Windows 7- in Firefox wird ständig auf Werbung umgeleitet (wahrscheinlich Onclickads)

Chascona · 18.09.2016, 21:14

Hallo zusammen,
ich hab mir heute blöderweise mit einem Download etwas eingefangen, ich vermute stark es ist dieser Onlickads-Virus. Wenn ich Firefox öffne kommen immer unterschidliche Werbeseiten und es öffnen sich ständig Tabs mit Werbung.
Ich hab schon AVG drüberlaufen lassen und auch 4 Bedrohungen in local/temp entfernt. Firefox bereinigt hab ich auch schon, leider ohne Erfolg.
Hier die Logs von FRST als Anhänge, ich bedanke mich jetzt schon mal für die Hilfe

cosinus · 19.09.2016, 09:59

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Chascona · 19.09.2016, 10:17

Tut mir leid, in der Anleitung stand wenn die Logs zu lang sind soll man sie als Anhang posten. Aber dann hier nochmal:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von *** (Administrator) auf *** (18-09-2016 16:55:05)
Gestartet von C:\Users\***\Downloads
Geladene Profile: UpdatusUser & *** (Verfügbare Profile: UpdatusUser & ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Akamai Technologies, Inc.) C:\Users\***\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Akamai Technologies, Inc.) C:\Users\***\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [147640136 2016-08-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-09-05] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-09-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\***\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1 --CMPID 0913b
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Akamai NetSession Interface] => C:\Users\***\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\MountPoints2: {5521ab6d-f41d-11e1-9be9-3085a96fdc74} - D:\Startme.exe
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll => Keine Datei
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32:  ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-02]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-09-10]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-2178124953-3779141132-2557792711-1002] => hxxp://non-block.net/wpad.dat?7397345600c0219c2c949a4594fe9cd416704074
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0640E2EC-2466-4311-9D01-D256422A0729}: [NameServer] 134.60.1.111,134.60.111.111
Tcpip\..\Interfaces\{E5ED9224-381B-4776-8BC5-609552969989}: [DhcpNameServer] 192.168.2.1
ManualProxies: 0hxxp://non-block.net/wpad.dat?7397345600c0219c2c949a4594fe9cd416704074

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.pu-results.info/?pid=724&r=2013/05/01&hid=3368781133&lg=EN&cc=DE
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=hp&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119292&tt=190313_wctrl&babsrc=HP_ss&mntrId=4EF716E54302D110
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=17811293&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll [2016-09-05] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\cab13316.default-1474223712958
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.5\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-01] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2178124953-3779141132-2557792711-1002: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2012-02-05] ( )
FF Plugin HKU\S-1-5-21-2178124953-3779141132-2557792711-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-17] (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-09-01] (Apple Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\cab13316.default-1474223712958\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-18]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha745.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ff
FF Extension: (Webexp Enhanced) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ff [2013-12-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta348.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta348\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha949.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha949\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1119.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1119\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha642.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha642\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5808.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5808\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home850.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home850\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6112.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6112\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-02] [ist nicht signiert]
FF HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension => nicht gefunden
FF HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1297790416.js [2016-09-18] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1297790416.cfg [2016-09-18] <==== ACHTUNG

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [cecmgbinjoobhdcemjainnldpifmephe] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home850\ch\MediaWatchV1home850.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eogknionnbfbhbmlmodcmnpmeoghajdb] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ch\WebexpEnhancedV1alpha745.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [flpfhcollobbbccihmhckbemhldhjahn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5808\ch\MediaViewV1alpha5808.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fnanpabeckkllicbdbjiiopdcbfoclbj] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta348\ch\VideoPlayerV3beta348.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jjjhcgoigcoeofffojopolmjdpchebgg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1119\ch\MediaViewerV1alpha1119.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lfhjhidedpkgkfmapgjabjbkoipcgpca] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6112\ch\MediaBuzzV1mode6112.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [ohjfdacipgdkchcfeknpoogfjdmhihgj] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha642\ch\MediaViewV1alpha642.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-02] ()
R2 vToolbarUpdater40.3.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe [1349704 2016-09-05] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-05] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 SystemStoreService; "C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe"  -displayname "System Store Service" -servicename:SystemStoreService [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-01-04] () [Datei ist nicht signiert]
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
S3 arcvad_ds2dhw; C:\Windows\System32\drivers\ArcVad.sys [27136 2008-10-28] (ArcSoft, Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-05-29] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
S1 nnqsrorm; \??\C:\Windows\system32\drivers\nnqsrorm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 16:55 - 2016-09-18 16:56 - 00038390 _____ C:\Users\***\Downloads\FRST.txt
2016-09-18 16:54 - 2016-09-18 16:55 - 00000000 ____D C:\FRST
2016-09-18 16:54 - 2016-09-18 16:54 - 02399232 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2016-09-18 15:35 - 2016-09-18 15:35 - 00000000 ____D C:\Users\***\Desktop\Alte Firefox-Daten
2016-09-18 08:22 - 2016-09-18 16:33 - 00000000 ____D C:\Users\***\Documents\Assassin's Creed III
2016-09-18 07:54 - 2016-09-18 07:54 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-15 15:26 - 2016-09-15 15:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-07 14:43 - 2016-09-07 14:43 - 00461804 _____ C:\Users\***\Downloads\Mitarbeiterfragebogen Studenten_Vorlage.pdf
2016-09-04 06:59 - 2016-09-04 14:25 - 00000000 ____D C:\Users\***\Documents\The Lord of the Rings Online
2016-08-25 07:22 - 2016-09-18 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-08-22 14:53 - 2016-08-25 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 16:49 - 2009-07-14 01:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-18 16:49 - 2009-07-14 01:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-18 16:43 - 2012-10-03 10:15 - 00000000 ___RD C:\Users\***\Dropbox
2016-09-18 16:39 - 2012-10-03 08:12 - 00000000 ____D C:\ProgramData\MFAData
2016-09-18 16:38 - 2012-08-28 06:48 - 00000380 _____ C:\Users\***\AppData\Roaming\sp_data.sys
2016-09-18 16:37 - 2013-03-30 11:31 - 00000384 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-09-18 16:37 - 2012-10-06 12:43 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-18 16:37 - 2012-08-28 15:16 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-09-18 16:37 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 16:34 - 2016-07-13 13:39 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-09-18 16:34 - 2015-09-09 15:10 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-09-18 16:33 - 2015-11-23 06:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-09-18 16:33 - 2015-01-02 15:54 - 00000000 ____D C:\Users\***\AppData\Local\Akamai
2016-09-18 16:33 - 2014-03-31 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-09-18 16:33 - 2012-10-03 10:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2016-09-18 16:33 - 2012-09-01 08:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2016-09-18 16:33 - 2012-08-28 15:14 - 00000000 ____D C:\Users\UpdatusUser
2016-09-18 16:33 - 2012-08-28 06:48 - 00000000 ____D C:\Users\***
2016-09-18 16:33 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-09-18 16:32 - 2012-08-30 05:52 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-18 16:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-09-18 16:26 - 2015-06-17 22:16 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA.job
2016-09-18 16:15 - 2012-10-06 12:43 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-18 16:15 - 2012-08-30 05:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 13:39 - 2012-08-28 10:43 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9D72B3FC-D3C0-4804-BB84-36B0EEFB0F6E}
2016-09-18 12:02 - 2012-08-28 15:16 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-09-18 07:57 - 2013-08-27 07:07 - 00001310 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 15:35 - 00001254 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 15:35 - 00001254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 06:50 - 00001521 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 07:38 - 2011-02-19 01:24 - 00711204 _____ C:\Windows\system32\perfh007.dat
2016-09-18 07:38 - 2011-02-19 01:24 - 00155244 _____ C:\Windows\system32\perfc007.dat
2016-09-18 07:38 - 2009-07-14 02:13 - 01653366 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-17 17:26 - 2015-06-17 22:16 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core.job
2016-09-17 14:17 - 2016-04-19 13:28 - 00000000 ____D C:\Users\***\Desktop\Spiele
2016-09-17 12:38 - 2012-09-01 08:23 - 00000000 ____D C:\Users\***\AppData\Roaming\IMVUClient
2016-09-15 15:28 - 2014-12-24 16:43 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 15:53 - 2015-11-23 06:01 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-14 15:15 - 2012-08-30 05:52 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 15:15 - 2012-08-30 05:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 15:15 - 2012-08-30 05:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 15:15 - 2012-02-23 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-06 14:55 - 2012-08-28 15:21 - 00002176 _____ C:\Windows\system32\ServiceFilter.ini
2016-09-05 14:41 - 2015-09-09 15:10 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-09-04 14:21 - 2012-10-13 14:30 - 00000000 ____D C:\Users\***\AppData\Local\The Lord of the Rings Online
2016-09-04 09:19 - 2012-10-13 08:13 - 00000000 ____D C:\Users\***\AppData\Local\Turbine
2016-09-02 09:54 - 2009-07-14 02:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-26 04:27 - 2012-08-28 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-23 12:07 - 2016-04-27 16:49 - 00000000 ____D C:\Users\***\.matplotlib
2016-08-23 12:07 - 2016-04-27 16:48 - 00000000 ____D C:\Users\***\AppData\Roaming\psychopy2
2016-08-22 18:04 - 2015-03-08 16:44 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2016-08-22 17:52 - 2015-03-08 16:43 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2016-08-21 13:59 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-28 10:50 - 2012-05-24 10:39 - 145138568 _____ (Gameforge) C:\Program Files\setup_20120224.exe
2012-08-28 06:48 - 2016-09-18 16:38 - 0000380 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2012-10-13 12:05 - 2012-10-13 12:05 - 0000100 _____ () C:\Users\***\AppData\Local\fusioncache.dat
2013-10-17 11:40 - 2013-10-17 11:40 - 0006485 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2013-02-03 17:28 - 2013-03-18 13:24 - 1426411 ____N () C:\Users\***\AppData\Local\Tempmusic.ogg
2015-09-15 15:16 - 2015-09-15 15:17 - 0014681 _____ () C:\Users\***\AppData\Local\WiDiSetupLog.20150915.151633.wdl
2015-09-15 15:17 - 2015-09-15 15:18 - 0015521 _____ () C:\Users\***\AppData\Local\WiDiSetupLog.20150915.151745.wdl
2016-06-16 05:07 - 2016-06-16 05:07 - 0000000 _____ () C:\Users\***\AppData\Local\{02BA97A4-DAED-4540-962F-7897B89AC761}
2016-02-11 10:20 - 2016-02-11 10:21 - 0000000 _____ () C:\Users\***\AppData\Local\{C706C704-E004-4598-B937-684CC944C207}
2012-02-23 23:42 - 2010-10-06 14:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-05-02 15:52 - 2014-05-02 16:09 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2012-08-28 15:25 - 2012-08-28 15:26 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-08-28 15:25 - 2012-08-28 15:25 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-08-28 15:24 - 2012-08-28 15:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\89a0-6bda-5211-6982.exe
C:\Users\***\AppData\Local\Temp\add3-7a50-91d8-291a.exe
C:\Users\***\AppData\Local\Temp\appshat-distribution.exe
C:\Users\***\AppData\Local\Temp\AskSLib.dll
C:\Users\***\AppData\Local\Temp\AutoRun.exe
C:\Users\***\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\***\AppData\Local\Temp\avguirn_081362791782.exe
C:\Users\***\AppData\Local\Temp\avguirn_081433937816.exe
C:\Users\***\AppData\Local\Temp\avguirn_081650247354.exe
C:\Users\***\AppData\Local\Temp\avguirn_081697158606.exe
C:\Users\***\AppData\Local\Temp\avguirn_081904975666.exe
C:\Users\***\AppData\Local\Temp\avguirn_082029758042.exe
C:\Users\***\AppData\Local\Temp\avguirn_082091331221.exe
C:\Users\***\AppData\Local\Temp\avguirn_08331652933.exe
C:\Users\***\AppData\Local\Temp\avguirn_0863491659.exe
C:\Users\***\AppData\Local\Temp\avguirn_08687370215.exe
C:\Users\***\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\***\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\***\AppData\Local\Temp\conduitinstaller.exe
C:\Users\***\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2snv7j.dll
C:\Users\***\AppData\Local\Temp\eauninstall.exe
C:\Users\***\AppData\Local\Temp\ffmpeg151.exe
C:\Users\***\AppData\Local\Temp\FixMyRegistry_20120821.exe
C:\Users\***\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\***\AppData\Local\Temp\guninst.exe
C:\Users\***\AppData\Local\Temp\HC2Set64Pvt.exe
C:\Users\***\AppData\Local\Temp\htmlayout.dll
C:\Users\***\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\***\AppData\Local\Temp\mism.exe
C:\Users\***\AppData\Local\Temp\MSETUP4.EXE
C:\Users\***\AppData\Local\Temp\SIntf16.dll
C:\Users\***\AppData\Local\Temp\SIntf32.dll
C:\Users\***\AppData\Local\Temp\SIntfNT.dll
C:\Users\***\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\***\AppData\Local\Temp\The Battle for Middle-earth_uninst.exe
C:\Users\***\AppData\Local\Temp\Tsu82829D51.dll
C:\Users\***\AppData\Local\Temp\TsuB2471A27.dll
C:\Users\***\AppData\Local\Temp\TubeBoxSetup.exe
C:\Users\***\AppData\Local\Temp\ubi79B9.tmp.exe
C:\Users\***\AppData\Local\Temp\ubiF0D1.tmp.exe
C:\Users\***\AppData\Local\Temp\uninst1.exe
C:\Users\***\AppData\Local\Temp\uninstall27050822.exe
C:\Users\***\AppData\Local\Temp\uninstall27429265.exe
C:\Users\***\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\***\AppData\Local\Temp\wajam_download.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-10 10:24

