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-15 21:35 - 2016-06-15 21:53 - 00000000 ____D C:\AdwCleaner
2016-06-15 21:35 - 2016-06-15 21:33 - 03703360 _____ C:\Users\Jula\Desktop\AdwCleaner_5.200.exe
2016-06-15 21:32 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 21:32 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 21:32 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-15 21:32 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-15 21:32 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-15 21:32 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 21:32 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 21:32 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 21:32 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 21:32 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 21:32 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 21:32 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-15 21:32 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-15 21:32 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-15 21:32 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 21:32 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 20:22 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 20:22 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 20:22 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-15 20:22 - 2016-05-21 00:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-15 20:22 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 20:22 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-15 20:22 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-15 20:22 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-15 20:22 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-15 20:22 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 20:22 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-15 20:22 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-15 20:22 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-15 20:22 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 20:22 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-15 20:22 - 2016-05-20 23:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-15 20:22 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-15 20:22 - 2016-05-20 23:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 20:22 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-15 20:22 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 20:22 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 20:22 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-15 20:22 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-15 20:22 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 20:22 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 20:22 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-15 20:22 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 20:22 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 20:22 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 20:22 - 2016-05-20 23:09 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-15 20:22 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 20:22 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-15 20:22 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 20:22 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 20:22 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 20:22 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-15 20:22 - 2016-05-12 16:54 - 02397696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 20:22 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 20:22 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 20:22 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 20:22 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-15 20:22 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 20:22 - 2016-04-14 17:38 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-15 20:22 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-15 20:22 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-15 20:22 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-15 20:22 - 2016-04-14 17:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-15 20:22 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-15 20:22 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-15 20:13 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 14:44 - 2016-06-15 14:53 - 00213662 _____ C:\TDSSKiller.3.1.0.9_15.06.2016_14.44.12_log.txt
2016-06-13 09:12 - 2016-06-17 14:17 - 00022013 _____ C:\Users\Jula\Desktop\FRST.txt
2016-06-13 09:10 - 2016-06-13 09:12 - 00049486 _____ C:\Users\Jula\Desktop\Addition.txt
2016-06-12 23:22 - 2016-06-13 07:23 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-06-12 22:48 - 2016-06-17 14:14 - 00000000 ____D C:\FRST
2016-06-11 11:07 - 2016-06-11 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2016-06-11 11:07 - 2016-06-11 11:07 - 00000000 ____D C:\Program Files\Citavi 5
2016-06-08 14:27 - 2016-06-10 12:54 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-07 19:53 - 2016-06-07 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-25 11:53 - 2016-05-25 11:53 - 00002123 _____ C:\Users\Public\Desktop\WISO steuer Start 2016.lnk
2016-05-25 11:53 - 2016-05-25 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2016-05-25 10:20 - 2016-05-25 11:48 - 00000000 ____D C:\Users\Jula\Desktop\WISO steuer-Start 2016 (PC Download)