==================== Ende von FRST.txt ============================

Chascona · 19.09.2016, 10:18

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von *** (18-09-2016 16:57:14)
Gestartet von C:\Users\***\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-28 09:48:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2178124953-3779141132-2557792711-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2178124953-3779141132-2557792711-1005 - Limited - Enabled)
Gast (S-1-5-21-2178124953-3779141132-2557792711-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2178124953-3779141132-2557792711-1003 - Limited - Enabled)
*** (S-1-5-21-2178124953-3779141132-2557792711-1002 - Administrator - Enabled) => C:\Users\***
UpdatusUser (S-1-5-21-2178124953-3779141132-2557792711-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Assassin's Creed (R) III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS K45_K75_K95_Screensaver (HKLM-x32\...\ASUS K45_K75_K95_Screensaver) (Version: 1.0.0001 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
AVG (HKLM\...\AvgZen) (Version: 1.91.2.35777 - AVG Technologies)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4656 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
AVG Zen (Version: 1.91.11 - AVG Technologies) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{AB259D81-DE6B-4554-B4A8-DB13D321FBF2}) (Version: 0.9.18 - Kovid Goyal)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der Herr der Ringe Online (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\LOTROde) (Version:  - )
DER HERR DER RINGE: DIE GEFÄHRTEN (HKLM-x32\...\InstallShield_{49C98C60-BAC3-4C92-AF4F-E890FD312D60}) (Version: 1.01.0453 - Ihr Firmenname)
DER HERR DER RINGE: DIE GEFÄHRTEN (x32 Version: 1.01.0453 - Ihr Firmenname) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Dropbox) (Version: 10.4.25 - Dropbox, Inc.)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.1 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Buzz (HKLM-x32\...\MediaBuzzV1mode6112) (Version: 1.1 - Media Buzz) <==== ACHTUNG
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Nero 2014 (HKLM-x32\...\{4EC535F1-AE46-4734-8188-DA549B7B73D2}) (Version: 15.0.10200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
phonostar-Player Version 3.02.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PsychoPy2 1.83.04 (HKLM-x32\...\PsychoPy2) (Version: 1.83.04 - Jon Peirce)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.12 - ASUS)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ACHTUNG
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ACHTUNG
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
Winmira 2001 (HKLM-x32\...\79D6023C-0ECD-4774-8580-8794D9E74982) (Version: 1.45 - Matthias von Davier)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032EF3E5-D61E-42DD-85E3-C6E27C9CFD20} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {07713277-A311-4860-B9F7-469706DC9AD6} - System32\Tasks\{3AFB1DC4-A869-4B6E-9875-332924512BA0} => pcalua.exe -a "C:\Users\***\Desktop\Sony_Ericsson_PCSuite_2.10.46.exe" -d "C:\Users\***\Desktop"
Task: {0FC4671C-CE47-4B2F-BA00-7BF4ED2FEDA0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {1262CBC6-3F3A-4E7E-B7BF-9608E71CF0C7} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {18F8F0EB-4CAA-4E5D-9B3B-02BB8F0B3C07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {19358FA4-497B-452F-9E4E-795E9DFE3223} - System32\Tasks\{D602D7B4-63B1-41D5-84B8-3799CC3F9504} => C:\Program Files (x86)\Jessy\jlauncher.exe
Task: {1B5FE1A4-371D-4C4F-AF08-D746E1010BD2} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {1C211667-C990-4251-91B4-9FCDF0440E5C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {1D526A59-F523-426F-B80F-DAED0171ABB9} - System32\Tasks\{13F490B5-B735-4657-BC09-CE4976F79A5A} => msiexec.exe /package "C:\Users\***\Downloads\anyconnect-win-3.1.14018-pre-deploy-k9(1).msi"
Task: {20EA1966-FA5E-4FC1-A25E-5D9EDDEB7968} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {22156204-3D63-4289-AA5C-EDEA495CF313} - System32\Tasks\{2F49D724-95B9-490B-A102-A91BE8FF98F2} => C:\Users\***\Desktop\AC1\System\AssassinsCreed_Dx10.exe
Task: {23460041-6CF7-4B7B-9B59-CC6480F85FF1} - System32\Tasks\{B5F795F6-72F5-4CD5-AB35-1728AF294BF0} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {266CAF00-CF56-46AD-A1EF-BA393684AD19} - System32\Tasks\{E9562E4C-48B7-4B53-BC69-91BA6E18BFE0} => C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe [2013-09-04] (Maxis, a division of Electronic Arts Inc.)
Task: {291AB392-6221-426C-93B7-3F6638AD5163} - System32\Tasks\AdobeAAMUpdater-1.0-Miriam_Buser-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-05] (Adobe Systems Incorporated)
Task: {2FD07035-9F5F-48C8-93A9-390DA37C39F6} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {31C62121-132F-4975-A9F3-3A942BAF9AE4} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {32A91F84-1BD5-4B27-89A5-4081FEE27049} - System32\Tasks\{E57C7138-8A21-462D-8DB1-B7BFDED996BA} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {33D9842D-F8BB-4464-BD4C-16CB101A7428} - System32\Tasks\{C96102EB-2854-4511-B77D-928EB15E5EC7} => pcalua.exe -a C:\Windows\IsUn0407.exe -c -f"c:\horse_cd\uninst.isu"
Task: {3EB2D58C-B5D3-4EE3-9F2F-50096504CA3F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2178124953-3779141132-2557792711-1002
Task: {4C569606-C7CE-4637-87CA-BD9995E0FEB2} - System32\Tasks\{30381AFE-8451-4A82-91A9-C06C8DF7E1BE} => C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe [2012-11-16] ()
Task: {512AAD39-88B4-45AD-A527-37B60C3E0440} - System32\Tasks\{1011D686-1A5D-4B6C-9FDA-EAB132EA3AC4} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {52695809-E268-4297-9D09-C9BF559D8FA5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {5C8D6EEF-3B3C-4195-8FBC-A97F6BF45D32} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ACHTUNG
Task: {5CD2C1DA-330D-4D0C-A014-AAEC9ED31908} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG
Task: {5D60D040-F49B-4D93-BA40-BC10FF443149} - System32\Tasks\{F1152C10-FDF5-489A-B888-8CF688E6E0F3} => pcalua.exe -a "C:\Users\***\Desktop\AC1\autorun.exe" -d "C:\Users\***\Desktop\AC1"
Task: {62C01249-8F72-4D7C-8AB5-A745D397F6EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {62DC31A7-7977-4080-B61D-7813FF813F85} - System32\Tasks\{D292A8E3-3A03-43BC-B7A2-75D11F5B7B1D} => pcalua.exe -a "C:\Users\***\AppData\Roaming\CyberLink\Power2Go\7.0\Temp\setup.exe" -d "C:\Program Files (x86)\CyberLink\Power2Go" <==== ACHTUNG
Task: {62E543A5-B940-4048-9A05-B08EEA91115F} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {64EBCFEE-5708-4C98-B123-7102E0DB73FA} - System32\Tasks\{7089C6BE-00A2-4441-805D-2E4BC017D228} => pcalua.exe -a "C:\Remote Programs\Fishdom\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=591252;name=Fishdom;dir=C:\Remote Programs\Fishdom\;prvid=147;cmdid=1;prvdir=Default
Task: {687FD55F-F209-43A4-9E4F-C13E1A4A35CA} - System32\Tasks\{1B2C5185-0229-4DD8-82D8-64994F1F7BCE} => C:\Program Files (x86)\Jessy\jlauncher.exe
Task: {6CD2E90E-8A34-46E4-869F-2B1C75407911} - System32\Tasks\{905C97C1-9090-42C1-9CAB-D4B199940FDB} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassin's Creed II\Play AC2.exe" -d "C:\Program Files (x86)\Ubisoft\Assassin's Creed II"
Task: {712144D8-733D-411F-9058-E676006189A2} - System32\Tasks\{B468D450-C064-4DEE-BAC9-5C0D3CDF57D7} => pcalua.exe -a "C:\Users\***\Downloads\desktop.exe" -d "C:\Users\***\Downloads"
Task: {7309A798-9AD5-4E68-AB12-62BD89D9D319} - System32\Tasks\{F4AB91EA-6583-4BBF-BB88-F7D55F53EEA9} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {7818A18F-E0C3-4003-B348-12739573C98A} - System32\Tasks\{D980A92B-AC9C-4421-9F69-0D55EE5A277D} => C:\Program Files (x86)\Sims2\Die.Sims.2.German\Keks\mo-s2crk\Sims2.exe
Task: {7DEE5679-8CAB-4187-A304-F999D3F047E1} - System32\Tasks\{2D67187C-874C-4C9F-8C32-727DAC581A8B} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.10.0.116.259&amp;LastError=12002
Task: {80A58ACC-6CED-44E1-9048-ACE29A84D327} - System32\Tasks\{CCA28903-0553-4944-B535-D054B3A26F78} => C:\Users\***\Desktop\7th Street\7thStreetV11.exe
Task: {81ABD5BF-6C30-4B07-92D2-626E2C7DD17C} - System32\Tasks\{76BE86B2-1139-48C7-B6F8-A1B4AC4FCC6F} => pcalua.exe -a E:\setup.exe -d E:\
Task: {825A2A67-EE7C-4726-9852-5BE2856B4C7E} - System32\Tasks\{7F07EB04-C3F4-44FB-82F5-E3A4A233542B} => pcalua.exe -a "C:\Users\***\Downloads\Setup4.2.29.0.exe" -d "C:\Users\***\Downloads"
Task: {86B5FB09-5B97-47A7-9B40-7F8241C324C1} - System32\Tasks\{5B8A0828-4CE8-46B6-A823-62AD753F1EAB} => C:\Users\***\Desktop\Slender\Hospice\HospiceV13.exe
Task: {8840AE51-8926-413B-836C-5171F0EFC0BE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {8F8DDFAE-330B-4C75-865B-39E6112D516C} - System32\Tasks\{F4E39870-5C3B-4E74-9661-2B2ACA0CE778} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {9096264E-47AF-4F48-B586-F9005224C09C} - System32\Tasks\{DE1223F0-BC2A-40F3-B0AC-013160157F2F} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {94770850-1674-4E84-A283-4E239F7B3BE8} - System32\Tasks\DSite => C:\Users\MIRIAM~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {94C1369C-E529-450E-974C-22315A672088} - System32\Tasks\{198B55EB-24E7-43F3-9070-8D6166099A0F} => C:\Users\***\Desktop\AC1\System\AssassinsCreed_Dx10.exe
Task: {965A29D3-D9C2-43BB-B189-713D17F1ADEE} - System32\Tasks\{464D8793-6B16-4F30-AB0C-1B2A9C8B7A95} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=6c6066e8dc863a77 /um
Task: {9B03FC18-8329-4536-8B47-C468A652ACA5} - System32\Tasks\{D3B3DF14-AFE8-4A19-B215-CCA3167D50EB} => pcalua.exe -a "C:\Users\***\Downloads\assassins_creed_1.02(1).exe" -d "C:\Users\***\Downloads"
Task: {9EC67172-F47C-4D55-A927-E74ED8DB495B} - System32\Tasks\{5E1EE44A-F0D7-41CF-8059-BE2ECB06B817} => pcalua.exe -a "C:\Users\***\Downloads\assassins_creed_1.02.exe" -d "C:\Users\***\Downloads"
Task: {A36A83DB-A70F-4B77-8FE3-989C1CF343D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {A66DB61F-05C9-4C78-8A38-190B3F4D1294} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {AEA1312C-845A-4841-BA72-11EEE5B6D892} - System32\Tasks\{0958883D-F748-4795-8D83-102F37B729A1} => C:\horse_cd\hast.EXE
Task: {AEC9F295-2521-4641-ABF4-5B6B6C50808D} - System32\Tasks\{A41363F0-4CC0-46B1-A2E3-BC22528FF518} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {B5628F7F-34F9-4072-9060-EB24EE6A77B7} - System32\Tasks\{66421C3C-9456-432B-81B0-03029074FE80} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {B59494C0-5F9A-4BD6-83D4-281EFBF39FD3} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {BA80FBA7-4E90-4278-BFF9-2A2FAC630F9E} - System32\Tasks\AmiUpdXp => C:\Users\***\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: {C2B4F143-6A93-417A-A7A8-097DF99F0C69} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {C63FD06D-BDFC-482F-9D86-F8518C83235F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {C827819C-7D7D-49EA-BB2F-9CDED6572AD3} - System32\Tasks\{86FC20AC-83AC-491E-9061-AACD3329C884} => pcalua.exe -a "C:\Users\***\Desktop\AC1\splash\demo32.exe" -d "C:\Users\***\Desktop\AC1\splash"
Task: {C880CA4B-0FD4-444D-A11F-634DDD337CE1} - System32\Tasks\{EB7F82F1-811A-4604-A8B8-50B25FCB0FBC} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\GreatMahjongSpecial\mjongg.exe
Task: {D8C9C53C-C9BA-401D-9D03-835943F093C9} - System32\Tasks\{4A9967ED-3260-4A38-9FBA-CB3B3C771318} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=6c6066e8dc863a77 /um
Task: {DB09678F-C934-4C78-AB85-0A5C34BC4F97} - System32\Tasks\{52255273-215C-46DD-9129-792C5E49D694} => C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\Sims3Launcher.exe [2013-01-30] (Electronic Arts, Inc.)
Task: {DFD9E7D6-E9B6-41A5-894C-660878D3E4AE} - System32\Tasks\{6F1FDFA1-C17A-4280-857C-2B958A40A274} => C:\Users\***\Desktop\Slender\Hospice\HospiceV13.exe
Task: {E4DCB9C2-DEC1-40AB-B0E8-C000F662C039} - System32\Tasks\{990B4FA4-E86A-4359-982B-FF66C07C652B} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {E7039B27-3C6A-4477-9396-BB57899CA246} - System32\Tasks\{2BD6548F-8CCC-4972-B0AB-F561F38ED761} => C:\Users\***\Desktop\7th Street\7thStreetV11.exe
Task: {E7FFE472-7854-476B-96F9-97909924E596} - System32\Tasks\{A040E6CD-4149-4E93-9FDD-19165A5FFE1B} => C:\Program Files (x86)\Sims2\Die.Sims.2.German\Keks\mo-s2crk\Sims2.exe
Task: {E9B1A9D9-C167-4CD9-BD20-45146782E0C5} - System32\Tasks\{A3CDC73E-2990-4171-8E53-0ADF518F807E} => C:\Users\***\Desktop\backup\AssassinsCreed_Game.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\***\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\MIRIAM~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-09 15:10 - 2016-09-05 14:40 - 00980552 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2012-08-28 15:14 - 2013-06-21 07:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-01 05:21 - 2013-07-01 05:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-06-30 20:16 - 2013-06-30 20:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-06-30 20:15 - 2013-06-30 20:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-06-30 20:15 - 2013-06-30 20:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2010-07-14 20:11 - 2010-07-14 20:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-08-28 15:16 - 2012-02-21 01:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-07-01 05:21 - 2013-07-01 05:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-06-23 13:22 - 2014-03-02 10:28 - 00075136 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2012-05-04 06:38 - 2012-02-28 05:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-07-28 20:08 - 2011-07-28 20:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-09-09 15:10 - 2016-09-05 14:40 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-02-29 05:16 - 2016-02-29 05:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-02-21 18:49 - 2012-02-21 18:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-07-20 16:04 - 2013-11-19 17:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-07-11 16:56 - 2016-08-24 01:43 - 00035792 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00145864 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00019408 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00116688 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-11 16:56 - 2016-08-24 01:43 - 00100296 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00018888 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\select.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00019760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00694224 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020816 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00123856 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 01682760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00105928 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00021312 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00052024 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00038696 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00392144 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-09-15 15:26 - 2016-08-24 01:45 - 00020936 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024528 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00116176 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00381752 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00124880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00025424 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024016 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00175560 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00030160 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00043472 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00048592 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00057808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024016 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00246592 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00026456 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00028616 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00144848 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-05 17:30 - 2016-08-24 01:44 - 00241104 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00023376 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00020800 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00019776 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00020800 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00350152 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00022352 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00024392 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-09-15 15:26 - 2016-08-24 01:41 - 00036296 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\librsync.dll
2016-09-15 15:26 - 2016-09-12 10:11 - 00084280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-09-15 15:26 - 2016-09-12 10:11 - 01826096 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00083912 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\sip.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00531248 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 03928880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 01972528 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00133424 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00224056 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00207672 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00020288 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00060880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00024904 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00546096 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00357680 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00042808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00168760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2012-01-31 13:25 - 2012-01-31 13:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2011-07-28 20:09 - 2011-07-28 20:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-11-23 05:58 - 2016-04-15 11:57 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2012-08-28 15:16 - 2012-02-21 01:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2CFBE2D1 [133]
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2 [118]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [118]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119]
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6 [136]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-13 23:34 - 2016-06-16 05:15 - 00001054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       static3.cdn.ubi.com
127.0.0.1       ubisoft-orbit.s3.amazonaws.com
127.0.0.1       onlineconfigservice.ubi.com
127.0.0.1       orbitservice.ubi.com
127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: phonostar-PlayerTimer => "C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: SpeedUpMyComputer.exe => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{56048913-2EE4-4FB6-9B10-B11FD9535645}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A56F99CF-933B-4F79-9B77-D54139039647}] => (Allow) LPort=2869
FirewallRules: [{7200A232-CB9A-4548-89E0-CF072E6C2E3E}] => (Allow) LPort=1900
FirewallRules: [{B47DCE39-BD05-4FD0-BC5F-8FCE7C3FBB7F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BE0EC94A-88B6-4356-B121-F67FE5BE0F40}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{19E284DE-FE65-45E9-8827-69D5454439A1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EDA33C67-02FC-4CBB-B8DE-B369AC2BA16B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A039D880-B78A-42A9-B674-3C20F301958F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CE5752B7-4973-4961-9484-8F3D19860817}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E92E642A-311D-43C3-A635-2CB503B48A6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2809D2B6-BE40-4651-A21C-122B410300EC}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E600D371-B1A8-49D1-B9E0-A3A62A4BA522}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{103F145E-9796-44C0-A367-F5B07BA171F1}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{F43044FB-7F3F-4B48-B835-0219F7868A3E}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{DA47777C-7B86-4ADE-B729-FF83FBE59A8B}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DFFEC908-8CA6-4D61-A2ED-1F4B2A33DC36}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{5EE132EB-FD98-4E5A-AF98-5FBA3FA24EBC}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E2A7BEE9-784C-438B-B158-839374F9F87E}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{28E7F0F9-A0A2-4B22-8797-EF57252ED01F}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{553DFD38-B5F0-4268-AE64-30BC846149D3}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{58A82F7A-A6F0-41F7-8E3C-ADC274C99A89}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{E75B29C7-AA7E-4FD0-876A-ED1EEF08925B}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [TCP Query User{F5D56FA8-1223-4801-BEEE-DDB974869715}C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe] => (Block) C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{5B71C5E1-31F2-45A2-91C9-D0182EA87821}C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe] => (Block) C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [{0513AE7E-6075-4797-8D40-1422DF6B075B}] => (Allow) C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [{3B80E36D-5102-4F0B-BD60-DEC883DC31EF}] => (Allow) C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{D6937A8B-FD35-47F0-BA0F-1F0F30F8C40D}C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [UDP Query User{4575823C-B0B5-4912-82FD-22C447672E64}C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [TCP Query User{FFD53927-25F8-474E-B6C5-E277A063BBBB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{63A42459-ABF9-4F79-B53E-D82D0FE19D8B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{440B6F79-B7F0-47AB-87BA-AEE9AC0882AE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{12FFA287-5CBA-4B26-B03E-DB094EDFB2BE}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{95630548-BD0C-4A9E-B1BE-A49ED429AEE9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{16B0A221-3F76-4D2F-8DE1-6D001ED36FBA}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{028A9953-81D5-42BF-8917-CE601C648A6A}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{2EE9EB95-1A6B-4033-96FF-4DAE4D80AF6B}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{3A6B8F5D-469C-4E04-922D-1D500657CB3F}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [TCP Query User{1B543931-8423-4FA8-AADF-4EF716331E5D}C:\users\***\desktop\server.exe] => (Block) C:\users\***\desktop\server.exe
FirewallRules: [UDP Query User{1BDA996F-7CB5-4171-A9C7-AF37272521CD}C:\users\***\desktop\server.exe] => (Block) C:\users\***\desktop\server.exe
FirewallRules: [{150A4CAE-1DC2-49D0-9B2E-8695624237AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B7A0C7EB-853B-4EE2-A61D-54239896AAB0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{628E79D1-8008-41F8-A691-FAB151D4E740}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4D94DEA1-28BC-4883-A836-2B6911B29796}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{235CF8FA-1172-4F6B-9A8F-E1BBEA03F6F7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AB3EAEC4-656D-44D6-AA46-1C2D51B7A94B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B05B7767-03D5-4F6C-991D-F851B33EF5F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{4B5A10B0-0DD2-4F4C-832B-34F592B0B0E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [TCP Query User{4578D5FF-3E50-44AF-8AB2-D7CBDA064711}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{6C14DA7D-29DB-439F-9368-224F86E30248}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{C8BF3DAE-B5A3-44C5-822E-1C86D42C61A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{35AC7006-76B9-463F-9F8C-9728D00EDE50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{806CA73C-949B-438A-BBE9-E043B0C79132}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8EDD40C7-A1CD-47A0-83B3-5AE7A30850AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1836C94C-838B-40CA-AD3B-C24066E63A2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{FC88699F-9084-4958-B2B7-AE238399FA38}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{AD81498B-0AAB-4C2A-AA9F-F8AD85D8C040}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{21049E79-4CE2-470E-A4B4-FBCB87225643}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{CA27BD46-AFBE-4D68-A1A4-8285D79DBC86}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{20493343-44F6-4C3B-89B5-6661766F6E15}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{81F1081B-2B9B-4087-89BC-2E0C2E499DCF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{21D125AF-98B3-4F21-8275-7A13F710E2BE}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{643A52E7-39FE-4B60-9237-D4C4BA4F92DF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{2F418091-C3CC-465D-B5D4-1C5EF0C4EA54}] => (Block) %ProgramFiles% (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3F085E72-631F-4396-A8B5-4BE28E0D98CF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{CECA437E-F5B6-4188-BED0-9A98664E22EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1EA916F3-6033-49E3-9E7C-6221F05C2AE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CF67DF90-ED5D-4AC6-AECB-2311F1A2353D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{D079664E-785F-4432-A281-37DE689D263E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{88D63DC1-3A77-4AEE-BC42-1A4B3F6D78C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{DFB66331-BE01-4F8D-B90C-98A865B61932}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{36315153-8170-4A70-970E-9BCA3A960B97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{817D562D-7714-4E59-B348-2361CBFA0D0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{68FFEB51-E4CD-4197-AC0E-E7BC8D37B57F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{5DADD28A-BE6F-4992-B9D1-DB73AFC0D8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5A3D6580-A572-492E-AB50-7A73F16C4EBC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A72452B4-B183-41ED-95A2-C5C1B9866AB0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{C22AA6B0-0F8B-40D0-964F-AD067F643C0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FB7053CB-99DF-4608-B357-B6E248383819}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{6F188772-EBC5-41C3-9054-32E94615A151}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F60949A9-6636-4D04-A72E-FB200E8D5618}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6B9B623-335E-4A42-A601-6357AED3E749}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{57176FEB-13A8-4F1F-ABF5-9D45E45742FF}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B9372D30-8139-4241-981C-AD60CC76B8A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{C64EA0D5-0CD4-4345-936A-D05B85BE53A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A03AA1C2-8B03-4409-97AD-20D21693D3C5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{A6D0C73A-ECFC-49DE-B087-8A73D27A5DFE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{F312E6A0-ECCE-436A-966E-48A9F8592AD9}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{B7841417-AF5B-4291-8C2C-3ED710101A74}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{254D9D2B-FB32-4D23-8665-57DEDB43C8D7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{98C5D884-D98E-4B9C-A65F-9468AC3D54AF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{31EA672E-2836-4B87-9EE1-6E4E5AACCC7B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{9E0E8D35-4B18-4F3B-BFDC-C9B386755278}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1557986D-AE59-4434-B407-C71CA490EB61}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{18F406D5-3C50-4D60-B540-19C7FE043616}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{9E7843EB-EE5D-48FB-A0FC-500EB80A3910}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87A34760-5CB7-4A87-8DE6-C2347EEF11C7}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B4CA9C86-4302-477A-883C-CF1E912E1F05}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CB43D8FA-FF59-4A7E-AB8A-D7EF1A9B6A36}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [{EC2ED800-95B4-46BD-8328-4C1340EFF0AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFCF0AF5-93A4-4A11-82E9-4AAA563C1F5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E5021F6-3D17-4992-BB8A-11451E19964C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A8A6591B-6027-4A0A-A313-D0EBD51104B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5E545A35-77AD-4359-90C2-A1B3C039825F}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4A1B7045-17EB-4A15-971D-411AA4B2C505}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FEC33C88-8625-4FD3-B7E4-E71F9AEF6498}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6C2EF557-5DF5-4544-A55C-15213310E551}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D1A53EAE-A02E-4864-A98C-F13FDBED81C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A8EB83C-C3E0-47AF-81B4-3B3ECD00313B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14BF1BE5-5A36-47B3-B574-1CEE1A206FEA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{24CF5427-8480-499C-B183-B6E86B8481AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{03B653F8-EA74-44CD-9155-D690B88E3364}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe
FirewallRules: [{B6C18F11-15CD-4826-9DC8-3A1685F171AD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe
FirewallRules: [{EF57860B-62FD-4DAA-A269-11A54D6A0CCD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe
FirewallRules: [{B9865934-63D6-4A2F-889F-DF800D58F850}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe
FirewallRules: [{10F19988-4099-493C-A0F5-B63B3F134320}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com
FirewallRules: [{CF0D4585-7204-4FE3-9DE3-2FD5FFD7AA99}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com
FirewallRules: [TCP Query User{B1FA032A-C606-4442-938C-49BEC66D82D6}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{CB298BF5-011E-4747-A68A-084B44E521A4}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1B9A72A6-427A-4F9C-A49D-E7CA74AD48DE}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{21834AAB-9466-4C71-9340-3135EA20B70B}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B9EC436B-7E9D-45B8-89E2-C11896EADC2A}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe
FirewallRules: [UDP Query User{7569C037-6D66-465D-93E1-37BFEC4A746D}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe
FirewallRules: [{577A170F-64BE-4B4D-99FA-434CE7E1CE2F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{8BCB6551-9C01-4434-BF52-85D940E006CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DD44B1AF-DE5E-4E2F-8E80-1434AF5F28C3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D07A839D-1722-48EE-86D7-32D20471311F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

==================== Wiederherstellungspunkte =========================

02-09-2016 13:21:20 Geplanter Prüfpunkt
10-09-2016 10:32:01 Geplanter Prüfpunkt
18-09-2016 13:52:46 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2016 04:40:28 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070005.

Error: (09/18/2016 02:13:32 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070005.

Error: (09/18/2016 08:18:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/18/2016 06:59:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Name des fehlerhaften Moduls: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0038f536
ID des fehlerhaften Prozesses: 0x22e4
Startzeit der fehlerhaften Anwendung: 0x01d2119347978e7f
Pfad der fehlerhaften Anwendung: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Pfad des fehlerhaften Moduls: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Berichtskennung: 86b12be1-7d86-11e6-8ab6-3085a96fdc74

Error: (09/18/2016 06:58:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Name des fehlerhaften Moduls: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0038f536
ID des fehlerhaften Prozesses: 0x1b98
Startzeit der fehlerhaften Anwendung: 0x01d21193234933a8
Pfad der fehlerhaften Anwendung: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Pfad des fehlerhaften Moduls: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Berichtskennung: 63a42f5e-7d86-11e6-8ab6-3085a96fdc74

Error: (09/18/2016 06:42:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (09/17/2016 02:36:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Au_.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ac0

Startzeit: 01d210f99316c436

Endzeit: 108

Anwendungspfad: C:\Users\MIRIAM~1\AppData\Local\Temp\~nsu.tmp\Au_.exe

Berichts-ID:

Error: (09/17/2016 12:30:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/17/2016 11:55:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (09/16/2016 01:49:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).


Systemfehler:
=============
Error: (09/18/2016 04:49:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/18/2016 04:39:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
acedrv07

Error: (09/18/2016 04:38:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/18/2016 03:38:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/18/2016 02:20:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/18/2016 02:12:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
acedrv07

Error: (09/18/2016 02:12:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Client Virtualization Handler" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/18/2016 02:12:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Client Virtualization Handler erreicht.

Error: (09/18/2016 02:10:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/18/2016 08:09:06 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


CodeIntegrity:
===================================
  Date: 2016-09-18 16:37:28.678
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 16:37:28.553
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 14:09:52.542
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 14:09:52.432
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 06:27:51.378
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 06:27:51.237
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-17 11:03:43.838
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-17 11:03:43.698
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-16 10:40:29.774
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-16 10:40:29.618
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8078.32 MB
Verfügbarer physikalischer RAM: 4636.34 MB
Summe virtueller Speicher: 16154.82 MB
Verfügbarer virtueller Speicher: 13048.4 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:440.44 GB) (Free:79.75 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B8584238)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 19.09.2016, 10:24

Zitat:

127.0.0.1 static3.cdn.ubi.com

Sieht ganz stark danach aus, dass du gecrackte Spiele hast.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Chascona · 19.09.2016, 12:42

Ist weg

Hier also nochmal die Logs:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von *** (Administrator) auf *** (19-09-2016 08:34:10)
Gestartet von C:\Users\***\Desktop
Geladene Profile: UpdatusUser & *** (Verfügbare Profile: UpdatusUser & ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Akamai Technologies, Inc.) C:\Users\***\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Spotify Ltd) C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Akamai Technologies, Inc.) C:\Users\***\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [147640136 2016-08-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-09-05] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-09-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\***\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1 --CMPID 0913b
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Akamai NetSession Interface] => C:\Users\***\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-16] (Spotify Ltd)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\MountPoints2: {5521ab6d-f41d-11e1-9be9-3085a96fdc74} - D:\Startme.exe
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll => Keine Datei
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32:  ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.43.dll [2016-09-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-02]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-09-10]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-2178124953-3779141132-2557792711-1002] => hxxp://non-block.net/wpad.dat?7397345600c0219c2c949a4594fe9cd416704074
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0640E2EC-2466-4311-9D01-D256422A0729}: [NameServer] 134.60.1.111,134.60.111.111
Tcpip\..\Interfaces\{E5ED9224-381B-4776-8BC5-609552969989}: [DhcpNameServer] 192.168.2.1
ManualProxies: 0hxxp://non-block.net/wpad.dat?7397345600c0219c2c949a4594fe9cd416704074

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.pu-results.info/?pid=724&r=2013/05/01&hid=3368781133&lg=EN&cc=DE
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=hp&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-2178124953-3779141132-2557792711-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119292&tt=190313_wctrl&babsrc=HP_ss&mntrId=4EF716E54302D110
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=17811293&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=038b5276-c94c-2fbd-9507-b1ac35d3a7ad&searchtype=ds&q={searchTerms}&installDate=26/08/2013
SearchScopes: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F63F0AF8-DDEB-4B94-85DC-7C17B2BD9A94}&mid=9c98a2b6035647d08204e1ccef8b3587-1ec9f8adeb69df457fea7eae13db8bad7ea9f0b1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-09-09 14:10:58&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll [2016-09-05] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\cab13316.default-1474223712958
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.5\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-01] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2178124953-3779141132-2557792711-1002: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2012-02-05] ( )
FF Plugin HKU\S-1-5-21-2178124953-3779141132-2557792711-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-09-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-09-01] (Apple Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\cab13316.default-1474223712958\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-18]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha745.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ff
FF Extension: (Webexp Enhanced) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ff [2013-12-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta348.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta348\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha949.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha949\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1119.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1119\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha642.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha642\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5808.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5808\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home850.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home850\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6112.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6112\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-02] [ist nicht signiert]
FF HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension => nicht gefunden
FF HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1297790416.js [2016-09-18] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1297790416.cfg [2016-09-18] <==== ACHTUNG

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [cecmgbinjoobhdcemjainnldpifmephe] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home850\ch\MediaWatchV1home850.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eogknionnbfbhbmlmodcmnpmeoghajdb] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha745\ch\WebexpEnhancedV1alpha745.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [flpfhcollobbbccihmhckbemhldhjahn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5808\ch\MediaViewV1alpha5808.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fnanpabeckkllicbdbjiiopdcbfoclbj] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta348\ch\VideoPlayerV3beta348.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jjjhcgoigcoeofffojopolmjdpchebgg] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1119\ch\MediaViewerV1alpha1119.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lfhjhidedpkgkfmapgjabjbkoipcgpca] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6112\ch\MediaBuzzV1mode6112.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [ohjfdacipgdkchcfeknpoogfjdmhihgj] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha642\ch\MediaViewV1alpha642.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-02] ()
R2 vToolbarUpdater40.3.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe [1349704 2016-09-05] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-05] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 SystemStoreService; "C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe"  -displayname "System Store Service" -servicename:SystemStoreService [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-01-04] () [Datei ist nicht signiert]
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
S3 arcvad_ds2dhw; C:\Windows\System32\drivers\ArcVad.sys [27136 2008-10-28] (ArcSoft, Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-05-29] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
S1 nnqsrorm; \??\C:\Windows\system32\drivers\nnqsrorm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 08:34 - 2016-09-19 08:35 - 00038047 _____ C:\Users\***\Desktop\FRST.txt
2016-09-19 08:33 - 2016-09-19 08:33 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion
2016-09-18 17:13 - 2016-09-18 17:13 - 00087679 _____ C:\Users\***\Downloads\Addition.txt
2016-09-18 17:13 - 2016-09-18 17:13 - 00051589 _____ C:\Users\***\Downloads\FRST.txt
2016-09-18 16:54 - 2016-09-19 08:34 - 00000000 ____D C:\FRST
2016-09-18 16:54 - 2016-09-19 08:33 - 02400256 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2016-09-18 15:35 - 2016-09-18 15:35 - 00000000 ____D C:\Users\***\Desktop\Alte Firefox-Daten
2016-09-18 08:22 - 2016-09-18 16:33 - 00000000 ____D C:\Users\***\Documents\Assassin's Creed III
2016-09-18 07:54 - 2016-09-18 07:54 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-15 15:26 - 2016-09-15 15:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-07 14:43 - 2016-09-07 14:43 - 00461804 _____ C:\Users\***\Downloads\Mitarbeiterfragebogen Studenten_Vorlage.pdf
2016-09-04 06:59 - 2016-09-04 14:25 - 00000000 ____D C:\Users\***\Documents\The Lord of the Rings Online
2016-08-25 07:22 - 2016-09-18 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-08-22 14:53 - 2016-08-25 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-19 08:28 - 2012-08-28 15:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-19 08:26 - 2015-06-17 22:16 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA.job
2016-09-19 08:26 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-19 08:15 - 2012-10-06 12:43 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-19 08:15 - 2012-08-30 05:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-19 07:49 - 2012-10-03 08:12 - 00000000 ____D C:\ProgramData\MFAData
2016-09-19 06:40 - 2012-08-28 15:23 - 00000000 ____D C:\Program Files (x86)\Spiele
2016-09-19 06:29 - 2013-03-30 11:31 - 00000384 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-09-19 06:20 - 2009-07-14 01:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-19 06:20 - 2009-07-14 01:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-19 06:12 - 2012-10-03 10:15 - 00000000 ___RD C:\Users\***\Dropbox
2016-09-19 06:06 - 2012-08-28 06:48 - 00000380 _____ C:\Users\***\AppData\Roaming\sp_data.sys
2016-09-19 06:05 - 2012-10-06 12:43 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-19 06:05 - 2012-08-28 15:16 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-09-19 06:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 17:26 - 2015-06-17 22:16 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core.job
2016-09-18 16:34 - 2016-07-13 13:39 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-09-18 16:34 - 2015-09-09 15:10 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-09-18 16:33 - 2015-11-23 06:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-09-18 16:33 - 2015-01-02 15:54 - 00000000 ____D C:\Users\***\AppData\Local\Akamai
2016-09-18 16:33 - 2014-03-31 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-09-18 16:33 - 2012-10-03 10:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2016-09-18 16:33 - 2012-09-01 08:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
2016-09-18 16:33 - 2012-08-28 15:14 - 00000000 ____D C:\Users\UpdatusUser
2016-09-18 16:33 - 2012-08-28 06:48 - 00000000 ____D C:\Users\***
2016-09-18 16:33 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-09-18 16:32 - 2012-08-30 05:52 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-18 16:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-09-18 13:39 - 2012-08-28 10:43 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9D72B3FC-D3C0-4804-BB84-36B0EEFB0F6E}
2016-09-18 12:02 - 2012-08-28 15:16 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-09-18 07:57 - 2013-08-27 07:07 - 00001310 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 15:35 - 00001254 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 15:35 - 00001254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-18 07:57 - 2012-08-28 06:50 - 00001521 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 07:38 - 2011-02-19 01:24 - 00711204 _____ C:\Windows\system32\perfh007.dat
2016-09-18 07:38 - 2011-02-19 01:24 - 00155244 _____ C:\Windows\system32\perfc007.dat
2016-09-18 07:38 - 2009-07-14 02:13 - 01653366 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-17 12:38 - 2012-09-01 08:23 - 00000000 ____D C:\Users\***\AppData\Roaming\IMVUClient
2016-09-15 15:28 - 2014-12-24 16:43 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 15:53 - 2015-11-23 06:01 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-14 15:15 - 2012-08-30 05:52 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 15:15 - 2012-08-30 05:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 15:15 - 2012-08-30 05:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 15:15 - 2012-02-23 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-06 14:55 - 2012-08-28 15:21 - 00002176 _____ C:\Windows\system32\ServiceFilter.ini
2016-09-05 14:41 - 2015-09-09 15:10 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-09-04 14:21 - 2012-10-13 14:30 - 00000000 ____D C:\Users\***\AppData\Local\The Lord of the Rings Online
2016-09-04 09:19 - 2012-10-13 08:13 - 00000000 ____D C:\Users\***\AppData\Local\Turbine
2016-09-02 09:54 - 2009-07-14 02:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-26 04:27 - 2012-08-28 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-23 12:07 - 2016-04-27 16:49 - 00000000 ____D C:\Users\***\.matplotlib
2016-08-23 12:07 - 2016-04-27 16:48 - 00000000 ____D C:\Users\***\AppData\Roaming\psychopy2
2016-08-22 18:04 - 2015-03-08 16:44 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2016-08-22 17:52 - 2015-03-08 16:43 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2016-08-21 13:59 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-28 10:50 - 2012-05-24 10:39 - 145138568 _____ (Gameforge) C:\Program Files\setup_20120224.exe
2012-08-28 06:48 - 2016-09-19 06:06 - 0000380 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2012-10-13 12:05 - 2012-10-13 12:05 - 0000100 _____ () C:\Users\***\AppData\Local\fusioncache.dat
2013-10-17 11:40 - 2013-10-17 11:40 - 0006485 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2013-02-03 17:28 - 2013-03-18 13:24 - 1426411 ____N () C:\Users\***\AppData\Local\Tempmusic.ogg
2015-09-15 15:16 - 2015-09-15 15:17 - 0014681 _____ () C:\Users\***\AppData\Local\WiDiSetupLog.20150915.151633.wdl
2015-09-15 15:17 - 2015-09-15 15:18 - 0015521 _____ () C:\Users\***\AppData\Local\WiDiSetupLog.20150915.151745.wdl
2016-06-16 05:07 - 2016-06-16 05:07 - 0000000 _____ () C:\Users\***\AppData\Local\{02BA97A4-DAED-4540-962F-7897B89AC761}
2016-02-11 10:20 - 2016-02-11 10:21 - 0000000 _____ () C:\Users\***\AppData\Local\{C706C704-E004-4598-B937-684CC944C207}
2012-02-23 23:42 - 2010-10-06 14:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2014-05-02 15:52 - 2014-05-02 16:09 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2012-08-28 15:25 - 2012-08-28 15:26 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-08-28 15:25 - 2012-08-28 15:25 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-08-28 15:24 - 2012-08-28 15:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\89a0-6bda-5211-6982.exe
C:\Users\***\AppData\Local\Temp\add3-7a50-91d8-291a.exe
C:\Users\***\AppData\Local\Temp\appshat-distribution.exe
C:\Users\***\AppData\Local\Temp\AskSLib.dll
C:\Users\***\AppData\Local\Temp\AutoRun.exe
C:\Users\***\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\***\AppData\Local\Temp\avguirn_081362791782.exe
C:\Users\***\AppData\Local\Temp\avguirn_081433937816.exe
C:\Users\***\AppData\Local\Temp\avguirn_081650247354.exe
C:\Users\***\AppData\Local\Temp\avguirn_081697158606.exe
C:\Users\***\AppData\Local\Temp\avguirn_081904975666.exe
C:\Users\***\AppData\Local\Temp\avguirn_082029758042.exe
C:\Users\***\AppData\Local\Temp\avguirn_082091331221.exe
C:\Users\***\AppData\Local\Temp\avguirn_08331652933.exe
C:\Users\***\AppData\Local\Temp\avguirn_0863491659.exe
C:\Users\***\AppData\Local\Temp\avguirn_08687370215.exe
C:\Users\***\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\***\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\***\AppData\Local\Temp\conduitinstaller.exe
C:\Users\***\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2snv7j.dll
C:\Users\***\AppData\Local\Temp\eauninstall.exe
C:\Users\***\AppData\Local\Temp\ffmpeg151.exe
C:\Users\***\AppData\Local\Temp\FixMyRegistry_20120821.exe
C:\Users\***\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\***\AppData\Local\Temp\guninst.exe
C:\Users\***\AppData\Local\Temp\HC2Set64Pvt.exe
C:\Users\***\AppData\Local\Temp\htmlayout.dll
C:\Users\***\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\***\AppData\Local\Temp\mism.exe
C:\Users\***\AppData\Local\Temp\MSETUP4.EXE
C:\Users\***\AppData\Local\Temp\SIntf16.dll
C:\Users\***\AppData\Local\Temp\SIntf32.dll
C:\Users\***\AppData\Local\Temp\SIntfNT.dll
C:\Users\***\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\***\AppData\Local\Temp\The Battle for Middle-earth_uninst.exe
C:\Users\***\AppData\Local\Temp\Tsu82829D51.dll
C:\Users\***\AppData\Local\Temp\TsuB2471A27.dll
C:\Users\***\AppData\Local\Temp\TubeBoxSetup.exe
C:\Users\***\AppData\Local\Temp\ubi79B9.tmp.exe
C:\Users\***\AppData\Local\Temp\ubiF0D1.tmp.exe
C:\Users\***\AppData\Local\Temp\uninst1.exe
C:\Users\***\AppData\Local\Temp\uninstall27050822.exe
C:\Users\***\AppData\Local\Temp\uninstall27429265.exe
C:\Users\***\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\***\AppData\Local\Temp\wajam_download.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-10 10:24