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-17 14:16 - 2012-03-31 06:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 14:12 - 2015-02-05 14:08 - 00000000 ____D C:\Program Files\Glary Utilities 5
2016-06-17 14:12 - 2011-04-27 11:44 - 00000000 ___RD C:\Users\Jula\Dropbox
2016-06-17 14:11 - 2015-06-15 11:32 - 00001194 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-06-17 14:11 - 2011-04-01 14:55 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 14:11 - 2011-03-21 15:54 - 00116912 _____ C:\Users\Jula\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-17 14:10 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-17 14:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-06-17 14:09 - 2009-07-14 06:33 - 00453552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-16 04:06 - 2013-10-07 11:04 - 00000000 ____D C:\Program Files\OpenOffice 4
2016-06-16 04:05 - 2014-10-14 11:51 - 00000000 ____D C:\Program Files\WISO
2016-06-16 04:04 - 2014-10-14 11:52 - 00000769 _____ C:\Windows\wiso.ini
2016-06-16 04:04 - 2011-03-17 18:03 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-16 03:49 - 2009-07-14 06:34 - 00025424 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-16 03:49 - 2009-07-14 06:34 - 00025424 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-16 03:38 - 2015-04-18 03:43 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-16 03:26 - 2015-06-15 11:32 - 00001198 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-06-16 03:22 - 2015-01-30 15:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-16 03:21 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2016-06-16 03:15 - 2013-07-21 17:13 - 00000000 ____D C:\Windows\system32\MRT
2016-06-16 03:09 - 2011-03-28 08:09 - 139785240 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-15 23:37 - 2011-03-17 18:04 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-15 23:37 - 2009-07-14 10:47 - 00703192 _____ C:\Windows\system32\perfh007.dat
2016-06-15 23:37 - 2009-07-14 10:47 - 00150800 _____ C:\Windows\system32\perfc007.dat
2016-06-15 22:03 - 2012-03-20 10:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-15 21:41 - 2011-03-17 18:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-15 17:22 - 2011-11-17 10:10 - 00000000 ____D C:\Users\Jula\Desktop\Sec
2016-06-15 14:39 - 2015-05-16 15:20 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-06-15 14:38 - 2014-06-16 13:11 - 00000133 _____ C:\Windows\wininit.ini
2016-06-15 14:38 - 2011-08-03 10:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-15 14:27 - 2014-02-12 13:01 - 00000000 ____D C:\Users\Jula\Documents\Citavi 4
2016-06-15 13:50 - 2011-10-08 17:24 - 00000000 ____D C:\Users\Jula\AppData\Local\ElevatedDiagnostics
2016-06-15 13:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2016-06-13 23:02 - 2014-09-19 15:10 - 00000000 ____D C:\Users\Jula\.freemind
2016-06-13 16:48 - 2011-11-17 10:11 - 00000000 ____D C:\Users\Jula\Desktop\Grafik
2016-06-13 12:55 - 2012-10-17 13:48 - 00000000 ____D C:\Users\Jula\AppData\Roaming\Swiss Academic Software
2016-06-13 12:28 - 2011-11-17 10:09 - 00000000 ____D C:\Users\Jula\Desktop\Office
2016-06-13 12:25 - 2012-05-04 17:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-13 12:21 - 2011-03-21 15:01 - 00000000 ____D C:\Users\Jula
2016-06-13 07:02 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-12 22:44 - 2011-10-05 16:50 - 00000000 ____D C:\Windows\Minidump
2016-06-11 12:24 - 2011-09-11 21:27 - 00018432 _____ C:\Users\Jula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-11 11:08 - 2012-10-17 13:40 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2016-06-11 11:07 - 2011-03-21 19:52 - 00000000 ____D C:\Users\Jula\AppData\Local\Downloaded Installations
2016-06-10 12:56 - 2011-04-27 11:41 - 00000000 ____D C:\Users\Jula\AppData\Roaming\Dropbox
2016-06-10 12:54 - 2015-06-15 11:32 - 00000000 ____D C:\Users\Jula\AppData\Local\Dropbox
2016-06-07 20:05 - 2015-02-05 14:08 - 00001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-06-07 19:53 - 2015-06-15 11:32 - 00000000 ____D C:\Program Files\Dropbox
2016-06-03 07:12 - 2012-06-13 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-30 20:35 - 2015-04-18 03:43 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-25 12:16 - 2015-03-16 22:57 - 00000000 ____D C:\Users\Jula\Documents\steuer
2016-05-25 11:53 - 2014-10-14 11:52 - 00000000 ____D C:\Users\Jula\AppData\Local\Buhl
2016-05-25 10:20 - 2015-03-16 22:07 - 00000000 ____D C:\Users\Jula\Documents\Amazon Downloader Logs
2016-05-20 08:20 - 2012-03-31 06:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-20 08:20 - 2011-05-16 21:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-07-26 11:45 - 2012-07-26 11:47 - 22657136 _____ () C:\Program Files\vlc-2.0.2-win32.exe
2011-03-21 18:27 - 2015-07-03 15:28 - 0003832 _____ () C:\Users\Jula\AppData\Roaming\Notepad2.ini
2011-09-11 21:27 - 2016-06-11 12:24 - 0018432 _____ () C:\Users\Jula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-19 21:25 - 2012-03-19 21:25 - 0000017 _____ () C:\Users\Jula\AppData\Local\resmon.resmoncfg
2011-12-23 23:51 - 2011-12-23 23:51 - 0000000 _____ () C:\Users\Jula\AppData\Local\{35FB1B8E-6DE5-4331-9DCB-239F15B00CC9}
2003-10-06 10:21 - 2003-10-06 10:21 - 0000000 ____H () C:\ProgramData\sdpsenv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\sdpsenv.dat


Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\1ebfc55a-2a43-4571-9d31-5769191b220e.dll
C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5e4j0j.dll
C:\Users\Administrator\AppData\Local\Temp\ea40bec2-cc6b-4f56-93da-7e25d313985b.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-07 21:48

==================== Ende vom FRST.txt ============================

und der Addition-log

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:16-06-2016 01
durchgeführt von Jula (2016-06-17 14:17:52)
Gestartet von C:\Users\Jula\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-03-21 13:01:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3618091561-1007512581-756703090-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3618091561-1007512581-756703090-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3618091561-1007512581-756703090-1002 - Limited - Enabled)
Jula (S-1-5-21-3618091561-1007512581-756703090-1000 - Administrator - Enabled) => C:\Users\Jula

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
AuthenTec Fingerprint Software (Version: 8.4.4.39 - AuthenTec, Inc.) Hidden
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{9B34CC4C-E7FF-4AC8-B771-1D09612D6430}) (Version: 15.0.8.5 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Citavi 4 (HKLM\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Citavi 5  (HKLM\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.3.1.0 - Swiss Academic Software)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
Dell Command | Update (HKLM\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.2.00003.008 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.39 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.39 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.40.28 - Creative Technology Ltd)
DellAccess (Version: 01.00.00.149 - Wave Systems Corp.) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.41.1 - Dropbox, Inc.) Hidden
EMBASSY Client Core (Version: 01.00.00.055 - Wave Systems Corp.) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Gemalto (Version: 01.01.01.0000 - Wave Systems Corp) Hidden
Glary Utilities 5.52 (HKLM\...\Glary Utilities 5) (Version: 5.52.0.73 - Glarysoft Ltd)
Google Drive (HKLM\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM\...\{556DF27F-5B74-11D5-B876-004005E12EF1}) (Version: 9.5.6.0 - GPSoftware)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
jv16 PowerTools 1.3 (HKLM\...\jv16 PowerTools_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ICE (HKLM\...\{D92A40F4-7BDD-4FAB-922F-E8D6B469AD48}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 en-US) (HKLM\...\Mozilla Thunderbird 45.1.1 (x86 en-US)) (Version: 45.1.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
NTRU TCG Software Stack (Version: 2.1.37 - Security Innovation, Inc.) Hidden
O2Micro OZ776 SCR Driver (Version: 1.1.4.213 - O2Micro) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507B}) (Version: 4.0.9 - dotPDN LLC)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
Preboot Manager (Version: 03.02.00.119 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.00.00.059 - Wave Systems Corp.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
SharePoint Client Components (HKLM\...\{95150004-1163-0409-0000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
SPBA 5.9 (Version: 5.9.4.6901 - UPEK Inc.) Hidden
Startup Manager 2.4.2 (HKLM\...\Startup_Manager_is1) (Version: 2.4.2 - Glenn Van Loon)
Trusted Drive Manager (Version: 4.5.0.136 - Wave Systems Corp.) Hidden
UnzipThemAll 1.3 (HKLM\...\UnzipThemAll_is1) (Version:  - Hervé Thouzard)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{FD1F398D-BD56-43E6-8E58-707857AC9A8C}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{BD10518F-3463-429E-8761-0AEDCEEA6297}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Wave Infrastructure Installer (Version: 07.03.60.0020 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.12.00.068 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (12/23/2011 8.4.4.25) (HKLM\...\B04E2F50E30B1E11964CD418CDF70A03C76B3051) (Version: 12/23/2011 8.4.4.25 - AuthenTec Inc.)
Windows-Treiberpaket - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WinRAR 5.31 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM\...\{250324BF-F5D6-4594-A4E9-825929514F77}) (Version: 23.00.1146 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3618091561-1007512581-756703090-1000_Classes\CLSID\{FAE7A96A-56C3-4ABF-A6C2-D5D78089A7D8}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02926AD5-9223-4C12-B0E4-54145D466D84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {12828A33-9768-4BE8-B9AD-BDFF1202255D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {1B03EA8B-30FA-4BAA-9C64-CE762031D357} - System32\Tasks\{6A7FE66C-941E-4722-B7B8-6D248E5138AB} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {1F0BF830-CB7B-44ED-B32C-D44EA5E783E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {22011BA1-F3D3-4E3D-BFE8-57568E497734} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {2943C3A9-0510-4B11-A1FF-59FDEC8EDBDD} - System32\Tasks\{9544A3F6-6217-48F0-B4A7-BD1BB9736712} => pcalua.exe -a "D:\10 PC\00 Downloads\irfanview_plugins_433_setup.exe" -d "D:\10 PC\00 Downloads"