==================== Ende von FRST.txt ============================

Chascona · 19.09.2016, 12:43

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von *** (19-09-2016 08:36:40)
Gestartet von C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-28 09:48:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2178124953-3779141132-2557792711-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2178124953-3779141132-2557792711-1005 - Limited - Enabled)
Gast (S-1-5-21-2178124953-3779141132-2557792711-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2178124953-3779141132-2557792711-1003 - Limited - Enabled)
*** (S-1-5-21-2178124953-3779141132-2557792711-1002 - Administrator - Enabled) => C:\Users\***
UpdatusUser (S-1-5-21-2178124953-3779141132-2557792711-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS K45_K75_K95_Screensaver (HKLM-x32\...\ASUS K45_K75_K95_Screensaver) (Version: 1.0.0001 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
AVG (HKLM\...\AvgZen) (Version: 1.91.2.35777 - AVG Technologies)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4656 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
AVG Zen (Version: 1.91.11 - AVG Technologies) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{AB259D81-DE6B-4554-B4A8-DB13D321FBF2}) (Version: 0.9.18 - Kovid Goyal)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.14018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.14018 - Cisco Systems, Inc.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.0909 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der Herr der Ringe Online (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\LOTROde) (Version:  - )
DER HERR DER RINGE: DIE GEFÄHRTEN (HKLM-x32\...\InstallShield_{49C98C60-BAC3-4C92-AF4F-E890FD312D60}) (Version: 1.01.0453 - Ihr Firmenname)
DER HERR DER RINGE: DIE GEFÄHRTEN (x32 Version: 1.01.0453 - Ihr Firmenname) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Dropbox) (Version: 10.4.25 - Dropbox, Inc.)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.1 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Buzz (HKLM-x32\...\MediaBuzzV1mode6112) (Version: 1.1 - Media Buzz) <==== ACHTUNG
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Nero 2014 (HKLM-x32\...\{4EC535F1-AE46-4734-8188-DA549B7B73D2}) (Version: 15.0.10200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
phonostar-Player Version 3.02.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PsychoPy2 1.83.04 (HKLM-x32\...\PsychoPy2) (Version: 1.83.04 - Jon Peirce)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.12 - ASUS)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ACHTUNG
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ACHTUNG
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
Winmira 2001 (HKLM-x32\...\79D6023C-0ECD-4774-8580-8794D9E74982) (Version: 1.45 - Matthias von Davier)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178124953-3779141132-2557792711-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032EF3E5-D61E-42DD-85E3-C6E27C9CFD20} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {07713277-A311-4860-B9F7-469706DC9AD6} - System32\Tasks\{3AFB1DC4-A869-4B6E-9875-332924512BA0} => pcalua.exe -a "C:\Users\***\Desktop\Sony_Ericsson_PCSuite_2.10.46.exe" -d "C:\Users\***\Desktop"
Task: {0FC4671C-CE47-4B2F-BA00-7BF4ED2FEDA0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {1262CBC6-3F3A-4E7E-B7BF-9608E71CF0C7} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {18F8F0EB-4CAA-4E5D-9B3B-02BB8F0B3C07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {19358FA4-497B-452F-9E4E-795E9DFE3223} - System32\Tasks\{D602D7B4-63B1-41D5-84B8-3799CC3F9504} => C:\Program Files (x86)\Jessy\jlauncher.exe
Task: {1B5FE1A4-371D-4C4F-AF08-D746E1010BD2} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {1C211667-C990-4251-91B4-9FCDF0440E5C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {1D526A59-F523-426F-B80F-DAED0171ABB9} - System32\Tasks\{13F490B5-B735-4657-BC09-CE4976F79A5A} => msiexec.exe /package "C:\Users\***\Downloads\anyconnect-win-3.1.14018-pre-deploy-k9(1).msi"
Task: {20EA1966-FA5E-4FC1-A25E-5D9EDDEB7968} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {22156204-3D63-4289-AA5C-EDEA495CF313} - System32\Tasks\{2F49D724-95B9-490B-A102-A91BE8FF98F2} => C:\Users\***\Desktop\AC1\System\AssassinsCreed_Dx10.exe
Task: {23460041-6CF7-4B7B-9B59-CC6480F85FF1} - System32\Tasks\{B5F795F6-72F5-4CD5-AB35-1728AF294BF0} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {266CAF00-CF56-46AD-A1EF-BA393684AD19} - System32\Tasks\{E9562E4C-48B7-4B53-BC69-91BA6E18BFE0} => C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe [2013-09-04] (Maxis, a division of Electronic Arts Inc.)
Task: {291AB392-6221-426C-93B7-3F6638AD5163} - System32\Tasks\AdobeAAMUpdater-1.0-Miriam_Buser-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-05] (Adobe Systems Incorporated)
Task: {2FD07035-9F5F-48C8-93A9-390DA37C39F6} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {31C62121-132F-4975-A9F3-3A942BAF9AE4} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {32A91F84-1BD5-4B27-89A5-4081FEE27049} - System32\Tasks\{E57C7138-8A21-462D-8DB1-B7BFDED996BA} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {33D9842D-F8BB-4464-BD4C-16CB101A7428} - System32\Tasks\{C96102EB-2854-4511-B77D-928EB15E5EC7} => pcalua.exe -a C:\Windows\IsUn0407.exe -c -f"c:\horse_cd\uninst.isu"
Task: {3EB2D58C-B5D3-4EE3-9F2F-50096504CA3F} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2178124953-3779141132-2557792711-1002
Task: {4C569606-C7CE-4637-87CA-BD9995E0FEB2} - System32\Tasks\{30381AFE-8451-4A82-91A9-C06C8DF7E1BE} => C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
Task: {512AAD39-88B4-45AD-A527-37B60C3E0440} - System32\Tasks\{1011D686-1A5D-4B6C-9FDA-EAB132EA3AC4} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {52695809-E268-4297-9D09-C9BF559D8FA5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {5C8D6EEF-3B3C-4195-8FBC-A97F6BF45D32} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ACHTUNG
Task: {5CD2C1DA-330D-4D0C-A014-AAEC9ED31908} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG
Task: {5D60D040-F49B-4D93-BA40-BC10FF443149} - System32\Tasks\{F1152C10-FDF5-489A-B888-8CF688E6E0F3} => pcalua.exe -a "C:\Users\***\Desktop\AC1\autorun.exe" -d "C:\Users\***\Desktop\AC1"
Task: {62C01249-8F72-4D7C-8AB5-A745D397F6EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {62DC31A7-7977-4080-B61D-7813FF813F85} - System32\Tasks\{D292A8E3-3A03-43BC-B7A2-75D11F5B7B1D} => pcalua.exe -a "C:\Users\***\AppData\Roaming\CyberLink\Power2Go\7.0\Temp\setup.exe" -d "C:\Program Files (x86)\CyberLink\Power2Go" <==== ACHTUNG
Task: {62E543A5-B940-4048-9A05-B08EEA91115F} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {64EBCFEE-5708-4C98-B123-7102E0DB73FA} - System32\Tasks\{7089C6BE-00A2-4441-805D-2E4BC017D228} => pcalua.exe -a "C:\Remote Programs\Fishdom\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=591252;name=Fishdom;dir=C:\Remote Programs\Fishdom\;prvid=147;cmdid=1;prvdir=Default
Task: {687FD55F-F209-43A4-9E4F-C13E1A4A35CA} - System32\Tasks\{1B2C5185-0229-4DD8-82D8-64994F1F7BCE} => C:\Program Files (x86)\Jessy\jlauncher.exe
Task: {6CD2E90E-8A34-46E4-869F-2B1C75407911} - System32\Tasks\{905C97C1-9090-42C1-9CAB-D4B199940FDB} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Assassin's Creed II\Play AC2.exe" -d "C:\Program Files (x86)\Ubisoft\Assassin's Creed II"
Task: {712144D8-733D-411F-9058-E676006189A2} - System32\Tasks\{B468D450-C064-4DEE-BAC9-5C0D3CDF57D7} => pcalua.exe -a "C:\Users\***\Downloads\desktop.exe" -d "C:\Users\***\Downloads"
Task: {7309A798-9AD5-4E68-AB12-62BD89D9D319} - System32\Tasks\{F4AB91EA-6583-4BBF-BB88-F7D55F53EEA9} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {7818A18F-E0C3-4003-B348-12739573C98A} - System32\Tasks\{D980A92B-AC9C-4421-9F69-0D55EE5A277D} => C:\Program Files (x86)\Sims2\Die.Sims.2.German\Keks\mo-s2crk\Sims2.exe
Task: {7DEE5679-8CAB-4187-A304-F999D3F047E1} - System32\Tasks\{2D67187C-874C-4C9F-8C32-727DAC581A8B} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.10.0.116.259&amp;LastError=12002
Task: {80A58ACC-6CED-44E1-9048-ACE29A84D327} - System32\Tasks\{CCA28903-0553-4944-B535-D054B3A26F78} => C:\Users\***\Desktop\7th Street\7thStreetV11.exe
Task: {81ABD5BF-6C30-4B07-92D2-626E2C7DD17C} - System32\Tasks\{76BE86B2-1139-48C7-B6F8-A1B4AC4FCC6F} => pcalua.exe -a E:\setup.exe -d E:\
Task: {825A2A67-EE7C-4726-9852-5BE2856B4C7E} - System32\Tasks\{7F07EB04-C3F4-44FB-82F5-E3A4A233542B} => pcalua.exe -a "C:\Users\***\Downloads\Setup4.2.29.0.exe" -d "C:\Users\***\Downloads"
Task: {86B5FB09-5B97-47A7-9B40-7F8241C324C1} - System32\Tasks\{5B8A0828-4CE8-46B6-A823-62AD753F1EAB} => C:\Users\***\Desktop\Slender\Hospice\HospiceV13.exe
Task: {8840AE51-8926-413B-836C-5171F0EFC0BE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {8F8DDFAE-330B-4C75-865B-39E6112D516C} - System32\Tasks\{F4E39870-5C3B-4E74-9661-2B2ACA0CE778} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {9096264E-47AF-4F48-B586-F9005224C09C} - System32\Tasks\{DE1223F0-BC2A-40F3-B0AC-013160157F2F} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {94770850-1674-4E84-A283-4E239F7B3BE8} - System32\Tasks\DSite => C:\Users\MIRIAM~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {94C1369C-E529-450E-974C-22315A672088} - System32\Tasks\{198B55EB-24E7-43F3-9070-8D6166099A0F} => C:\Users\***\Desktop\AC1\System\AssassinsCreed_Dx10.exe
Task: {965A29D3-D9C2-43BB-B189-713D17F1ADEE} - System32\Tasks\{464D8793-6B16-4F30-AB0C-1B2A9C8B7A95} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=6c6066e8dc863a77 /um
Task: {9B03FC18-8329-4536-8B47-C468A652ACA5} - System32\Tasks\{D3B3DF14-AFE8-4A19-B215-CCA3167D50EB} => pcalua.exe -a "C:\Users\***\Downloads\assassins_creed_1.02(1).exe" -d "C:\Users\***\Downloads"
Task: {9EC67172-F47C-4D55-A927-E74ED8DB495B} - System32\Tasks\{5E1EE44A-F0D7-41CF-8059-BE2ECB06B817} => pcalua.exe -a "C:\Users\***\Downloads\assassins_creed_1.02.exe" -d "C:\Users\***\Downloads"
Task: {A36A83DB-A70F-4B77-8FE3-989C1CF343D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {A66DB61F-05C9-4C78-8A38-190B3F4D1294} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {AEA1312C-845A-4841-BA72-11EEE5B6D892} - System32\Tasks\{0958883D-F748-4795-8D83-102F37B729A1} => C:\horse_cd\hast.EXE
Task: {AEC9F295-2521-4641-ABF4-5B6B6C50808D} - System32\Tasks\{A41363F0-4CC0-46B1-A2E3-BC22528FF518} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {B5628F7F-34F9-4072-9060-EB24EE6A77B7} - System32\Tasks\{66421C3C-9456-432B-81B0-03029074FE80} => C:\Program Files (x86)\Derby Champion\DerbyChampion.exe
Task: {B59494C0-5F9A-4BD6-83D4-281EFBF39FD3} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {BA80FBA7-4E90-4278-BFF9-2A2FAC630F9E} - System32\Tasks\AmiUpdXp => C:\Users\***\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: {C2B4F143-6A93-417A-A7A8-097DF99F0C69} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ACHTUNG
Task: {C63FD06D-BDFC-482F-9D86-F8518C83235F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {C827819C-7D7D-49EA-BB2F-9CDED6572AD3} - System32\Tasks\{86FC20AC-83AC-491E-9061-AACD3329C884} => pcalua.exe -a "C:\Users\***\Desktop\AC1\splash\demo32.exe" -d "C:\Users\***\Desktop\AC1\splash"
Task: {C880CA4B-0FD4-444D-A11F-634DDD337CE1} - System32\Tasks\{EB7F82F1-811A-4604-A8B8-50B25FCB0FBC} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\GreatMahjongSpecial\mjongg.exe
Task: {D8C9C53C-C9BA-401D-9D03-835943F093C9} - System32\Tasks\{4A9967ED-3260-4A38-9FBA-CB3B3C771318} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=6c6066e8dc863a77 /um
Task: {DB09678F-C934-4C78-AB85-0A5C34BC4F97} - System32\Tasks\{52255273-215C-46DD-9129-792C5E49D694} => C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\Sims3Launcher.exe
Task: {DFD9E7D6-E9B6-41A5-894C-660878D3E4AE} - System32\Tasks\{6F1FDFA1-C17A-4280-857C-2B958A40A274} => C:\Users\***\Desktop\Slender\Hospice\HospiceV13.exe
Task: {E4DCB9C2-DEC1-40AB-B0E8-C000F662C039} - System32\Tasks\{990B4FA4-E86A-4359-982B-FF66C07C652B} => C:\Program Files (x86)\Mindscape\Haustierarzt\EReg.exe
Task: {E7039B27-3C6A-4477-9396-BB57899CA246} - System32\Tasks\{2BD6548F-8CCC-4972-B0AB-F561F38ED761} => C:\Users\***\Desktop\7th Street\7thStreetV11.exe
Task: {E7FFE472-7854-476B-96F9-97909924E596} - System32\Tasks\{A040E6CD-4149-4E93-9FDD-19165A5FFE1B} => C:\Program Files (x86)\Sims2\Die.Sims.2.German\Keks\mo-s2crk\Sims2.exe
Task: {E9B1A9D9-C167-4CD9-BD20-45146782E0C5} - System32\Tasks\{A3CDC73E-2990-4171-8E53-0ADF518F807E} => C:\Users\***\Desktop\backup\AssassinsCreed_Game.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\***\AppData\Local\SwvUpdater\Updater.exe <==== ACHTUNG
Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002Core.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178124953-3779141132-2557792711-1002UA.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\MIRIAM~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1474196065&a=1060736&src=sh&uuid=72148cbd-7c33-4c30-927a-047a7861a099,1474196013104"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-09 15:10 - 2016-09-05 14:40 - 00980552 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2012-08-28 15:14 - 2013-06-21 07:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-14 20:11 - 2010-07-14 20:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-07-01 05:21 - 2013-07-01 05:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-06-30 20:16 - 2013-06-30 20:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-06-30 20:15 - 2013-06-30 20:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-06-30 20:15 - 2013-06-30 20:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-06-30 20:16 - 2013-06-30 20:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-06-30 20:17 - 2013-06-30 20:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2012-08-28 15:16 - 2012-02-21 01:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-07-01 05:21 - 2013-07-01 05:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-06-23 13:22 - 2014-03-02 10:28 - 00075136 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2012-05-04 06:38 - 2012-02-28 05:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-07-28 20:08 - 2011-07-28 20:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-09-09 15:10 - 2016-09-05 14:40 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-02-29 05:16 - 2016-02-29 05:16 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-07-20 16:04 - 2013-11-19 17:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2012-02-21 18:49 - 2012-02-21 18:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2012-01-31 13:25 - 2012-01-31 13:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2016-07-11 16:56 - 2016-08-24 01:43 - 00035792 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00145864 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00019408 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00116688 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-07-11 16:56 - 2016-08-24 01:43 - 00100296 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00018888 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\select.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00019760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00694224 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020816 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00123856 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 01682760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00105928 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00021312 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00052024 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00038696 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-09-15 15:26 - 2016-08-24 01:43 - 00392144 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-09-15 15:26 - 2016-08-24 01:45 - 00020936 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024528 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00116176 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00381752 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00124880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00025424 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024016 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00175560 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00030160 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00043472 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00048592 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00057808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00024016 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00246592 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00026456 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00028616 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00144848 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-05 17:30 - 2016-08-24 01:44 - 00241104 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00023376 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00020800 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00019776 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00020800 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00020280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00350152 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-07-11 16:56 - 2016-09-12 10:11 - 00022352 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00024392 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-09-15 15:26 - 2016-08-24 01:41 - 00036296 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\librsync.dll
2016-09-15 15:26 - 2016-09-12 10:11 - 00084280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-09-15 15:26 - 2016-09-12 10:11 - 01826096 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-07-11 16:56 - 2016-08-24 01:43 - 00083912 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\sip.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00531248 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 03928880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 01972528 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00133424 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00224056 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00207672 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00020288 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-07-11 16:56 - 2016-08-24 01:45 - 00060880 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 17:30 - 2016-09-12 10:11 - 00024904 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00546096 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00357680 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00042808 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-09-15 15:26 - 2016-09-12 10:11 - 00168760 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2011-07-28 20:09 - 2011-07-28 20:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-11-23 05:58 - 2016-04-15 11:57 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 13:57 - 2010-08-20 13:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-28 15:16 - 2012-02-21 01:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2CFBE2D1 [133]
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2 [118]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [118]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119]
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6 [136]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-13 23:34 - 2016-06-16 05:15 - 00001054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       static3.cdn.ubi.com
127.0.0.1       ubisoft-orbit.s3.amazonaws.com
127.0.0.1       onlineconfigservice.ubi.com
127.0.0.1       orbitservice.ubi.com
127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: phonostar-PlayerTimer => "C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: SpeedUpMyComputer.exe => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{56048913-2EE4-4FB6-9B10-B11FD9535645}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A56F99CF-933B-4F79-9B77-D54139039647}] => (Allow) LPort=2869
FirewallRules: [{7200A232-CB9A-4548-89E0-CF072E6C2E3E}] => (Allow) LPort=1900
FirewallRules: [{B47DCE39-BD05-4FD0-BC5F-8FCE7C3FBB7F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BE0EC94A-88B6-4356-B121-F67FE5BE0F40}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{19E284DE-FE65-45E9-8827-69D5454439A1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EDA33C67-02FC-4CBB-B8DE-B369AC2BA16B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A039D880-B78A-42A9-B674-3C20F301958F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CE5752B7-4973-4961-9484-8F3D19860817}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E92E642A-311D-43C3-A635-2CB503B48A6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2809D2B6-BE40-4651-A21C-122B410300EC}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E600D371-B1A8-49D1-B9E0-A3A62A4BA522}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{103F145E-9796-44C0-A367-F5B07BA171F1}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{F43044FB-7F3F-4B48-B835-0219F7868A3E}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{DA47777C-7B86-4ADE-B729-FF83FBE59A8B}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DFFEC908-8CA6-4D61-A2ED-1F4B2A33DC36}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{5EE132EB-FD98-4E5A-AF98-5FBA3FA24EBC}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E2A7BEE9-784C-438B-B158-839374F9F87E}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{28E7F0F9-A0A2-4B22-8797-EF57252ED01F}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{553DFD38-B5F0-4268-AE64-30BC846149D3}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{58A82F7A-A6F0-41F7-8E3C-ADC274C99A89}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{E75B29C7-AA7E-4FD0-876A-ED1EEF08925B}] => (Allow) C:\ProgramData\HappyCloud\Cache\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [TCP Query User{F5D56FA8-1223-4801-BEEE-DDB974869715}C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe] => (Block) C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{5B71C5E1-31F2-45A2-91C9-D0182EA87821}C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe] => (Block) C:\programdata\happycloud\cache\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [{0513AE7E-6075-4797-8D40-1422DF6B075B}] => (Allow) C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [{3B80E36D-5102-4F0B-BD60-DEC883DC31EF}] => (Allow) C:\Program Files (x86)\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{D6937A8B-FD35-47F0-BA0F-1F0F30F8C40D}C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [UDP Query User{4575823C-B0B5-4912-82FD-22C447672E64}C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [TCP Query User{FFD53927-25F8-474E-B6C5-E277A063BBBB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{63A42459-ABF9-4F79-B53E-D82D0FE19D8B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{440B6F79-B7F0-47AB-87BA-AEE9AC0882AE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{12FFA287-5CBA-4B26-B03E-DB094EDFB2BE}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{95630548-BD0C-4A9E-B1BE-A49ED429AEE9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{16B0A221-3F76-4D2F-8DE1-6D001ED36FBA}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{028A9953-81D5-42BF-8917-CE601C648A6A}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{2EE9EB95-1A6B-4033-96FF-4DAE4D80AF6B}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{3A6B8F5D-469C-4E04-922D-1D500657CB3F}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [TCP Query User{1B543931-8423-4FA8-AADF-4EF716331E5D}C:\users\***\desktop\server.exe] => (Block) C:\users\***\desktop\server.exe
FirewallRules: [UDP Query User{1BDA996F-7CB5-4171-A9C7-AF37272521CD}C:\users\***\desktop\server.exe] => (Block) C:\users\***\desktop\server.exe
FirewallRules: [{150A4CAE-1DC2-49D0-9B2E-8695624237AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B7A0C7EB-853B-4EE2-A61D-54239896AAB0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{628E79D1-8008-41F8-A691-FAB151D4E740}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4D94DEA1-28BC-4883-A836-2B6911B29796}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{235CF8FA-1172-4F6B-9A8F-E1BBEA03F6F7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AB3EAEC4-656D-44D6-AA46-1C2D51B7A94B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B05B7767-03D5-4F6C-991D-F851B33EF5F6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{4B5A10B0-0DD2-4F4C-832B-34F592B0B0E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [TCP Query User{4578D5FF-3E50-44AF-8AB2-D7CBDA064711}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{6C14DA7D-29DB-439F-9368-224F86E30248}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{C8BF3DAE-B5A3-44C5-822E-1C86D42C61A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{35AC7006-76B9-463F-9F8C-9728D00EDE50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{806CA73C-949B-438A-BBE9-E043B0C79132}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8EDD40C7-A1CD-47A0-83B3-5AE7A30850AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81F1081B-2B9B-4087-89BC-2E0C2E499DCF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{21D125AF-98B3-4F21-8275-7A13F710E2BE}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{643A52E7-39FE-4B60-9237-D4C4BA4F92DF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{2F418091-C3CC-465D-B5D4-1C5EF0C4EA54}] => (Block) %ProgramFiles% (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3F085E72-631F-4396-A8B5-4BE28E0D98CF}] => (Block) %ProgramFiles% (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{CECA437E-F5B6-4188-BED0-9A98664E22EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1EA916F3-6033-49E3-9E7C-6221F05C2AE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CF67DF90-ED5D-4AC6-AECB-2311F1A2353D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{D079664E-785F-4432-A281-37DE689D263E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{88D63DC1-3A77-4AEE-BC42-1A4B3F6D78C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{DFB66331-BE01-4F8D-B90C-98A865B61932}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{36315153-8170-4A70-970E-9BCA3A960B97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{817D562D-7714-4E59-B348-2361CBFA0D0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{68FFEB51-E4CD-4197-AC0E-E7BC8D37B57F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{5DADD28A-BE6F-4992-B9D1-DB73AFC0D8ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5A3D6580-A572-492E-AB50-7A73F16C4EBC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A72452B4-B183-41ED-95A2-C5C1B9866AB0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{C22AA6B0-0F8B-40D0-964F-AD067F643C0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FB7053CB-99DF-4608-B357-B6E248383819}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{6F188772-EBC5-41C3-9054-32E94615A151}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F60949A9-6636-4D04-A72E-FB200E8D5618}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6B9B623-335E-4A42-A601-6357AED3E749}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{57176FEB-13A8-4F1F-ABF5-9D45E45742FF}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B9372D30-8139-4241-981C-AD60CC76B8A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{C64EA0D5-0CD4-4345-936A-D05B85BE53A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A03AA1C2-8B03-4409-97AD-20D21693D3C5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{A6D0C73A-ECFC-49DE-B087-8A73D27A5DFE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{F312E6A0-ECCE-436A-966E-48A9F8592AD9}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{B7841417-AF5B-4291-8C2C-3ED710101A74}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{254D9D2B-FB32-4D23-8665-57DEDB43C8D7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{98C5D884-D98E-4B9C-A65F-9468AC3D54AF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{31EA672E-2836-4B87-9EE1-6E4E5AACCC7B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{9E0E8D35-4B18-4F3B-BFDC-C9B386755278}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1557986D-AE59-4434-B407-C71CA490EB61}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{18F406D5-3C50-4D60-B540-19C7FE043616}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{9E7843EB-EE5D-48FB-A0FC-500EB80A3910}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87A34760-5CB7-4A87-8DE6-C2347EEF11C7}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B4CA9C86-4302-477A-883C-CF1E912E1F05}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CB43D8FA-FF59-4A7E-AB8A-D7EF1A9B6A36}C:\users\***\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\***\appdata\local\akamai\netsession_win.exe
FirewallRules: [{EC2ED800-95B4-46BD-8328-4C1340EFF0AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFCF0AF5-93A4-4A11-82E9-4AAA563C1F5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E5021F6-3D17-4992-BB8A-11451E19964C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A8A6591B-6027-4A0A-A313-D0EBD51104B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5E545A35-77AD-4359-90C2-A1B3C039825F}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4A1B7045-17EB-4A15-971D-411AA4B2C505}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FEC33C88-8625-4FD3-B7E4-E71F9AEF6498}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6C2EF557-5DF5-4544-A55C-15213310E551}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D1A53EAE-A02E-4864-A98C-F13FDBED81C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A8EB83C-C3E0-47AF-81B4-3B3ECD00313B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14BF1BE5-5A36-47B3-B574-1CEE1A206FEA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{24CF5427-8480-499C-B183-B6E86B8481AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{03B653F8-EA74-44CD-9155-D690B88E3364}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe
FirewallRules: [{B6C18F11-15CD-4826-9DC8-3A1685F171AD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe
FirewallRules: [{EF57860B-62FD-4DAA-A269-11A54D6A0CCD}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe
FirewallRules: [{B9865934-63D6-4A2F-889F-DF800D58F850}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe
FirewallRules: [{10F19988-4099-493C-A0F5-B63B3F134320}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com
FirewallRules: [{CF0D4585-7204-4FE3-9DE3-2FD5FFD7AA99}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com
FirewallRules: [TCP Query User{B1FA032A-C606-4442-938C-49BEC66D82D6}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{CB298BF5-011E-4747-A68A-084B44E521A4}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [TCP Query User{1B9A72A6-427A-4F9C-A49D-E7CA74AD48DE}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{21834AAB-9466-4C71-9340-3135EA20B70B}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B9EC436B-7E9D-45B8-89E2-C11896EADC2A}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe
FirewallRules: [UDP Query User{7569C037-6D66-465D-93E1-37BFEC4A746D}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe
FirewallRules: [{577A170F-64BE-4B4D-99FA-434CE7E1CE2F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{8BCB6551-9C01-4434-BF52-85D940E006CB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DD44B1AF-DE5E-4E2F-8E80-1434AF5F28C3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D07A839D-1722-48EE-86D7-32D20471311F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

==================== Wiederherstellungspunkte =========================

02-09-2016 13:21:20 Geplanter Prüfpunkt
10-09-2016 10:32:01 Geplanter Prüfpunkt
18-09-2016 13:52:46 Wiederherstellungsvorgang
19-09-2016 08:26:47 Entfernt The Sims 3
19-09-2016 08:28:30 Entfernt Assassin's Creed (R) III

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/19/2016 06:25:25 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (09/19/2016 06:23:43 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/18/2016 05:27:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/18/2016 05:27:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/18/2016 04:40:28 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070005.

Error: (09/18/2016 02:13:32 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070005.

Error: (09/18/2016 08:18:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\phonostar-Player\phonostar.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/18/2016 06:59:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Name des fehlerhaften Moduls: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0038f536
ID des fehlerhaften Prozesses: 0x22e4
Startzeit der fehlerhaften Anwendung: 0x01d2119347978e7f
Pfad der fehlerhaften Anwendung: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Pfad des fehlerhaften Moduls: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Berichtskennung: 86b12be1-7d86-11e6-8ab6-3085a96fdc74

Error: (09/18/2016 06:58:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Name des fehlerhaften Moduls: mein_pferdehof_2_download_kostenlos.exe, Version: 0.0.0.0, Zeitstempel: 0x57de6269
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0038f536
ID des fehlerhaften Prozesses: 0x1b98
Startzeit der fehlerhaften Anwendung: 0x01d21193234933a8
Pfad der fehlerhaften Anwendung: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Pfad des fehlerhaften Moduls: C:\Users\***\Downloads\mein_pferdehof_2_download_kostenlos.exe
Berichtskennung: 63a42f5e-7d86-11e6-8ab6-3085a96fdc74

Error: (09/18/2016 06:42:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).


Systemfehler:
=============
Error: (09/19/2016 08:34:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 08:33:48 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 08:32:58 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 08:32:50 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 08:31:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 08:31:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 06:12:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 und APPID 
{06622D85-6856-4460-8DE1-A81921B41C4B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (09/19/2016 06:08:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
acedrv07

Error: (09/19/2016 06:08:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/19/2016 06:06:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2016-09-19 06:04:30.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-19 06:04:30.373
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 16:37:28.678
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 16:37:28.553
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 14:09:52.542
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 14:09:52.432
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 06:27:51.378
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-18 06:27:51.237
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-17 11:03:43.838
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-09-17 11:03:43.698
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8078.32 MB
Verfügbarer physikalischer RAM: 5224 MB
Summe virtueller Speicher: 16154.82 MB
Verfügbarer virtueller Speicher: 13296.03 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:440.44 GB) (Free:176.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B8584238)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 19.09.2016, 13:03

Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Chascona · 19.09.2016, 13:22

Ach krass, gut zu wissen

Ich habs deinstalliert.

cosinus · 19.09.2016, 13:24

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Chascona · 19.09.2016, 16:27

So, alles erledigt, beim ersten Mal gab es zwei Funde, beim zweiten Mal keinen mehr.