Task: {312515B8-EC1F-499F-B3E7-26D652945F8E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3699788E-F2DF-45D3-8978-1A1CB7ECA956} - System32\Tasks\Dell\Command Update => C:\Program Files\Dell\CommandUpdate\DellCommandUpdate.exe [2014-05-05] (Dell Inc.)
Task: {447A8575-2067-442B-A542-08FF29EC47C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {56D976D4-320C-42DC-9BD7-0949B92B7135} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-09] (Dropbox, Inc.)
Task: {595D753D-F5A8-4D14-BEF4-ED889FEE06D0} - System32\Tasks\{5888484E-F97A-4428-A886-1B070A6E0FCA} => pcalua.exe -a "D:\10 PC\00 Downloads\iview441_setup.exe" -d "D:\10 PC\00 Downloads"
Task: {7EF71EEB-6839-49B8-9BDD-74F1158BB440} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {81FBACEB-202A-47A8-8154-0624BD7B2876} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2016-05-30] (Glarysoft Ltd)
Task: {C0E7C24A-DD35-4B08-BE54-36D2822598FE} - System32\Tasks\{30C48FDE-36E0-4BAA-BDC1-F023D7B95E3B} => pcalua.exe -a "C:\Program Files\Microsoft Security Client\Setup.exe" -c /x
Task: {C449C243-7984-48C5-AC6B-F9FAE93BCD24} - System32\Tasks\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => pcalua.exe -a C:\Users\Jula\AppData\Local\Temp\dtemp-b5ffe2010843894-60.dop\Setup.exe -d C:\Users\Jula\AppData\Local\Temp\dtemp-b5ffe2010843894-60.dop
Task: {E051C26E-DA32-4628-940B-517CB022B311} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {EBD84048-0E6D-4C01-A857-77584200732B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-01-09] (Dropbox, Inc.)
Task: {EE49064F-8EF5-44DA-9061-FC2EA0B70838} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-05-22] (PC-Doctor, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-14 20:42 - 2009-08-13 12:02 - 00147968 ____N () C:\Windows\system32\spool\PRTPROCS\W32X86\lxdndrpp.dll
2012-01-17 10:37 - 2012-01-17 10:37 - 00179592 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-01-17 10:36 - 2012-01-17 10:36 - 00030600 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2011-10-08 22:57 - 2011-10-08 22:57 - 00003072 _____ () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2011-11-07 06:24 - 2011-11-07 06:24 - 00084992 ____N () C:\Windows\system32\Wavx_ESC_Logging.dll
2011-10-03 10:40 - 2011-06-10 17:36 - 00094208 ____N () C:\Windows\System32\IccLibDll.dll
2016-06-07 19:53 - 2016-05-05 12:09 - 00034768 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2016-06-07 19:53 - 2016-05-05 12:09 - 00093640 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2015-12-11 23:51 - 2016-05-05 12:09 - 00018376 _____ () C:\Program Files\Dropbox\Client\select.pyd
2015-12-11 23:51 - 2016-05-31 20:34 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2015-12-11 23:51 - 2016-05-31 20:34 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 23:51 - 2016-05-05 12:09 - 00692688 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00021840 _____ () C:\Program Files\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00021832 _____ () C:\Program Files\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00023872 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00134088 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2016-06-07 19:53 - 2016-05-31 20:33 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-07 19:53 - 2016-05-05 12:09 - 00134608 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd
2016-06-07 19:53 - 2016-05-05 12:10 - 00240584 _____ () C:\Program Files\Dropbox\Client\jpegtran.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-07 19:53 - 2016-05-05 12:11 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-06-07 19:53 - 2016-05-05 12:12 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2016-06-07 19:53 - 2016-05-31 20:34 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-06-07 19:53 - 2016-05-31 20:34 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 23:51 - 2016-05-05 12:10 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 03928880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 01971504 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00223544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 23:51 - 2016-05-05 12:11 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00024904 _____ () C:\Program Files\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-06-07 19:53 - 2016-05-31 20:34 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-05-30 03:17 - 2016-05-30 03:17 - 00086992 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2016-05-14 21:59 - 2016-05-14 21:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-04-04 09:01 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7905 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7905 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-03-14 13:00 - 2016-06-12 23:57 - 00452939 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	activate.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