Ich hab gerade die Firefox-Verknüpfung bereinigt und jetzt ist wenigstens die Werbestartseite weg

Aber mir ist natürlich klar dass das nicht heißt dass die Malware weg ist...

1. Log:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.19.05
  rootkit: v2016.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18426
*** :: *** [administrator]

19.09.2016 09:28:59
mbar-log-2016-09-19 (09-28-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 403629
Time elapsed: 1 hour(s), 4 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKU\S-1-5-21-2178124953-3779141132-2557792711-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl (Hijack.AutoConfigURL.PrxySvrRST) -> Data: hxxp://non-block.net/wpad.dat?7397345600c0219c2c949a4594fe9cd416704074 -> Delete on reboot. [fc057301b3e7e650892df5f5e91b956b]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-2178124953-3779141132-2557792711-1002\$RYRCB68.exe (Adware.FileFinder) -> Delete on reboot. [55ac3e367f1ba195e677984943c1827e]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

2. Log:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.19.05
  rootkit: v2016.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18426
*** :: *** [administrator]

19.09.2016 10:50:32
mbar-log-2016-09-19 (10-50-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 403277
Time elapsed: 1 hour(s), 2 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 19.09.2016, 19:35

Zitat:

Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged

Hm...weiter mit TDSSkiller

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Chascona · 19.09.2016, 19:49

Nix gefunden. Es wurden 3 Logfiles erstellt...
Der Report aus dem Programm direkt:

Code:

ATTFilter

15:41:29.0279 0x069c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:41:29.0279 0x069c  UEFI system
15:41:35.0738 0x069c  ============================================================
15:41:35.0738 0x069c  Current date / time: 2016/09/19 15:41:35.0738
15:41:35.0738 0x069c  SystemInfo:
15:41:35.0738 0x069c  
15:41:35.0738 0x069c  OS Version: 6.1.7601 ServicePack: 1.0
15:41:35.0738 0x069c  Product type: Workstation
15:41:35.0738 0x069c  ComputerName: ****
15:41:35.0738 0x069c  UserName: ***
15:41:35.0738 0x069c  Windows directory: C:\Windows
15:41:35.0738 0x069c  System windows directory: C:\Windows
15:41:35.0738 0x069c  Running under WOW64
15:41:35.0738 0x069c  Processor architecture: Intel x64
15:41:35.0738 0x069c  Number of processors: 4
15:41:35.0738 0x069c  Page size: 0x1000
15:41:35.0738 0x069c  Boot type: Normal boot
15:41:35.0738 0x069c  CodeIntegrityOptions = 0x00000001
15:41:35.0738 0x069c  ============================================================
15:41:36.0206 0x069c  KLMD registered as C:\Windows\system32\drivers\81158710.sys
15:41:36.0206 0x069c  KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23418, osProperties = 0x1
15:41:37.0173 0x069c  System UUID: {15847918-A0DB-0DCF-BE3D-E77BA7618038}
15:41:37.0875 0x069c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:37.0891 0x069c  ============================================================
15:41:37.0891 0x069c  \Device\Harddisk0\DR0:
15:41:37.0891 0x069c  GPT partitions:
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {254607CA-2283-44AE-9D11-C4DC5C87709C}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CAFB138C-EC31-492D-88B2-5ECB7C6B5E86}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7AC58CFB-3A7B-4281-ABA7-E9915A803AD0}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0x370E1800
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {482C0C54-1501-4CE5-BE86-A683B9B61F32}, Name: Basic data partition, StartLBA 0x37186000, BlocksNum 0x3200000
15:41:37.0891 0x069c  MBR partitions:
15:41:37.0891 0x069c  ============================================================
15:41:37.0922 0x069c  C: <-> \Device\Harddisk0\DR0\Partition3
15:41:37.0922 0x069c  ============================================================
15:41:37.0922 0x069c  Initialize success
15:41:37.0922 0x069c  ============================================================
15:42:20.0167 0x03c8  ============================================================
15:42:20.0167 0x03c8  Scan started
15:42:20.0167 0x03c8  Mode: Manual; SigCheck; TDLFS; 
15:42:20.0167 0x03c8  ============================================================
15:42:20.0167 0x03c8  KSN ping started
15:42:31.0420 0x03c8  KSN ping finished: true
15:42:32.0344 0x03c8  ================ Scan system memory ========================
15:42:32.0344 0x03c8  System memory - ok
15:42:32.0347 0x03c8  ================ Scan services =============================
15:42:32.0592 0x03c8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:42:32.0878 0x03c8  1394ohci - ok
15:42:33.0033 0x03c8  ACDaemon - ok
15:42:33.0092 0x03c8  [ 6E9C8B324980AFE454C6F7762E2B4478, B65CC18B2A63EC28FF125F547F71FD265299CE30128174AE05FFEE05108B69AC ] acedrv07        C:\Windows\system32\drivers\acedrv07.sys
15:42:33.0101 0x03c8  acedrv07 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:33.0358 0x03c8  Detect skipped due to KSN trusted
15:42:33.0358 0x03c8  acedrv07 - ok
15:42:33.0398 0x03c8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:42:33.0424 0x03c8  ACPI - ok
15:42:33.0449 0x03c8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:42:33.0483 0x03c8  AcpiPmi - ok
15:42:33.0563 0x03c8  [ F28ADE410436B42A3FCB53C38CEFEFC8, 15FAF5CFC498FA08FF086C2AE50CBD0414D325F92FB1DA44F521CA0F1078B2C3 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
15:42:33.0598 0x03c8  acsock - ok
15:42:33.0696 0x03c8  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:42:33.0709 0x03c8  AdobeARMservice - ok
15:42:34.0007 0x03c8  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:42:34.0025 0x03c8  AdobeFlashPlayerUpdateSvc - ok
15:42:34.0110 0x03c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:42:34.0143 0x03c8  adp94xx - ok
15:42:34.0229 0x03c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:42:34.0254 0x03c8  adpahci - ok
15:42:34.0275 0x03c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:42:34.0293 0x03c8  adpu320 - ok
15:42:34.0354 0x03c8  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:42:34.0383 0x03c8  AeLookupSvc - ok
15:42:34.0459 0x03c8  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:42:34.0482 0x03c8  AFBAgent - ok
15:42:34.0577 0x03c8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:42:34.0655 0x03c8  AFD - ok
15:42:34.0751 0x03c8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:42:34.0820 0x03c8  AgereSoftModem - ok
15:42:34.0847 0x03c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:42:34.0861 0x03c8  agp440 - ok
15:42:34.0933 0x03c8  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
15:42:34.0942 0x03c8  AiCharger - ok
15:42:34.0985 0x03c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:42:35.0023 0x03c8  ALG - ok
15:42:35.0058 0x03c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:42:35.0070 0x03c8  aliide - ok
15:42:35.0084 0x03c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:42:35.0096 0x03c8  amdide - ok
15:42:35.0131 0x03c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:42:35.0194 0x03c8  AmdK8 - ok
15:42:35.0209 0x03c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:42:35.0223 0x03c8  AmdPPM - ok
15:42:35.0255 0x03c8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:42:35.0270 0x03c8  amdsata - ok
15:42:35.0309 0x03c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:42:35.0327 0x03c8  amdsbs - ok
15:42:35.0348 0x03c8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:42:35.0361 0x03c8  amdxata - ok
15:42:35.0426 0x03c8  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
15:42:35.0489 0x03c8  AppID - ok
15:42:35.0514 0x03c8  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:42:35.0527 0x03c8  AppIDSvc - ok
15:42:35.0581 0x03c8  [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo         C:\Windows\System32\appinfo.dll
15:42:35.0616 0x03c8  Appinfo - ok
15:42:35.0645 0x03c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:42:35.0666 0x03c8  arc - ok
15:42:35.0692 0x03c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:42:35.0707 0x03c8  arcsas - ok
15:42:35.0755 0x03c8  [ A1CE3ED832EF7C903ADA43A64356B76D, 5920D602F1D04DFAF3E978CB64905208D4FDF8716CAD7EAECCB319CC73F6BB46 ] arcvad_ds2dhw   C:\Windows\system32\drivers\ArcVad.sys
15:42:35.0784 0x03c8  arcvad_ds2dhw - ok
15:42:35.0925 0x03c8  [ A3626C6D3F2DC95497F3F61842D7FD89, BB95BAFD3BE22136595D889DADAD67C68ACE6A6EAB02B026C254D97C9E9F2E62 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:42:35.0937 0x03c8  ASLDRService - ok
15:42:35.0966 0x03c8  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:42:35.0977 0x03c8  ASMMAP64 - ok
15:42:36.0119 0x03c8  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:42:36.0136 0x03c8  aspnet_state - ok
15:42:36.0228 0x03c8  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
15:42:36.0250 0x03c8  ASUS InstantOn - ok
15:42:36.0301 0x03c8  [ CBF4C9263F35A9E80E4AD5CBBAE6049C, 5C0871C95DB9E6FF3D1CBDCB1B76BB3CE20ADA23B6C2C8435D7BCE7E71C43346 ] AsusVBus        C:\Windows\system32\DRIVERS\AsusVBus.sys
15:42:36.0311 0x03c8  AsusVBus - ok
15:42:36.0334 0x03c8  [ C951F6F1D909E1AAD7160D9EE860A3F1, D8E3DDD6EB4516CE3D3C4DBA2AE9B77EBFEDDE817035B40447F63CF3DCF1275D ] AsusVTouch      C:\Windows\system32\DRIVERS\AsusVTouch.sys
15:42:36.0343 0x03c8  AsusVTouch - ok
15:42:36.0375 0x03c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:36.0485 0x03c8  AsyncMac - ok
15:42:36.0539 0x03c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:42:36.0550 0x03c8  atapi - ok
15:42:36.0716 0x03c8  [ 3D68A1EEF77307142636AF5127990BCB, 30926B2E1371287FF39C69C363BE4FAC67C558867D903C555A12316D303A43E8 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:42:36.0861 0x03c8  athr - ok
15:42:36.0893 0x03c8  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:42:36.0908 0x03c8  ATKGFNEXSrv - ok
15:42:36.0978 0x03c8  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:42:36.0987 0x03c8  ATKWMIACPIIO - ok
15:42:37.0066 0x03c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:42:37.0121 0x03c8  AudioEndpointBuilder - ok
15:42:37.0148 0x03c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:42:37.0190 0x03c8  AudioSrv - ok
15:42:37.0246 0x03c8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:42:37.0337 0x03c8  AxInstSV - ok
15:42:37.0394 0x03c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:42:37.0439 0x03c8  b06bdrv - ok
15:42:37.0510 0x03c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:42:37.0542 0x03c8  b57nd60a - ok
15:42:37.0604 0x03c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:42:37.0634 0x03c8  BDESVC - ok
15:42:37.0667 0x03c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:42:37.0749 0x03c8  Beep - ok
15:42:37.0923 0x03c8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:42:38.0044 0x03c8  BFE - ok
15:42:38.0123 0x03c8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:42:38.0237 0x03c8  BITS - ok
15:42:38.0267 0x03c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:42:38.0287 0x03c8  blbdrive - ok
15:42:38.0317 0x03c8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:42:38.0353 0x03c8  bowser - ok
15:42:38.0379 0x03c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:42:38.0418 0x03c8  BrFiltLo - ok
15:42:38.0456 0x03c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:42:38.0477 0x03c8  BrFiltUp - ok
15:42:38.0514 0x03c8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:42:38.0550 0x03c8  Browser - ok
15:42:38.0595 0x03c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:42:38.0641 0x03c8  Brserid - ok
15:42:38.0683 0x03c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:38.0703 0x03c8  BrSerWdm - ok
15:42:38.0722 0x03c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:38.0745 0x03c8  BrUsbMdm - ok
15:42:38.0759 0x03c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:38.0778 0x03c8  BrUsbSer - ok
15:42:38.0826 0x03c8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:42:38.0886 0x03c8  BthEnum - ok
15:42:38.0901 0x03c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:42:38.0945 0x03c8  BTHMODEM - ok
15:42:39.0001 0x03c8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:42:39.0021 0x03c8  BthPan - ok
15:42:39.0068 0x03c8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:42:39.0100 0x03c8  BTHPORT - ok
15:42:39.0137 0x03c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:42:39.0189 0x03c8  bthserv - ok
15:42:39.0219 0x03c8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:42:39.0237 0x03c8  BTHUSB - ok
15:42:39.0267 0x03c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:42:39.0332 0x03c8  cdfs - ok
15:42:39.0390 0x03c8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:42:39.0413 0x03c8  cdrom - ok
15:42:39.0444 0x03c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:42:39.0526 0x03c8  CertPropSvc - ok
15:42:39.0557 0x03c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:42:39.0581 0x03c8  circlass - ok
15:42:39.0641 0x03c8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:42:39.0670 0x03c8  CLFS - ok
15:42:39.0754 0x03c8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:42:39.0772 0x03c8  clr_optimization_v2.0.50727_32 - ok
15:42:39.0796 0x03c8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:42:39.0814 0x03c8  clr_optimization_v2.0.50727_64 - ok
15:42:39.0923 0x03c8  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:42:39.0949 0x03c8  clr_optimization_v4.0.30319_32 - ok
15:42:40.0002 0x03c8  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:42:40.0023 0x03c8  clr_optimization_v4.0.30319_64 - ok
15:42:40.0073 0x03c8  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
15:42:40.0088 0x03c8  clwvd - ok
15:42:40.0162 0x03c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:42:40.0181 0x03c8  CmBatt - ok
15:42:40.0210 0x03c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:42:40.0227 0x03c8  cmdide - ok
15:42:40.0301 0x03c8  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:42:40.0339 0x03c8  CNG - ok
15:42:40.0373 0x03c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:42:40.0388 0x03c8  Compbatt - ok
15:42:40.0405 0x03c8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:42:40.0447 0x03c8  CompositeBus - ok
15:42:40.0457 0x03c8  COMSysApp - ok
15:42:40.0545 0x03c8  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:42:40.0570 0x03c8  cphs - ok
15:42:40.0587 0x03c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:42:40.0602 0x03c8  crcdisk - ok
15:42:40.0673 0x03c8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:42:40.0741 0x03c8  CryptSvc - ok
15:42:40.0880 0x03c8  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:42:40.0927 0x03c8  cvhsvc - ok
15:42:40.0993 0x03c8  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
15:42:41.0002 0x03c8  CVirtA - ok
15:42:41.0094 0x03c8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:42:41.0139 0x03c8  DcomLaunch - ok
15:42:41.0175 0x03c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:42:41.0274 0x03c8  defragsvc - ok
15:42:41.0324 0x03c8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:42:41.0383 0x03c8  DfsC - ok
15:42:41.0421 0x03c8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:42:41.0504 0x03c8  Dhcp - ok
15:42:41.0665 0x03c8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:42:41.0752 0x03c8  DiagTrack - ok
15:42:41.0770 0x03c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:42:41.0833 0x03c8  discache - ok
15:42:41.0904 0x03c8  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
15:42:41.0918 0x03c8  Disk - ok
15:42:41.0984 0x03c8  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
15:42:42.0000 0x03c8  DNE - ok
15:42:42.0040 0x03c8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:42:42.0071 0x03c8  Dnscache - ok
15:42:42.0099 0x03c8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:42:42.0178 0x03c8  dot3svc - ok
15:42:42.0263 0x03c8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:42:42.0287 0x03c8  Dot4 - ok
15:42:42.0336 0x03c8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:42:42.0376 0x03c8  Dot4Print - ok
15:42:42.0410 0x03c8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:42:42.0427 0x03c8  dot4usb - ok
15:42:42.0467 0x03c8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:42:42.0538 0x03c8  DPS - ok
15:42:42.0595 0x03c8  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:42:42.0618 0x03c8  drmkaud - ok
15:42:42.0721 0x03c8  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:42:42.0769 0x03c8  DXGKrnl - ok
15:42:42.0827 0x03c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:42:42.0873 0x03c8  EapHost - ok
15:42:43.0030 0x03c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:42:43.0197 0x03c8  ebdrv - ok
15:42:43.0250 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] EFS             C:\Windows\System32\lsass.exe
15:42:43.0274 0x03c8  EFS - ok
15:42:43.0388 0x03c8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:42:43.0447 0x03c8  ehRecvr - ok
15:42:43.0503 0x03c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:42:43.0571 0x03c8  ehSched - ok
15:42:43.0634 0x03c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:42:43.0664 0x03c8  elxstor - ok
15:42:43.0683 0x03c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:42:43.0697 0x03c8  ErrDev - ok
15:42:43.0745 0x03c8  [ 42B4D3D746B3625EF42233C3897E1F68, B496B5CDF687936D49C8F87D01D261310F9F45F84577F1C3EEACEADE18535B34 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:42:43.0762 0x03c8  ETD - ok
15:42:43.0818 0x03c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:42:43.0910 0x03c8  EventSystem - ok
15:42:43.0948 0x03c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:42:43.0997 0x03c8  exfat - ok
15:42:44.0031 0x03c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:42:44.0093 0x03c8  fastfat - ok
15:42:44.0177 0x03c8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:42:44.0235 0x03c8  Fax - ok
15:42:44.0257 0x03c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:42:44.0273 0x03c8  fdc - ok
15:42:44.0313 0x03c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:42:44.0384 0x03c8  fdPHost - ok
15:42:44.0407 0x03c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:42:44.0478 0x03c8  FDResPub - ok
15:42:44.0533 0x03c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:42:44.0547 0x03c8  FileInfo - ok
15:42:44.0559 0x03c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:42:44.0615 0x03c8  Filetrace - ok
15:42:44.0633 0x03c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:42:44.0647 0x03c8  flpydisk - ok
15:42:44.0677 0x03c8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:42:44.0699 0x03c8  FltMgr - ok
15:42:44.0801 0x03c8  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
15:42:44.0868 0x03c8  FontCache - ok
15:42:44.0910 0x03c8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:42:44.0921 0x03c8  FontCache3.0.0.0 - ok
15:42:44.0949 0x03c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:42:44.0962 0x03c8  FsDepends - ok
15:42:45.0000 0x03c8  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:42:45.0012 0x03c8  fssfltr - ok
15:42:45.0134 0x03c8  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:42:45.0205 0x03c8  fsssvc - ok
15:42:45.0232 0x03c8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:42:45.0245 0x03c8  Fs_Rec - ok
15:42:45.0273 0x03c8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:42:45.0296 0x03c8  fvevol - ok
15:42:45.0310 0x03c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:42:45.0324 0x03c8  gagp30kx - ok
15:42:45.0394 0x03c8  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
15:42:45.0446 0x03c8  gpsvc - ok
15:42:45.0560 0x03c8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:45.0574 0x03c8  gupdate - ok
15:42:45.0582 0x03c8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:45.0595 0x03c8  gupdatem - ok
15:42:45.0629 0x03c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:42:45.0657 0x03c8  hcw85cir - ok
15:42:45.0711 0x03c8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:45.0741 0x03c8  HdAudAddService - ok
15:42:45.0815 0x03c8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:42:45.0835 0x03c8  HDAudBus - ok
15:42:45.0881 0x03c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:42:45.0895 0x03c8  HidBatt - ok
15:42:45.0966 0x03c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:42:45.0985 0x03c8  HidBth - ok
15:42:46.0030 0x03c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:42:46.0078 0x03c8  HidIr - ok
15:42:46.0118 0x03c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:42:46.0177 0x03c8  hidserv - ok
15:42:46.0222 0x03c8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:42:46.0245 0x03c8  HidUsb - ok
15:42:46.0268 0x03c8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:42:46.0312 0x03c8  hkmsvc - ok
15:42:46.0340 0x03c8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:46.0370 0x03c8  HomeGroupListener - ok
15:42:46.0409 0x03c8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:46.0429 0x03c8  HomeGroupProvider - ok
15:42:46.0609 0x03c8  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:42:46.0646 0x03c8  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:46.0879 0x03c8  Detect skipped due to KSN trusted
15:42:46.0879 0x03c8  hpqcxs08 - ok
15:42:47.0014 0x03c8  [ 75CC8C5146A3FB76221A7606628778D5, 2FDD943E22E38083639DF61335DEFE9C38685158D8BF0528834C1B657DC1DE6F ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:42:47.0046 0x03c8  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:42:47.0276 0x03c8  Detect skipped due to KSN trusted
15:42:47.0276 0x03c8  hpqddsvc - ok
15:42:47.0358 0x03c8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:42:47.0371 0x03c8  HpSAMD - ok
15:42:47.0486 0x03c8  [ 2ADF33F93991C4E24E86FFA5F906417B, 426FFE6DF9E1B779DA52D7361C8ED03C25F8F8EF30BF3BAAE07D488C3A96C74F ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:42:47.0529 0x03c8  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:42:47.0770 0x03c8  Detect skipped due to KSN trusted
15:42:47.0770 0x03c8  HPSLPSVC - ok
15:42:47.0882 0x03c8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:42:47.0935 0x03c8  HTTP - ok
15:42:47.0968 0x03c8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:42:47.0984 0x03c8  hwpolicy - ok
15:42:48.0031 0x03c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:42:48.0047 0x03c8  i8042prt - ok
15:42:48.0120 0x03c8  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:42:48.0148 0x03c8  iaStor - ok
15:42:48.0193 0x03c8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:42:48.0219 0x03c8  iaStorV - ok
15:42:48.0327 0x03c8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:42:48.0370 0x03c8  idsvc - ok
15:42:48.0411 0x03c8  IEEtwCollectorService - ok
15:42:48.0654 0x03c8  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:42:49.0080 0x03c8  igfx - ok
15:42:49.0116 0x03c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:42:49.0133 0x03c8  iirsp - ok
15:42:49.0238 0x03c8  iked - ok
15:42:49.0323 0x03c8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:42:49.0368 0x03c8  IKEEXT - ok
15:42:49.0607 0x03c8  [ 40FB2F6CEB3FC935EC18D656D2758CD4, B21CA15932BA5858EC0578F01B2625B40878D9C2B06B5E20A6D84FCFCCD66C91 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:42:49.0857 0x03c8  IntcAzAudAddService - ok
15:42:49.0949 0x03c8  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:42:50.0020 0x03c8  IntcDAud - ok
15:42:50.0167 0x03c8  [ 896AA2F1D79662B17D5DBBE588E24E30, 834257B3C247ECA0130A55FB8E5F906F54B94A124FBB842DB7D679C030BD439B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
15:42:50.0183 0x03c8  Intel(R) ME Service - ok
15:42:50.0223 0x03c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:42:50.0234 0x03c8  intelide - ok
15:42:50.0271 0x03c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:42:50.0312 0x03c8  intelppm - ok
15:42:50.0364 0x03c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:42:50.0432 0x03c8  IPBusEnum - ok
15:42:50.0470 0x03c8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:50.0530 0x03c8  IpFilterDriver - ok
15:42:50.0588 0x03c8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:42:50.0635 0x03c8  iphlpsvc - ok
15:42:50.0669 0x03c8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:42:50.0685 0x03c8  IPMIDRV - ok
15:42:50.0717 0x03c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:42:50.0763 0x03c8  IPNAT - ok
15:42:50.0782 0x03c8  ipsecd - ok
15:42:50.0795 0x03c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:42:50.0835 0x03c8  IRENUM - ok
15:42:50.0854 0x03c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:42:50.0865 0x03c8  isapnp - ok
15:42:50.0928 0x03c8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:42:50.0950 0x03c8  iScsiPrt - ok
15:42:51.0018 0x03c8  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:42:51.0027 0x03c8  iusb3hcs - ok
15:42:51.0066 0x03c8  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:42:51.0090 0x03c8  iusb3hub - ok
15:42:51.0174 0x03c8  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:42:51.0211 0x03c8  iusb3xhc - ok
15:42:51.0281 0x03c8  [ 3C6630473DD42FFC57D9F5564F533127, 1B2BBB8CF7AD5BF3F99565DA49F51B1E15D4B35698C105C0597DDBEB2DA61A83 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:42:51.0295 0x03c8  jhi_service - ok
15:42:51.0310 0x03c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:42:51.0323 0x03c8  kbdclass - ok
15:42:51.0354 0x03c8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:42:51.0368 0x03c8  kbdhid - ok
15:42:51.0430 0x03c8  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:42:51.0439 0x03c8  kbfiltr - ok
15:42:51.0450 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] KeyIso          C:\Windows\system32\lsass.exe
15:42:51.0464 0x03c8  KeyIso - ok
15:42:51.0516 0x03c8  [ CFBA6BCBBDC7E33813D92FFB3460FA07, 4BE0DF9AC976A991731C784CD3F32C4CED67AD58267658F046798E84BA1BF78C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:42:51.0533 0x03c8  KSecDD - ok
15:42:51.0551 0x03c8  [ CE66825289EE8326CB52C4E9E785ACB0, 41113B55F891A300C7967F585F59921917EC0718C26798946056B1DE534EE0E3 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:42:51.0567 0x03c8  KSecPkg - ok
15:42:51.0591 0x03c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:42:51.0649 0x03c8  ksthunk - ok
15:42:51.0686 0x03c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:42:51.0784 0x03c8  KtmRm - ok
15:42:51.0829 0x03c8  [ 033B4AED2C5519072C0D81E00804D003, 6C450A604C382416C482FED43098B4E95BD61B480B0CEFD728A269446AF18708 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:42:51.0865 0x03c8  L1C - ok
15:42:51.0927 0x03c8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:42:51.0985 0x03c8  LanmanServer - ok
15:42:52.0004 0x03c8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:52.0059 0x03c8  LanmanWorkstation - ok
15:42:52.0107 0x03c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:42:52.0165 0x03c8  lltdio - ok
15:42:52.0211 0x03c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:42:52.0266 0x03c8  lltdsvc - ok
15:42:52.0286 0x03c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:42:52.0355 0x03c8  lmhosts - ok
15:42:52.0441 0x03c8  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5, 7CEF2455D21A355542B290F4F18EDBC444F3704A31E569652D96A0A3E6799826 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:42:52.0461 0x03c8  LMS - ok
15:42:52.0507 0x03c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:42:52.0523 0x03c8  LSI_FC - ok
15:42:52.0538 0x03c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:42:52.0558 0x03c8  LSI_SAS - ok
15:42:52.0572 0x03c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:42:52.0590 0x03c8  LSI_SAS2 - ok
15:42:52.0620 0x03c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:42:52.0634 0x03c8  LSI_SCSI - ok
15:42:52.0664 0x03c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:42:52.0728 0x03c8  luafv - ok
15:42:52.0758 0x03c8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:42:52.0802 0x03c8  Mcx2Svc - ok
15:42:52.0834 0x03c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:42:52.0846 0x03c8  megasas - ok
15:42:52.0866 0x03c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:42:52.0894 0x03c8  MegaSR - ok
15:42:52.0970 0x03c8  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:42:52.0983 0x03c8  MEIx64 - ok
15:42:53.0005 0x03c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:42:53.0062 0x03c8  MMCSS - ok
15:42:53.0086 0x03c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:42:53.0128 0x03c8  Modem - ok
15:42:53.0153 0x03c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:42:53.0195 0x03c8  monitor - ok
15:42:53.0229 0x03c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:42:53.0242 0x03c8  mouclass - ok
15:42:53.0264 0x03c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:42:53.0278 0x03c8  mouhid - ok
15:42:53.0333 0x03c8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:42:53.0347 0x03c8  mountmgr - ok
15:42:53.0420 0x03c8  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:42:53.0437 0x03c8  MozillaMaintenance - ok
15:42:53.0473 0x03c8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:42:53.0492 0x03c8  mpio - ok
15:42:53.0510 0x03c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:42:53.0556 0x03c8  mpsdrv - ok
15:42:53.0616 0x03c8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:42:53.0721 0x03c8  MpsSvc - ok
15:42:53.0773 0x03c8  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:42:53.0803 0x03c8  MRxDAV - ok
15:42:53.0857 0x03c8  [ B7FADA5E1E55BB63F90EB9F8F016113B, 33C2C898E4AD0CBD34D9A6CF51987A4703009E23CD9D4F4294BF444C4D3D5A60 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:53.0884 0x03c8  mrxsmb - ok
15:42:53.0911 0x03c8  [ 34AFF1849B3EC042C40C5EEC9D78562A, E3378A9977B429812C38529C562FE27945706ADB5E9E877C4A90B0285631A501 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:53.0958 0x03c8  mrxsmb10 - ok
15:42:53.0994 0x03c8  [ 058CE7A55E140EB0C72FBA6FD2FA72DE, B1D89E524A621BDCC464882EF621BDC7779BFCBCC9FD923D70DE130C41D0DB4C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:54.0040 0x03c8  mrxsmb20 - ok
15:42:54.0084 0x03c8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:42:54.0096 0x03c8  msahci - ok
15:42:54.0135 0x03c8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:42:54.0150 0x03c8  msdsm - ok
15:42:54.0189 0x03c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:42:54.0247 0x03c8  MSDTC - ok
15:42:54.0297 0x03c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:42:54.0354 0x03c8  Msfs - ok
15:42:54.0372 0x03c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:42:54.0425 0x03c8  mshidkmdf - ok
15:42:54.0439 0x03c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:42:54.0453 0x03c8  msisadrv - ok
15:42:54.0504 0x03c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:42:54.0612 0x03c8  MSiSCSI - ok
15:42:54.0618 0x03c8  msiserver - ok
15:42:54.0659 0x03c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:42:54.0722 0x03c8  MSKSSRV - ok
15:42:54.0752 0x03c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:54.0804 0x03c8  MSPCLOCK - ok
15:42:54.0810 0x03c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:42:54.0881 0x03c8  MSPQM - ok
15:42:54.0909 0x03c8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:42:54.0942 0x03c8  MsRPC - ok
15:42:54.0958 0x03c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:42:54.0975 0x03c8  mssmbios - ok
15:42:54.0998 0x03c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:42:55.0081 0x03c8  MSTEE - ok
15:42:55.0119 0x03c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:42:55.0134 0x03c8  MTConfig - ok
15:42:55.0149 0x03c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:42:55.0164 0x03c8  Mup - ok
15:42:55.0203 0x03c8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:42:55.0299 0x03c8  napagent - ok
15:42:55.0365 0x03c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:42:55.0397 0x03c8  NativeWifiP - ok
15:42:55.0545 0x03c8  [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
15:42:55.0584 0x03c8  NAUpdate - ok
15:42:55.0679 0x03c8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:42:55.0728 0x03c8  NDIS - ok
15:42:55.0757 0x03c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:55.0831 0x03c8  NdisCap - ok
15:42:55.0869 0x03c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:55.0929 0x03c8  NdisTapi - ok
15:42:55.0954 0x03c8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:55.0998 0x03c8  Ndisuio - ok
15:42:56.0033 0x03c8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:56.0083 0x03c8  NdisWan - ok
15:42:56.0099 0x03c8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:42:56.0175 0x03c8  NDProxy - ok
15:42:56.0252 0x03c8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:42:56.0285 0x03c8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:56.0541 0x03c8  Detect skipped due to KSN trusted
15:42:56.0541 0x03c8  Net Driver HPZ12 - ok
15:42:56.0585 0x03c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:42:56.0647 0x03c8  NetBIOS - ok
15:42:56.0701 0x03c8  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:42:56.0737 0x03c8  NetBT - ok
15:42:56.0761 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] Netlogon        C:\Windows\system32\lsass.exe
15:42:56.0775 0x03c8  Netlogon - ok
15:42:56.0816 0x03c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:42:56.0873 0x03c8  Netman - ok
15:42:56.0968 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:56.0985 0x03c8  NetMsmqActivator - ok
15:42:56.0998 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0015 0x03c8  NetPipeActivator - ok
15:42:57.0055 0x03c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:42:57.0143 0x03c8  netprofm - ok