Da befinden sich 15536 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^Jula^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jula^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: 1&1_1&1 Office-Drive Manager => "C:\Program Files\1&1\1&1 Office-Drive Manager\DAVSRV.EXE" /hide
MSCONFIG\startupreg: CLCL => C:\00 zip\01 System\Clipboard Tools\clcl112_eng\CLCL.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => 
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: NokiaSuite.exe => 
MSCONFIG\startupreg: PDVD9LanguageShortcut => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => 
MSCONFIG\startupreg: SpybotSD TeaTimer => 
MSCONFIG\startupreg: TdmNotify => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{BE4FE66A-F847-47FA-BCBE-ACDEB9D51D1B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{85438921-8C31-4B7C-AA07-586C69265385}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{4823346F-F46B-40DD-B9A5-73B32404D705}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{97250298-6F14-4AFE-993C-9B8A813EF64A}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{D15D3157-F9D0-4BFC-99CB-B66ABB5BD65A}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{3F53ABAC-0DBE-419B-A658-1F31FA7E24DD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpswx.exe
FirewallRules: [{83691A3B-2C89-47A5-97F2-FFE9002C1C83}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnpswx.exe
FirewallRules: [{E71FBEA3-2D9F-41D6-9D02-0AE6A46E9A58}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntime.exe
FirewallRules: [{DFA5337D-13C5-4DEA-AE05-FDD2EA419FB9}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdntime.exe
FirewallRules: [{BA3AF271-7C7F-4312-BD28-9FD187975277}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjswx.exe
FirewallRules: [{C01299FC-190A-45D7-B226-F2FF5FA31CE2}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\lxdnjswx.exe
FirewallRules: [{6799B307-68F7-4B5D-920E-0E3EAB51B0D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E88DB4AF-E591-43D0-A37F-9806F72905E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D40813E-BE61-48D4-B97E-D05109413D81}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{278F9E6E-5DC7-4FC6-8845-CA422D00675A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A5E7A480-371E-421D-AC8E-1AB7ABE14A37}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{635CF3F0-9F4D-434B-A8E3-8C3E7997FECB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{33B2C3D7-85F0-4843-ADAE-DB98FA56D6E4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C03FDC54-C031-4902-9DCB-85A6CB8D7A43}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7E910CB0-6CAE-4A7F-AC26-435E70A482DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{91178EEA-D64D-4721-B51F-99DF8EAC41F7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{8078720F-3CEA-4E87-B277-25F086E50CB7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AC2386D4-27AE-453F-A06B-F99E1A8BAFF6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6D557123-9575-4C02-B1E4-5A6010EE0744}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{B0A23B4C-B420-4024-8845-30CC0156C597}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{20A61E24-4D09-4247-9E37-DAAA9BA695E8}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{E42EB705-3071-4B4C-8AF0-5B7103832477}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{0EFAA020-F561-463C-A7AE-BE7C4CF141B7}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{4594F606-E5A7-4B36-93E2-D06A56D788EA}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [TCP Query User{B0D20A8B-0209-4CC4-B469-5E5F75B81919}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{DCC640A1-D6EB-4553-B76C-F737F071C7D4}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{576288FE-5290-4522-A24E-F968EB101758}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [UDP Query User{22E9A87F-D1D2-448F-87E4-640213D6B144}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [TCP Query User{7E722016-E52D-4F32-917C-A78BAE4862D0}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{37DF9715-FF6A-43FB-816E-9E951BEA5CC3}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{85728648-DEF8-45C4-8417-D2A3FA86B819}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{70EABD40-FC80-4BE7-80C6-5EFA4BA9A2E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3AE1D7CB-8EFA-4A5A-BD00-C7C54D1CBD2E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/17/2016 02:10:37 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (06/17/2016 02:10:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2684) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00048.log.


Systemfehler:
=============
Error: (06/17/2016 02:12:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/17/2016 02:11:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/17/2016 02:11:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/17/2016 02:11:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/17/2016 02:11:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/17/2016 02:11:43 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/17/2016 02:11:43 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/17/2016 02:11:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/17/2016 02:11:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/17/2016 02:11:34 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 3509.85 MB
Verfügbarer physikalischer RAM: 1506.67 MB
Summe virtueller Speicher: 7018.03 MB
Verfügbarer virtueller Speicher: 5043.38 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:74.15 GB) (Free:7.76 GB) NTFS
Drive d: () (Fixed) (Total:157.96 GB) (Free:50.13 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: C648A420)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=158 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=74.2 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Danke für deine Geduld und Hilfe, Jürgen!