15:42:57.0190 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0207 0x03c8  NetTcpActivator - ok
15:42:57.0223 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0240 0x03c8  NetTcpPortSharing - ok
15:42:57.0271 0x03c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:42:57.0284 0x03c8  nfrd960 - ok
15:42:57.0358 0x03c8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:42:57.0390 0x03c8  NlaSvc - ok
15:42:57.0413 0x03c8  nnqsrorm - ok
15:42:57.0437 0x03c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:42:57.0480 0x03c8  Npfs - ok
15:42:57.0513 0x03c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:42:57.0557 0x03c8  nsi - ok
15:42:57.0577 0x03c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:42:57.0646 0x03c8  nsiproxy - ok
15:42:57.0754 0x03c8  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:42:57.0825 0x03c8  Ntfs - ok
15:42:57.0849 0x03c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:42:57.0899 0x03c8  Null - ok
15:42:58.0429 0x03c8  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:42:59.0026 0x03c8  nvlddmkm - ok
15:42:59.0115 0x03c8  [ 4086D655D237E091ECC34BEC94E55C3E, 498A57AC8F02247A4C95A74F0C19FF49A2B91872DB22B7EF7FAC4195402D9447 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:42:59.0127 0x03c8  nvpciflt - ok
15:42:59.0147 0x03c8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:42:59.0164 0x03c8  nvraid - ok
15:42:59.0204 0x03c8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:42:59.0226 0x03c8  nvstor - ok
15:42:59.0339 0x03c8  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:42:59.0382 0x03c8  nvsvc - ok
15:42:59.0577 0x03c8  [ 7BAB808957880CF38EFC6816FEF7276E, C230EC66E6069C2CC820DFE468EC45192E99CBC5CD822E828F59C8DC9564B6E5 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:42:59.0655 0x03c8  nvUpdatusService - ok
15:42:59.0685 0x03c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:42:59.0700 0x03c8  nv_agp - ok
15:42:59.0724 0x03c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:42:59.0739 0x03c8  ohci1394 - ok
15:42:59.0773 0x03c8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:59.0790 0x03c8  ose - ok
15:43:00.0102 0x03c8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:43:00.0364 0x03c8  osppsvc - ok
15:43:00.0405 0x03c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:43:00.0479 0x03c8  p2pimsvc - ok
15:43:00.0526 0x03c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:43:00.0578 0x03c8  p2psvc - ok
15:43:00.0622 0x03c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:43:00.0662 0x03c8  Parport - ok
15:43:00.0701 0x03c8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:43:00.0715 0x03c8  partmgr - ok
15:43:00.0770 0x03c8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:43:00.0808 0x03c8  PcaSvc - ok
15:43:00.0841 0x03c8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:43:00.0858 0x03c8  pci - ok
15:43:00.0889 0x03c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:43:00.0900 0x03c8  pciide - ok
15:43:00.0924 0x03c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:43:00.0943 0x03c8  pcmcia - ok
15:43:00.0969 0x03c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:43:00.0982 0x03c8  pcw - ok
15:43:01.0058 0x03c8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:43:01.0095 0x03c8  PEAUTH - ok
15:43:01.0172 0x03c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:43:01.0207 0x03c8  PerfHost - ok
15:43:01.0324 0x03c8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:43:01.0438 0x03c8  pla - ok
15:43:01.0510 0x03c8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:43:01.0550 0x03c8  PlugPlay - ok
15:43:01.0647 0x03c8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:43:01.0676 0x03c8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:43:01.0916 0x03c8  Detect skipped due to KSN trusted
15:43:01.0916 0x03c8  Pml Driver HPZ12 - ok
15:43:01.0954 0x03c8  PnkBstrA - ok
15:43:01.0978 0x03c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:43:01.0993 0x03c8  PNRPAutoReg - ok
15:43:02.0027 0x03c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:43:02.0051 0x03c8  PNRPsvc - ok
15:43:02.0125 0x03c8  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:43:02.0164 0x03c8  PolicyAgent - ok
15:43:02.0207 0x03c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:43:02.0255 0x03c8  Power - ok
15:43:02.0294 0x03c8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:43:02.0339 0x03c8  PptpMiniport - ok
15:43:02.0362 0x03c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:43:02.0377 0x03c8  Processor - ok
15:43:02.0432 0x03c8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:43:02.0503 0x03c8  ProfSvc - ok
15:43:02.0517 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:43:02.0531 0x03c8  ProtectedStorage - ok
15:43:02.0560 0x03c8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:43:02.0605 0x03c8  Psched - ok
15:43:02.0692 0x03c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:43:02.0786 0x03c8  ql2300 - ok
15:43:02.0819 0x03c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:43:02.0835 0x03c8  ql40xx - ok
15:43:02.0879 0x03c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:43:02.0908 0x03c8  QWAVE - ok
15:43:02.0938 0x03c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:43:02.0957 0x03c8  QWAVEdrv - ok
15:43:02.0971 0x03c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:43:03.0058 0x03c8  RasAcd - ok
15:43:03.0107 0x03c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:03.0151 0x03c8  RasAgileVpn - ok
15:43:03.0182 0x03c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:43:03.0252 0x03c8  RasAuto - ok
15:43:03.0304 0x03c8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:03.0352 0x03c8  Rasl2tp - ok
15:43:03.0388 0x03c8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:43:03.0486 0x03c8  RasMan - ok
15:43:03.0526 0x03c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:03.0609 0x03c8  RasPppoe - ok
15:43:03.0637 0x03c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:43:03.0705 0x03c8  RasSstp - ok
15:43:03.0762 0x03c8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:43:03.0813 0x03c8  rdbss - ok
15:43:03.0853 0x03c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:43:03.0900 0x03c8  rdpbus - ok
15:43:03.0932 0x03c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:43:03.0981 0x03c8  RDPCDD - ok
15:43:03.0993 0x03c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:43:04.0036 0x03c8  RDPENCDD - ok
15:43:04.0056 0x03c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:43:04.0108 0x03c8  RDPREFMP - ok
15:43:04.0165 0x03c8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:43:04.0229 0x03c8  RDPWD - ok
15:43:04.0260 0x03c8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:43:04.0280 0x03c8  rdyboost - ok
15:43:04.0311 0x03c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:43:04.0367 0x03c8  RemoteAccess - ok
15:43:04.0409 0x03c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:43:04.0461 0x03c8  RemoteRegistry - ok
15:43:04.0510 0x03c8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:43:04.0552 0x03c8  RFCOMM - ok
15:43:04.0592 0x03c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:43:04.0661 0x03c8  RpcEptMapper - ok
15:43:04.0703 0x03c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:43:04.0736 0x03c8  RpcLocator - ok
15:43:04.0799 0x03c8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
15:43:04.0839 0x03c8  RpcSs - ok
15:43:04.0877 0x03c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:43:04.0924 0x03c8  rspndr - ok
15:43:04.0992 0x03c8  [ BB1C3DF1D6CC0972E9C7268A19E62D2E, C362BA0CB2B8CC0CBBD44A76DBC8FD2B44546B027CD794DC64E24D50BEA4FAC6 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:43:05.0016 0x03c8  RSUSBSTOR - ok
15:43:05.0127 0x03c8  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:43:05.0165 0x03c8  RTL8167 - ok
15:43:05.0233 0x03c8  [ 301FBA4594FB5C0A469299A65106B4AA, 53683D49420B4647DBA63B1A6328511620DF615EAE6F42221A16AD3D3B77EE19 ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
15:43:05.0251 0x03c8  s1018bus - ok
15:43:05.0290 0x03c8  [ D1D7C744F79710357E60FC04D125ED01, E7C10217323887E2605872720BB36BAB5CF3E24BDA1365F033A79EBB817A397B ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
15:43:05.0300 0x03c8  s1018mdfl - ok
15:43:05.0352 0x03c8  [ 7DBE12CCCD837D4266B2DDD80A329C09, 557873A5D508471108F1756FEE5D88F80702D7CA3D7684B61046C1C5A80E14D9 ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
15:43:05.0367 0x03c8  s1018mdm - ok
15:43:05.0452 0x03c8  [ 065FF5E62D2D18A6D93FD925546CD549, 18D38DA96C618B96BE715E2E3F17C15E80468879DB68E3AAB333E0CBB3822070 ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
15:43:05.0465 0x03c8  s1018mgmt - ok
15:43:05.0517 0x03c8  [ 5101D815BDF0D667E3D5F0EA727CAAEE, 070BCE2EE15DD067E794BF80A79011B646775E55EE848614DFD45E405420AB0D ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
15:43:05.0527 0x03c8  s1018nd5 - ok
15:43:05.0548 0x03c8  [ 13F220C65B444AC9BDA49DACFC3230BB, 996B46949AEE14D1D43D9D68759CA0EBA7C43B83363E2F2C674A9A0A249C7881 ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
15:43:05.0561 0x03c8  s1018obex - ok
15:43:05.0598 0x03c8  [ CE7D8BCE80211D8A35F6BD7A87791860, 93A5DEB41B5AA3F706EB5F601BB3CFF45B51310BBB3D0320A91B4A2CF9560B6D ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
15:43:05.0614 0x03c8  s1018unic - ok
15:43:05.0639 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] SamSs           C:\Windows\system32\lsass.exe
15:43:05.0656 0x03c8  SamSs - ok
15:43:05.0691 0x03c8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:43:05.0706 0x03c8  sbp2port - ok
15:43:05.0737 0x03c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:43:05.0814 0x03c8  SCardSvr - ok
15:43:05.0849 0x03c8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:43:05.0890 0x03c8  scfilter - ok
15:43:06.0010 0x03c8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:43:06.0118 0x03c8  Schedule - ok
15:43:06.0144 0x03c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:43:06.0193 0x03c8  SCPolicySvc - ok
15:43:06.0240 0x03c8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:43:06.0310 0x03c8  SDRSVC - ok
15:43:06.0336 0x03c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:43:06.0395 0x03c8  secdrv - ok
15:43:06.0446 0x03c8  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
15:43:06.0471 0x03c8  seclogon - ok
15:43:06.0498 0x03c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:43:06.0563 0x03c8  SENS - ok
15:43:06.0590 0x03c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:43:06.0617 0x03c8  SensrSvc - ok
15:43:06.0642 0x03c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:43:06.0656 0x03c8  Serenum - ok
15:43:06.0686 0x03c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:43:06.0722 0x03c8  Serial - ok
15:43:06.0745 0x03c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:43:06.0759 0x03c8  sermouse - ok
15:43:06.0792 0x03c8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:43:06.0863 0x03c8  SessionEnv - ok
15:43:06.0886 0x03c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:43:06.0922 0x03c8  sffdisk - ok
15:43:06.0951 0x03c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:43:06.0966 0x03c8  sffp_mmc - ok
15:43:06.0989 0x03c8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:43:07.0006 0x03c8  sffp_sd - ok
15:43:07.0018 0x03c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:43:07.0031 0x03c8  sfloppy - ok
15:43:07.0099 0x03c8  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:43:07.0138 0x03c8  Sftfs - ok
15:43:07.0228 0x03c8  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:43:07.0259 0x03c8  sftlist - ok
15:43:07.0288 0x03c8  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:43:07.0309 0x03c8  Sftplay - ok
15:43:07.0335 0x03c8  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:43:07.0346 0x03c8  Sftredir - ok
15:43:07.0361 0x03c8  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:43:07.0373 0x03c8  Sftvol - ok
15:43:07.0430 0x03c8  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:43:07.0449 0x03c8  sftvsa - ok
15:43:07.0495 0x03c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:43:07.0550 0x03c8  SharedAccess - ok
15:43:07.0588 0x03c8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:07.0643 0x03c8  ShellHWDetection - ok
15:43:07.0681 0x03c8  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
15:43:07.0715 0x03c8  SiSGbeLH - ok
15:43:07.0741 0x03c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:43:07.0754 0x03c8  SiSRaid2 - ok
15:43:07.0771 0x03c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:43:07.0785 0x03c8  SiSRaid4 - ok
15:43:07.0903 0x03c8  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:43:07.0930 0x03c8  SkypeUpdate - ok
15:43:07.0960 0x03c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:43:08.0005 0x03c8  Smb - ok
15:43:08.0048 0x03c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:43:08.0064 0x03c8  SNMPTRAP - ok
15:43:08.0077 0x03c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:43:08.0089 0x03c8  spldr - ok
15:43:08.0132 0x03c8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:43:08.0175 0x03c8  Spooler - ok
15:43:08.0347 0x03c8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:43:08.0562 0x03c8  sppsvc - ok
15:43:08.0594 0x03c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:43:08.0640 0x03c8  sppuinotify - ok
15:43:08.0703 0x03c8  [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd            C:\Windows\System32\Drivers\sptd.sys
15:43:08.0737 0x03c8  sptd - ok
15:43:08.0807 0x03c8  [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:43:08.0853 0x03c8  srv - ok
15:43:08.0881 0x03c8  [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:43:08.0928 0x03c8  srv2 - ok
15:43:08.0973 0x03c8  [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:43:09.0015 0x03c8  srvnet - ok
15:43:09.0061 0x03c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:43:09.0114 0x03c8  SSDPSRV - ok
15:43:09.0134 0x03c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:43:09.0189 0x03c8  SstpSvc - ok
15:43:09.0252 0x03c8  [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
15:43:09.0268 0x03c8  ss_bus - ok
15:43:09.0316 0x03c8  [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
15:43:09.0325 0x03c8  ss_mdfl - ok
15:43:09.0343 0x03c8  [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
15:43:09.0358 0x03c8  ss_mdm - ok
15:43:09.0385 0x03c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:43:09.0401 0x03c8  stexstor - ok
15:43:09.0458 0x03c8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:43:09.0503 0x03c8  stisvc - ok
15:43:09.0519 0x03c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:43:09.0530 0x03c8  swenum - ok
15:43:09.0579 0x03c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:43:09.0645 0x03c8  swprv - ok
15:43:09.0755 0x03c8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:43:09.0872 0x03c8  SysMain - ok
15:43:09.0908 0x03c8  SystemStoreService - ok
15:43:09.0943 0x03c8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:09.0968 0x03c8  TabletInputService - ok
15:43:09.0994 0x03c8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:43:10.0072 0x03c8  TapiSrv - ok
15:43:10.0214 0x03c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:43:10.0295 0x03c8  Tcpip - ok
15:43:10.0403 0x03c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:43:10.0478 0x03c8  TCPIP6 - ok
15:43:10.0519 0x03c8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:43:10.0536 0x03c8  tcpipreg - ok
15:43:10.0559 0x03c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:43:10.0618 0x03c8  TDPIPE - ok
15:43:10.0671 0x03c8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:43:10.0685 0x03c8  TDTCP - ok
15:43:10.0737 0x03c8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:43:10.0753 0x03c8  tdx - ok
15:43:10.0799 0x03c8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:43:10.0816 0x03c8  TermDD - ok
15:43:10.0888 0x03c8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:43:10.0957 0x03c8  TermService - ok
15:43:10.0985 0x03c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:43:11.0038 0x03c8  Themes - ok
15:43:11.0072 0x03c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:43:11.0117 0x03c8  THREADORDER - ok
15:43:11.0146 0x03c8  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:43:11.0186 0x03c8  TPM - ok
15:43:11.0231 0x03c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:43:11.0310 0x03c8  TrkWks - ok
15:43:11.0363 0x03c8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:11.0420 0x03c8  TrustedInstaller - ok
15:43:11.0469 0x03c8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:11.0484 0x03c8  tssecsrv - ok
15:43:11.0536 0x03c8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:43:11.0555 0x03c8  TsUsbFlt - ok
15:43:11.0575 0x03c8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:43:11.0613 0x03c8  TsUsbGD - ok
15:43:11.0653 0x03c8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:43:11.0730 0x03c8  tunnel - ok
15:43:11.0756 0x03c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:43:11.0770 0x03c8  uagp35 - ok
15:43:11.0811 0x03c8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:43:11.0907 0x03c8  udfs - ok
15:43:11.0949 0x03c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:43:11.0968 0x03c8  UI0Detect - ok
15:43:11.0999 0x03c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:43:12.0014 0x03c8  uliagpkx - ok
15:43:12.0035 0x03c8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:43:12.0052 0x03c8  umbus - ok
15:43:12.0063 0x03c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:43:12.0076 0x03c8  UmPass - ok
15:43:12.0246 0x03c8  [ 3C5405EF78576E8E4D791EB18F6856A8, 18FD6A5C0ACD045B324F46C7C596D537D52F43B7F2896F0D54CEBEFF4886CAEC ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:43:12.0268 0x03c8  UNS - ok
15:43:12.0308 0x03c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:43:12.0393 0x03c8  upnphost - ok
15:43:12.0427 0x03c8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:12.0452 0x03c8  usbccgp - ok
15:43:12.0486 0x03c8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:43:12.0511 0x03c8  usbcir - ok
15:43:12.0531 0x03c8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:43:12.0565 0x03c8  usbehci - ok
15:43:12.0623 0x03c8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:43:12.0675 0x03c8  usbhub - ok
15:43:12.0718 0x03c8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:43:12.0732 0x03c8  usbohci - ok
15:43:12.0762 0x03c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:43:12.0783 0x03c8  usbprint - ok
15:43:12.0813 0x03c8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:43:12.0840 0x03c8  usbscan - ok
15:43:12.0894 0x03c8  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:43:12.0927 0x03c8  USBSTOR - ok
15:43:12.0958 0x03c8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:43:12.0972 0x03c8  usbuhci - ok
15:43:13.0013 0x03c8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:43:13.0044 0x03c8  usbvideo - ok
15:43:13.0077 0x03c8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:43:13.0099 0x03c8  usb_rndisx - ok
15:43:13.0127 0x03c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:43:13.0178 0x03c8  UxSms - ok
15:43:13.0195 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] VaultSvc        C:\Windows\system32\lsass.exe
15:43:13.0208 0x03c8  VaultSvc - ok
15:43:13.0252 0x03c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:43:13.0267 0x03c8  vdrvroot - ok
15:43:13.0304 0x03c8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:43:13.0403 0x03c8  vds - ok
15:43:13.0487 0x03c8  [ E4DA1D85CCCB610DFF0C0E116900E17F, 874EB88B9E2743654094F04AB04C254BBDFBCDECBB200514E73F696098B847F3 ] vflt            C:\Windows\system32\DRIVERS\vfilter.sys
15:43:13.0514 0x03c8  vflt - ok
15:43:13.0550 0x03c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:13.0567 0x03c8  vga - ok
15:43:13.0581 0x03c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:43:13.0661 0x03c8  VgaSave - ok
15:43:13.0694 0x03c8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:43:13.0714 0x03c8  vhdmp - ok
15:43:13.0733 0x03c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:43:13.0745 0x03c8  viaide - ok
15:43:13.0775 0x03c8  [ A99CA064AD11266FE7067A79BF78BBB5, B5AFFBA1A9A6E51639A89B9F6C0678E70F73D2BF37D5F88F4AD45DFC6798597D ] vnet            C:\Windows\system32\DRIVERS\virtualnet.sys
15:43:13.0798 0x03c8  vnet - ok
15:43:13.0815 0x03c8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:43:13.0829 0x03c8  volmgr - ok
15:43:13.0865 0x03c8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:43:13.0890 0x03c8  volmgrx - ok
15:43:13.0917 0x03c8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:43:13.0940 0x03c8  volsnap - ok
15:43:14.0024 0x03c8  [ CED5750ECF0D60F76727BE53CE05ED68, 192E7767BED6C1EA925F5A790EC75A1C2BC4FF20F6C832A1C910D515AA565B69 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
15:43:14.0057 0x03c8  vpnagent - ok
15:43:14.0109 0x03c8  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
15:43:14.0125 0x03c8  vpnva - ok
15:43:14.0161 0x03c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:43:14.0179 0x03c8  vsmraid - ok
15:43:14.0274 0x03c8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:43:14.0392 0x03c8  VSS - ok
15:43:14.0418 0x03c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:43:14.0439 0x03c8  vwifibus - ok
15:43:14.0449 0x03c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:14.0493 0x03c8  vwififlt - ok
15:43:14.0532 0x03c8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:43:14.0578 0x03c8  vwifimp - ok
15:43:14.0625 0x03c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:43:14.0684 0x03c8  W32Time - ok
15:43:14.0709 0x03c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:43:14.0750 0x03c8  WacomPen - ok
15:43:14.0788 0x03c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:43:14.0860 0x03c8  WANARP - ok
15:43:14.0885 0x03c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:43:14.0931 0x03c8  Wanarpv6 - ok
15:43:15.0072 0x03c8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:43:15.0133 0x03c8  WatAdminSvc - ok
15:43:15.0240 0x03c8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:43:15.0333 0x03c8  wbengine - ok
15:43:15.0371 0x03c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:43:15.0430 0x03c8  WbioSrvc - ok
15:43:15.0493 0x03c8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:43:15.0530 0x03c8  wcncsvc - ok
15:43:15.0552 0x03c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:15.0580 0x03c8  WcsPlugInService - ok
15:43:15.0594 0x03c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:43:15.0606 0x03c8  Wd - ok
15:43:15.0665 0x03c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:43:15.0709 0x03c8  Wdf01000 - ok
15:43:15.0745 0x03c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:43:15.0777 0x03c8  WdiServiceHost - ok
15:43:15.0784 0x03c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:43:15.0803 0x03c8  WdiSystemHost - ok
15:43:15.0861 0x03c8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:43:15.0893 0x03c8  WebClient - ok
15:43:15.0920 0x03c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:43:15.0976 0x03c8  Wecsvc - ok
15:43:15.0996 0x03c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:43:16.0063 0x03c8  wercplsupport - ok
15:43:16.0114 0x03c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:43:16.0169 0x03c8  WerSvc - ok
15:43:16.0192 0x03c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:16.0250 0x03c8  WfpLwf - ok
15:43:16.0311 0x03c8  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:43:16.0329 0x03c8  WimFltr - ok
15:43:16.0354 0x03c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:43:16.0370 0x03c8  WIMMount - ok
15:43:16.0401 0x03c8  WinDefend - ok
15:43:16.0425 0x03c8  WinHttpAutoProxySvc - ok
15:43:16.0487 0x03c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:43:16.0570 0x03c8  Winmgmt - ok
15:43:16.0701 0x03c8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:43:16.0810 0x03c8  WinRM - ok
15:43:16.0866 0x03c8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:43:16.0891 0x03c8  WinUsb - ok
15:43:16.0968 0x03c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:43:17.0022 0x03c8  Wlansvc - ok
15:43:17.0099 0x03c8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:43:17.0111 0x03c8  wlcrasvc - ok
15:43:17.0276 0x03c8  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:43:17.0368 0x03c8  wlidsvc - ok
15:43:17.0394 0x03c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:43:17.0430 0x03c8  WmiAcpi - ok
15:43:17.0477 0x03c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:43:17.0501 0x03c8  wmiApSrv - ok
15:43:17.0527 0x03c8  WMPNetworkSvc - ok
15:43:17.0547 0x03c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:43:17.0573 0x03c8  WPCSvc - ok
15:43:17.0585 0x03c8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:43:17.0625 0x03c8  WPDBusEnum - ok
15:43:17.0659 0x03c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:43:17.0701 0x03c8  ws2ifsl - ok
15:43:17.0730 0x03c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:43:17.0772 0x03c8  wscsvc - ok
15:43:17.0777 0x03c8  WSearch - ok
15:43:17.0959 0x03c8  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:43:18.0095 0x03c8  wuauserv - ok
15:43:18.0127 0x03c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:43:18.0150 0x03c8  WudfPf - ok
15:43:18.0182 0x03c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:18.0202 0x03c8  WUDFRd - ok
15:43:18.0230 0x03c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:43:18.0248 0x03c8  wudfsvc - ok
15:43:18.0286 0x03c8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:43:18.0325 0x03c8  WwanSvc - ok
15:43:18.0382 0x03c8  ================ Scan global ===============================
15:43:18.0427 0x03c8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:43:18.0479 0x03c8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:43:18.0501 0x03c8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:43:18.0535 0x03c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:43:18.0578 0x03c8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:43:18.0590 0x03c8  [ Global ] - ok
15:43:18.0591 0x03c8  ================ Scan MBR ==================================
15:43:18.0599 0x03c8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:43:18.0683 0x03c8  \Device\Harddisk0\DR0 - ok
15:43:18.0684 0x03c8  ================ Scan VBR ==================================
15:43:18.0686 0x03c8  [ A61950525177438573CFB3403C148985 ] \Device\Harddisk0\DR0\Partition1
15:43:18.0688 0x03c8  \Device\Harddisk0\DR0\Partition1 - ok
15:43:18.0721 0x03c8  [ 086E329F5B6B3361D1A3C70D4729D98E ] \Device\Harddisk0\DR0\Partition2
15:43:18.0721 0x03c8  \Device\Harddisk0\DR0\Partition2 - ok
15:43:18.0731 0x03c8  [ 929F8AF0832A2C47C4122DADA709B7AA ] \Device\Harddisk0\DR0\Partition3
15:43:18.0733 0x03c8  \Device\Harddisk0\DR0\Partition3 - ok
15:43:18.0763 0x03c8  [ 2BC8539521F6C11277A05A8FA6D13283 ] \Device\Harddisk0\DR0\Partition4
15:43:18.0764 0x03c8  \Device\Harddisk0\DR0\Partition4 - ok
15:43:18.0765 0x03c8  ================ Scan generic autorun ======================
15:43:18.0765 0x03c8  ETDCtrl - ok
15:43:18.0935 0x03c8  [ 384366C69DF4C11133915C3315F541CC, BD41B24DA14D30F927DBA4377EB3ED3D28DED1E61159D99B29D9E90CECBBEB71 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
15:43:18.0984 0x03c8  Nvtmru - ok
15:43:19.0052 0x03c8  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:43:19.0077 0x03c8  AdobeAAMUpdater-1.0 - ok
15:43:19.0111 0x03c8  [ BE49AF92F13030E188DBE8E2841D173A, AFC312A888F63D34E4F4E27A3FF50D5569BCAF0DD061671CC661E778FEC02EEB ] C:\Windows\system32\igfxtray.exe
15:43:19.0127 0x03c8  IgfxTray - ok
15:43:19.0150 0x03c8  [ 664FF61BE83FCACBF67A8D307011ADF5, B5270D13A355002336D25C092C042CA8E36795D23EB81134418BB2A8ABFBDF66 ] C:\Windows\system32\hkcmd.exe
15:43:19.0175 0x03c8  HotKeysCmds - ok
15:43:19.0223 0x03c8  [ 899D435E1C190C204E349CE0E483098B, FC6E84D7A382FBCBF3B2DAA4B75BD78F447359F314C1CD4424759E2EC97FD2DE ] C:\Windows\system32\igfxpers.exe
15:43:19.0252 0x03c8  Persistence - ok
15:43:19.0388 0x03c8  MRT - ok
15:43:19.0588 0x03c8  [ 86D3BEA2B995DCEA877D25725D77DC5E, 5C91AD24E7473D5E665A68A7CF52BDD8A795E63E864246577C6F7D4C82F1E5C1 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
15:43:19.0799 0x03c8  ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
15:43:20.0031 0x03c8  Detect skipped due to KSN trusted
15:43:20.0031 0x03c8  ASUSPRP - ok
15:43:20.0095 0x03c8  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:43:20.0114 0x03c8  USB3MON - ok
15:43:20.0191 0x03c8  [ D9AB754613208112B840C75B6762B909, 6869D2E42852A24BF7E34C396E790808729CFCF1086F8AF18E0EBD1071C4C2EF ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
15:43:20.0210 0x03c8  ATKOSD2 - ok
15:43:20.0231 0x03c8  [ BC31B27061F27E8968CD0435C038F712, E2FAB6AF6CFFB7762B9A82E156D9D63B53B278D72BC4CCA870AC9016917ED683 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
15:43:20.0245 0x03c8  ATKMEDIA - ok
15:43:20.0293 0x03c8  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
15:43:20.0308 0x03c8  HControlUser - ok
15:43:20.0455 0x03c8  [ B9BF29CC884BDD499803C3ED1F97FA41, 0432039F03F8708746FEB2BD4D045DDA9DE9E3DD737023676DEA1EDADDD9B1F3 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
15:43:20.0546 0x03c8  Wireless Console 3 - ok
15:43:20.0659 0x03c8  [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
15:43:20.0712 0x03c8  DivXUpdate - ok
15:43:20.0759 0x03c8  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:43:20.0777 0x03c8  SunJavaUpdateSched - ok
15:43:20.0878 0x03c8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
15:43:20.0890 0x03c8  HP Software Update - ok
15:43:20.0987 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0054 0x03c8  Sidebar - ok
15:43:21.0087 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0137 0x03c8  mctadmin - ok
15:43:21.0214 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0265 0x03c8  Sidebar - ok
15:43:21.0288 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0310 0x03c8  mctadmin - ok
15:43:21.0382 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0438 0x03c8  Sidebar - ok
15:43:21.0454 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0480 0x03c8  mctadmin - ok
15:43:21.0587 0x03c8  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:43:21.0678 0x03c8  Sidebar - ok
15:43:21.0753 0x03c8  AVG-Secure-Search-Update_0913b - ok
15:43:21.0847 0x03c8  [ 0346AAE0888B0EDE2598891400444F40, 641B8F015DA3A1876C19F10B8E3C800A6A596CCB14AA7A3A5B48F7873F3967A9 ] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
15:43:21.0901 0x03c8  Remote Mouse - detected UnsignedFile.Multi.Generic ( 1 )
15:43:22.0130 0x03c8  Detect skipped due to KSN trusted
15:43:22.0130 0x03c8  Remote Mouse - ok
15:43:22.0435 0x03c8  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Miriam Buser\AppData\Local\Akamai\netsession_win.exe
15:43:22.0659 0x03c8  Akamai NetSession Interface - ok
15:43:22.0804 0x03c8  [ 5BD320A19EA11F9FDDA3AF9BA3CE1280, 48A5B053D893776DBC88B017A401D0FAA6B7669A0F11CA667B112E965510005C ] C:\Users\Miriam Buser\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:43:22.0870 0x03c8  Spotify Web Helper - ok
15:43:22.0986 0x03c8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Miriam Buser\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:43:23.0000 0x03c8  Dropbox Update - ok
15:43:23.0038 0x03c8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:43:23.0119 0x03c8  RESTART_STICKY_NOTES - ok
15:43:23.0120 0x03c8  Waiting for KSN requests completion. In queue: 170
15:43:24.0203 0x03c8  Win FW state via NFP2: enabled ( trusted )
15:43:24.0424 0x03c8  ============================================================
15:43:24.0424 0x03c8  Scan finished
15:43:24.0424 0x03c8  ============================================================
15:43:24.0438 0x0730  Detected object count: 0
15:43:24.0438 0x0730  Actual detected object count: 0