deeprybka · 17.06.2016, 21:21

Hi,

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter


CloseProcesses:
C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip
D:\10 PC\00 Downloads\dffsetup-qtcore4.exe
D:\10 PC\00 Downloads\FreeMind - CHIP-Installer.exe
D:\10 PC\00 Downloads\Perfect Effects Free - CHIP-Installer.exe
Task: {22011BA1-F3D3-4E3D-BFE8-57568E497734} - \AutoKMS -> Keine Datei 
Task: {C449C243-7984-48C5-AC6B-F9FAE93BCD24} - System32\Tasks\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => 
AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => 
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
C:\ProgramData\sdpsenv.dat
EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Entfernen-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Bitte die alte Java-Version deinstallieren und bei Bedarf mit der aktuellen ersetzen.

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Julemule2000 · 19.06.2016, 17:48

Hallo Jürgen,

Hier der fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 19-06-2016
durchgeführt von Jula (2016-06-19 18:42:16) Run:1
Gestartet von C:\Users\Jula\Desktop
Geladene Profile: Jula (Verfügbare Profile: Jula & Administrator)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
CloseProcesses:
C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip
D:\10 PC\00 Downloads\dffsetup-qtcore4.exe
D:\10 PC\00 Downloads\FreeMind - CHIP-Installer.exe
D:\10 PC\00 Downloads\Perfect Effects Free - CHIP-Installer.exe
Task: {22011BA1-F3D3-4E3D-BFE8-57568E497734} - \AutoKMS -> Keine Datei 
Task: {C449C243-7984-48C5-AC6B-F9FAE93BCD24} - System32\Tasks\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => 
AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => 
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
Toolbar: HKU\S-1-5-21-3618091561-1007512581-756703090-1000 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
C:\ProgramData\sdpsenv.dat
EmptyTemp:
         
*****************

Prozess erfolgreich geschlossen.
"C:\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip" => nicht gefunden.
"D:\10 PC\00 Downloads\dffsetup-qtcore4.exe" => nicht gefunden.
"D:\10 PC\00 Downloads\FreeMind - CHIP-Installer.exe" => nicht gefunden.
"D:\10 PC\00 Downloads\Perfect Effects Free - CHIP-Installer.exe" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{22011BA1-F3D3-4E3D-BFE8-57568E497734}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22011BA1-F3D3-4E3D-BFE8-57568E497734}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C449C243-7984-48C5-AC6B-F9FAE93BCD24}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C449C243-7984-48C5-AC6B-F9FAE93BCD24}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{55695869-7557-46E1-A6BB-14D38DFBE2D9} => => Schlüssel nicht gefunden. 
C:\ProgramData\sdpsenv.dat => ":naughtypirates" ADS erfolgreich entfernt.
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Wert erfolgreich entfernt
HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Schlüssel nicht gefunden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-3618091561-1007512581-756703090-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Wert erfolgreich entfernt
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Schlüssel nicht gefunden. 
C:\ProgramData\sdpsenv.dat => erfolgreich verschoben

=========== EmptyTemp: ==========
BITS transfer queue => 8388608 bytes
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4659291 bytes
Java, Flash, Steam htmlcache => 1794 bytes
Windows/system/drivers => 560942 bytes
Edge => 0 bytes
Chrome => 0 bytes
Firefox => 438734854 bytes
Opera => 0 bytes

Temp, IE cache, history, cookies, recent:
Default => 66228 bytes
Public => 0 bytes
ProgramData => 0 bytes
systemprofile => 21174263 bytes
LocalService => 132244 bytes
NetworkService => 16111976 bytes
Jula => 4202112 bytes
Administrator => 2175870 bytes

RecycleBin => 0 bytes
EmptyTemp: => 473.2 MB temporäre Dateien entfernt.
================================


Das System musste neu gestartet werden.

==== Ende vom Fixlog 18:42:27 ====

Vielen, vielen Dank für Deine Hilfe! Toll, dass es euch gibt!
Ich werde gleich auch noch eine Spende da lassen!

deeprybka · 19.06.2016, 20:28

Zitat:

Zitat von Julemule2000

Ich werde gleich auch noch eine Spende da lassen!

Da freut sich das Team! Danke! Alles Gute für Dich!

Windows 7: Mailanhang als zip-Datei abgelegt, aber nicht geöffnet. Nicht sicher ob alles entfernt

Log-Analyse und Auswertung: Windows 7: Mailanhang als zip-Datei abgelegt, aber nicht geöffnet. Nicht sicher ob alles entfernt