Chascona · 19.09.2016, 19:52

Code:

ATTFilter

15:41:29.0279 0x069c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:41:29.0279 0x069c  UEFI system
15:41:35.0738 0x069c  ============================================================
15:41:35.0738 0x069c  Current date / time: 2016/09/19 15:41:35.0738
15:41:35.0738 0x069c  SystemInfo:
15:41:35.0738 0x069c  
15:41:35.0738 0x069c  OS Version: 6.1.7601 ServicePack: 1.0
15:41:35.0738 0x069c  Product type: Workstation
15:41:35.0738 0x069c  ComputerName: ***
15:41:35.0738 0x069c  UserName: ***
15:41:35.0738 0x069c  Windows directory: C:\Windows
15:41:35.0738 0x069c  System windows directory: C:\Windows
15:41:35.0738 0x069c  Running under WOW64
15:41:35.0738 0x069c  Processor architecture: Intel x64
15:41:35.0738 0x069c  Number of processors: 4
15:41:35.0738 0x069c  Page size: 0x1000
15:41:35.0738 0x069c  Boot type: Normal boot
15:41:35.0738 0x069c  CodeIntegrityOptions = 0x00000001
15:41:35.0738 0x069c  ============================================================
15:41:36.0206 0x069c  KLMD registered as C:\Windows\system32\drivers\81158710.sys
15:41:36.0206 0x069c  KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23418, osProperties = 0x1
15:41:37.0173 0x069c  System UUID: {15847918-A0DB-0DCF-BE3D-E77BA7618038}
15:41:37.0875 0x069c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:41:37.0891 0x069c  ============================================================
15:41:37.0891 0x069c  \Device\Harddisk0\DR0:
15:41:37.0891 0x069c  GPT partitions:
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {254607CA-2283-44AE-9D11-C4DC5C87709C}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CAFB138C-EC31-492D-88B2-5ECB7C6B5E86}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7AC58CFB-3A7B-4281-ABA7-E9915A803AD0}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0x370E1800
15:41:37.0891 0x069c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {482C0C54-1501-4CE5-BE86-A683B9B61F32}, Name: Basic data partition, StartLBA 0x37186000, BlocksNum 0x3200000
15:41:37.0891 0x069c  MBR partitions:
15:41:37.0891 0x069c  ============================================================
15:41:37.0922 0x069c  C: <-> \Device\Harddisk0\DR0\Partition3
15:41:37.0922 0x069c  ============================================================
15:41:37.0922 0x069c  Initialize success
15:41:37.0922 0x069c  ============================================================
15:42:20.0167 0x03c8  ============================================================
15:42:20.0167 0x03c8  Scan started
15:42:20.0167 0x03c8  Mode: Manual; SigCheck; TDLFS; 
15:42:20.0167 0x03c8  ============================================================
15:42:20.0167 0x03c8  KSN ping started
15:42:31.0420 0x03c8  KSN ping finished: true
15:42:32.0344 0x03c8  ================ Scan system memory ========================
15:42:32.0344 0x03c8  System memory - ok
15:42:32.0347 0x03c8  ================ Scan services =============================
15:42:32.0592 0x03c8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:42:32.0878 0x03c8  1394ohci - ok
15:42:33.0033 0x03c8  ACDaemon - ok
15:42:33.0092 0x03c8  [ 6E9C8B324980AFE454C6F7762E2B4478, B65CC18B2A63EC28FF125F547F71FD265299CE30128174AE05FFEE05108B69AC ] acedrv07        C:\Windows\system32\drivers\acedrv07.sys
15:42:33.0101 0x03c8  acedrv07 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:33.0358 0x03c8  Detect skipped due to KSN trusted
15:42:33.0358 0x03c8  acedrv07 - ok
15:42:33.0398 0x03c8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:42:33.0424 0x03c8  ACPI - ok
15:42:33.0449 0x03c8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:42:33.0483 0x03c8  AcpiPmi - ok
15:42:33.0563 0x03c8  [ F28ADE410436B42A3FCB53C38CEFEFC8, 15FAF5CFC498FA08FF086C2AE50CBD0414D325F92FB1DA44F521CA0F1078B2C3 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
15:42:33.0598 0x03c8  acsock - ok
15:42:33.0696 0x03c8  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:42:33.0709 0x03c8  AdobeARMservice - ok
15:42:34.0007 0x03c8  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:42:34.0025 0x03c8  AdobeFlashPlayerUpdateSvc - ok
15:42:34.0110 0x03c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:42:34.0143 0x03c8  adp94xx - ok
15:42:34.0229 0x03c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:42:34.0254 0x03c8  adpahci - ok
15:42:34.0275 0x03c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:42:34.0293 0x03c8  adpu320 - ok
15:42:34.0354 0x03c8  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:42:34.0383 0x03c8  AeLookupSvc - ok
15:42:34.0459 0x03c8  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:42:34.0482 0x03c8  AFBAgent - ok
15:42:34.0577 0x03c8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:42:34.0655 0x03c8  AFD - ok
15:42:34.0751 0x03c8  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:42:34.0820 0x03c8  AgereSoftModem - ok
15:42:34.0847 0x03c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:42:34.0861 0x03c8  agp440 - ok
15:42:34.0933 0x03c8  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
15:42:34.0942 0x03c8  AiCharger - ok
15:42:34.0985 0x03c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:42:35.0023 0x03c8  ALG - ok
15:42:35.0058 0x03c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:42:35.0070 0x03c8  aliide - ok
15:42:35.0084 0x03c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:42:35.0096 0x03c8  amdide - ok
15:42:35.0131 0x03c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:42:35.0194 0x03c8  AmdK8 - ok
15:42:35.0209 0x03c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:42:35.0223 0x03c8  AmdPPM - ok
15:42:35.0255 0x03c8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:42:35.0270 0x03c8  amdsata - ok
15:42:35.0309 0x03c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:42:35.0327 0x03c8  amdsbs - ok
15:42:35.0348 0x03c8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:42:35.0361 0x03c8  amdxata - ok
15:42:35.0426 0x03c8  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
15:42:35.0489 0x03c8  AppID - ok
15:42:35.0514 0x03c8  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:42:35.0527 0x03c8  AppIDSvc - ok
15:42:35.0581 0x03c8  [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo         C:\Windows\System32\appinfo.dll
15:42:35.0616 0x03c8  Appinfo - ok
15:42:35.0645 0x03c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:42:35.0666 0x03c8  arc - ok
15:42:35.0692 0x03c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:42:35.0707 0x03c8  arcsas - ok
15:42:35.0755 0x03c8  [ A1CE3ED832EF7C903ADA43A64356B76D, 5920D602F1D04DFAF3E978CB64905208D4FDF8716CAD7EAECCB319CC73F6BB46 ] arcvad_ds2dhw   C:\Windows\system32\drivers\ArcVad.sys
15:42:35.0784 0x03c8  arcvad_ds2dhw - ok
15:42:35.0925 0x03c8  [ A3626C6D3F2DC95497F3F61842D7FD89, BB95BAFD3BE22136595D889DADAD67C68ACE6A6EAB02B026C254D97C9E9F2E62 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:42:35.0937 0x03c8  ASLDRService - ok
15:42:35.0966 0x03c8  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:42:35.0977 0x03c8  ASMMAP64 - ok
15:42:36.0119 0x03c8  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:42:36.0136 0x03c8  aspnet_state - ok
15:42:36.0228 0x03c8  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
15:42:36.0250 0x03c8  ASUS InstantOn - ok
15:42:36.0301 0x03c8  [ CBF4C9263F35A9E80E4AD5CBBAE6049C, 5C0871C95DB9E6FF3D1CBDCB1B76BB3CE20ADA23B6C2C8435D7BCE7E71C43346 ] AsusVBus        C:\Windows\system32\DRIVERS\AsusVBus.sys
15:42:36.0311 0x03c8  AsusVBus - ok
15:42:36.0334 0x03c8  [ C951F6F1D909E1AAD7160D9EE860A3F1, D8E3DDD6EB4516CE3D3C4DBA2AE9B77EBFEDDE817035B40447F63CF3DCF1275D ] AsusVTouch      C:\Windows\system32\DRIVERS\AsusVTouch.sys
15:42:36.0343 0x03c8  AsusVTouch - ok
15:42:36.0375 0x03c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:36.0485 0x03c8  AsyncMac - ok
15:42:36.0539 0x03c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:42:36.0550 0x03c8  atapi - ok
15:42:36.0716 0x03c8  [ 3D68A1EEF77307142636AF5127990BCB, 30926B2E1371287FF39C69C363BE4FAC67C558867D903C555A12316D303A43E8 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:42:36.0861 0x03c8  athr - ok
15:42:36.0893 0x03c8  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:42:36.0908 0x03c8  ATKGFNEXSrv - ok
15:42:36.0978 0x03c8  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:42:36.0987 0x03c8  ATKWMIACPIIO - ok
15:42:37.0066 0x03c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:42:37.0121 0x03c8  AudioEndpointBuilder - ok
15:42:37.0148 0x03c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:42:37.0190 0x03c8  AudioSrv - ok
15:42:37.0246 0x03c8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:42:37.0337 0x03c8  AxInstSV - ok
15:42:37.0394 0x03c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:42:37.0439 0x03c8  b06bdrv - ok
15:42:37.0510 0x03c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:42:37.0542 0x03c8  b57nd60a - ok
15:42:37.0604 0x03c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:42:37.0634 0x03c8  BDESVC - ok
15:42:37.0667 0x03c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:42:37.0749 0x03c8  Beep - ok
15:42:37.0923 0x03c8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:42:38.0044 0x03c8  BFE - ok
15:42:38.0123 0x03c8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:42:38.0237 0x03c8  BITS - ok
15:42:38.0267 0x03c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:42:38.0287 0x03c8  blbdrive - ok
15:42:38.0317 0x03c8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:42:38.0353 0x03c8  bowser - ok
15:42:38.0379 0x03c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:42:38.0418 0x03c8  BrFiltLo - ok
15:42:38.0456 0x03c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:42:38.0477 0x03c8  BrFiltUp - ok
15:42:38.0514 0x03c8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:42:38.0550 0x03c8  Browser - ok
15:42:38.0595 0x03c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:42:38.0641 0x03c8  Brserid - ok
15:42:38.0683 0x03c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:38.0703 0x03c8  BrSerWdm - ok
15:42:38.0722 0x03c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:38.0745 0x03c8  BrUsbMdm - ok
15:42:38.0759 0x03c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:38.0778 0x03c8  BrUsbSer - ok
15:42:38.0826 0x03c8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:42:38.0886 0x03c8  BthEnum - ok
15:42:38.0901 0x03c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:42:38.0945 0x03c8  BTHMODEM - ok
15:42:39.0001 0x03c8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:42:39.0021 0x03c8  BthPan - ok
15:42:39.0068 0x03c8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:42:39.0100 0x03c8  BTHPORT - ok
15:42:39.0137 0x03c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:42:39.0189 0x03c8  bthserv - ok
15:42:39.0219 0x03c8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:42:39.0237 0x03c8  BTHUSB - ok
15:42:39.0267 0x03c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:42:39.0332 0x03c8  cdfs - ok
15:42:39.0390 0x03c8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:42:39.0413 0x03c8  cdrom - ok
15:42:39.0444 0x03c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:42:39.0526 0x03c8  CertPropSvc - ok
15:42:39.0557 0x03c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:42:39.0581 0x03c8  circlass - ok
15:42:39.0641 0x03c8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:42:39.0670 0x03c8  CLFS - ok
15:42:39.0754 0x03c8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:42:39.0772 0x03c8  clr_optimization_v2.0.50727_32 - ok
15:42:39.0796 0x03c8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:42:39.0814 0x03c8  clr_optimization_v2.0.50727_64 - ok
15:42:39.0923 0x03c8  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:42:39.0949 0x03c8  clr_optimization_v4.0.30319_32 - ok
15:42:40.0002 0x03c8  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:42:40.0023 0x03c8  clr_optimization_v4.0.30319_64 - ok
15:42:40.0073 0x03c8  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
15:42:40.0088 0x03c8  clwvd - ok
15:42:40.0162 0x03c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:42:40.0181 0x03c8  CmBatt - ok
15:42:40.0210 0x03c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:42:40.0227 0x03c8  cmdide - ok
15:42:40.0301 0x03c8  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:42:40.0339 0x03c8  CNG - ok
15:42:40.0373 0x03c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:42:40.0388 0x03c8  Compbatt - ok
15:42:40.0405 0x03c8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:42:40.0447 0x03c8  CompositeBus - ok
15:42:40.0457 0x03c8  COMSysApp - ok
15:42:40.0545 0x03c8  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:42:40.0570 0x03c8  cphs - ok
15:42:40.0587 0x03c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:42:40.0602 0x03c8  crcdisk - ok
15:42:40.0673 0x03c8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:42:40.0741 0x03c8  CryptSvc - ok
15:42:40.0880 0x03c8  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:42:40.0927 0x03c8  cvhsvc - ok
15:42:40.0993 0x03c8  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
15:42:41.0002 0x03c8  CVirtA - ok
15:42:41.0094 0x03c8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:42:41.0139 0x03c8  DcomLaunch - ok
15:42:41.0175 0x03c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:42:41.0274 0x03c8  defragsvc - ok
15:42:41.0324 0x03c8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:42:41.0383 0x03c8  DfsC - ok
15:42:41.0421 0x03c8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:42:41.0504 0x03c8  Dhcp - ok
15:42:41.0665 0x03c8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:42:41.0752 0x03c8  DiagTrack - ok
15:42:41.0770 0x03c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:42:41.0833 0x03c8  discache - ok
15:42:41.0904 0x03c8  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
15:42:41.0918 0x03c8  Disk - ok
15:42:41.0984 0x03c8  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
15:42:42.0000 0x03c8  DNE - ok
15:42:42.0040 0x03c8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:42:42.0071 0x03c8  Dnscache - ok
15:42:42.0099 0x03c8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:42:42.0178 0x03c8  dot3svc - ok
15:42:42.0263 0x03c8  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:42:42.0287 0x03c8  Dot4 - ok
15:42:42.0336 0x03c8  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:42:42.0376 0x03c8  Dot4Print - ok
15:42:42.0410 0x03c8  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:42:42.0427 0x03c8  dot4usb - ok
15:42:42.0467 0x03c8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:42:42.0538 0x03c8  DPS - ok
15:42:42.0595 0x03c8  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:42:42.0618 0x03c8  drmkaud - ok
15:42:42.0721 0x03c8  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:42:42.0769 0x03c8  DXGKrnl - ok
15:42:42.0827 0x03c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:42:42.0873 0x03c8  EapHost - ok
15:42:43.0030 0x03c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:42:43.0197 0x03c8  ebdrv - ok
15:42:43.0250 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] EFS             C:\Windows\System32\lsass.exe
15:42:43.0274 0x03c8  EFS - ok
15:42:43.0388 0x03c8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:42:43.0447 0x03c8  ehRecvr - ok
15:42:43.0503 0x03c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:42:43.0571 0x03c8  ehSched - ok
15:42:43.0634 0x03c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:42:43.0664 0x03c8  elxstor - ok
15:42:43.0683 0x03c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:42:43.0697 0x03c8  ErrDev - ok
15:42:43.0745 0x03c8  [ 42B4D3D746B3625EF42233C3897E1F68, B496B5CDF687936D49C8F87D01D261310F9F45F84577F1C3EEACEADE18535B34 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:42:43.0762 0x03c8  ETD - ok
15:42:43.0818 0x03c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:42:43.0910 0x03c8  EventSystem - ok
15:42:43.0948 0x03c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:42:43.0997 0x03c8  exfat - ok
15:42:44.0031 0x03c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:42:44.0093 0x03c8  fastfat - ok
15:42:44.0177 0x03c8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:42:44.0235 0x03c8  Fax - ok
15:42:44.0257 0x03c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:42:44.0273 0x03c8  fdc - ok
15:42:44.0313 0x03c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:42:44.0384 0x03c8  fdPHost - ok
15:42:44.0407 0x03c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:42:44.0478 0x03c8  FDResPub - ok
15:42:44.0533 0x03c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:42:44.0547 0x03c8  FileInfo - ok
15:42:44.0559 0x03c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:42:44.0615 0x03c8  Filetrace - ok
15:42:44.0633 0x03c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:42:44.0647 0x03c8  flpydisk - ok
15:42:44.0677 0x03c8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:42:44.0699 0x03c8  FltMgr - ok
15:42:44.0801 0x03c8  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
15:42:44.0868 0x03c8  FontCache - ok
15:42:44.0910 0x03c8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:42:44.0921 0x03c8  FontCache3.0.0.0 - ok
15:42:44.0949 0x03c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:42:44.0962 0x03c8  FsDepends - ok
15:42:45.0000 0x03c8  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:42:45.0012 0x03c8  fssfltr - ok
15:42:45.0134 0x03c8  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:42:45.0205 0x03c8  fsssvc - ok
15:42:45.0232 0x03c8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:42:45.0245 0x03c8  Fs_Rec - ok
15:42:45.0273 0x03c8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:42:45.0296 0x03c8  fvevol - ok
15:42:45.0310 0x03c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:42:45.0324 0x03c8  gagp30kx - ok
15:42:45.0394 0x03c8  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
15:42:45.0446 0x03c8  gpsvc - ok
15:42:45.0560 0x03c8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:45.0574 0x03c8  gupdate - ok
15:42:45.0582 0x03c8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:45.0595 0x03c8  gupdatem - ok
15:42:45.0629 0x03c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:42:45.0657 0x03c8  hcw85cir - ok
15:42:45.0711 0x03c8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:45.0741 0x03c8  HdAudAddService - ok
15:42:45.0815 0x03c8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:42:45.0835 0x03c8  HDAudBus - ok
15:42:45.0881 0x03c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:42:45.0895 0x03c8  HidBatt - ok
15:42:45.0966 0x03c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:42:45.0985 0x03c8  HidBth - ok
15:42:46.0030 0x03c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:42:46.0078 0x03c8  HidIr - ok
15:42:46.0118 0x03c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:42:46.0177 0x03c8  hidserv - ok
15:42:46.0222 0x03c8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:42:46.0245 0x03c8  HidUsb - ok
15:42:46.0268 0x03c8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:42:46.0312 0x03c8  hkmsvc - ok
15:42:46.0340 0x03c8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:46.0370 0x03c8  HomeGroupListener - ok
15:42:46.0409 0x03c8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:46.0429 0x03c8  HomeGroupProvider - ok
15:42:46.0609 0x03c8  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:42:46.0646 0x03c8  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:46.0879 0x03c8  Detect skipped due to KSN trusted
15:42:46.0879 0x03c8  hpqcxs08 - ok
15:42:47.0014 0x03c8  [ 75CC8C5146A3FB76221A7606628778D5, 2FDD943E22E38083639DF61335DEFE9C38685158D8BF0528834C1B657DC1DE6F ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:42:47.0046 0x03c8  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:42:47.0276 0x03c8  Detect skipped due to KSN trusted
15:42:47.0276 0x03c8  hpqddsvc - ok
15:42:47.0358 0x03c8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:42:47.0371 0x03c8  HpSAMD - ok
15:42:47.0486 0x03c8  [ 2ADF33F93991C4E24E86FFA5F906417B, 426FFE6DF9E1B779DA52D7361C8ED03C25F8F8EF30BF3BAAE07D488C3A96C74F ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:42:47.0529 0x03c8  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:42:47.0770 0x03c8  Detect skipped due to KSN trusted
15:42:47.0770 0x03c8  HPSLPSVC - ok
15:42:47.0882 0x03c8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:42:47.0935 0x03c8  HTTP - ok
15:42:47.0968 0x03c8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:42:47.0984 0x03c8  hwpolicy - ok
15:42:48.0031 0x03c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:42:48.0047 0x03c8  i8042prt - ok
15:42:48.0120 0x03c8  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:42:48.0148 0x03c8  iaStor - ok
15:42:48.0193 0x03c8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:42:48.0219 0x03c8  iaStorV - ok
15:42:48.0327 0x03c8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:42:48.0370 0x03c8  idsvc - ok
15:42:48.0411 0x03c8  IEEtwCollectorService - ok
15:42:48.0654 0x03c8  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:42:49.0080 0x03c8  igfx - ok
15:42:49.0116 0x03c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:42:49.0133 0x03c8  iirsp - ok
15:42:49.0238 0x03c8  iked - ok
15:42:49.0323 0x03c8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:42:49.0368 0x03c8  IKEEXT - ok
15:42:49.0607 0x03c8  [ 40FB2F6CEB3FC935EC18D656D2758CD4, B21CA15932BA5858EC0578F01B2625B40878D9C2B06B5E20A6D84FCFCCD66C91 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:42:49.0857 0x03c8  IntcAzAudAddService - ok
15:42:49.0949 0x03c8  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:42:50.0020 0x03c8  IntcDAud - ok
15:42:50.0167 0x03c8  [ 896AA2F1D79662B17D5DBBE588E24E30, 834257B3C247ECA0130A55FB8E5F906F54B94A124FBB842DB7D679C030BD439B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
15:42:50.0183 0x03c8  Intel(R) ME Service - ok
15:42:50.0223 0x03c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:42:50.0234 0x03c8  intelide - ok
15:42:50.0271 0x03c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:42:50.0312 0x03c8  intelppm - ok
15:42:50.0364 0x03c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:42:50.0432 0x03c8  IPBusEnum - ok
15:42:50.0470 0x03c8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:50.0530 0x03c8  IpFilterDriver - ok
15:42:50.0588 0x03c8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:42:50.0635 0x03c8  iphlpsvc - ok
15:42:50.0669 0x03c8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:42:50.0685 0x03c8  IPMIDRV - ok
15:42:50.0717 0x03c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:42:50.0763 0x03c8  IPNAT - ok
15:42:50.0782 0x03c8  ipsecd - ok
15:42:50.0795 0x03c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:42:50.0835 0x03c8  IRENUM - ok
15:42:50.0854 0x03c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:42:50.0865 0x03c8  isapnp - ok
15:42:50.0928 0x03c8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:42:50.0950 0x03c8  iScsiPrt - ok
15:42:51.0018 0x03c8  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:42:51.0027 0x03c8  iusb3hcs - ok
15:42:51.0066 0x03c8  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:42:51.0090 0x03c8  iusb3hub - ok
15:42:51.0174 0x03c8  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:42:51.0211 0x03c8  iusb3xhc - ok
15:42:51.0281 0x03c8  [ 3C6630473DD42FFC57D9F5564F533127, 1B2BBB8CF7AD5BF3F99565DA49F51B1E15D4B35698C105C0597DDBEB2DA61A83 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:42:51.0295 0x03c8  jhi_service - ok
15:42:51.0310 0x03c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:42:51.0323 0x03c8  kbdclass - ok
15:42:51.0354 0x03c8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:42:51.0368 0x03c8  kbdhid - ok
15:42:51.0430 0x03c8  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:42:51.0439 0x03c8  kbfiltr - ok
15:42:51.0450 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] KeyIso          C:\Windows\system32\lsass.exe
15:42:51.0464 0x03c8  KeyIso - ok
15:42:51.0516 0x03c8  [ CFBA6BCBBDC7E33813D92FFB3460FA07, 4BE0DF9AC976A991731C784CD3F32C4CED67AD58267658F046798E84BA1BF78C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:42:51.0533 0x03c8  KSecDD - ok
15:42:51.0551 0x03c8  [ CE66825289EE8326CB52C4E9E785ACB0, 41113B55F891A300C7967F585F59921917EC0718C26798946056B1DE534EE0E3 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:42:51.0567 0x03c8  KSecPkg - ok
15:42:51.0591 0x03c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:42:51.0649 0x03c8  ksthunk - ok
15:42:51.0686 0x03c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:42:51.0784 0x03c8  KtmRm - ok
15:42:51.0829 0x03c8  [ 033B4AED2C5519072C0D81E00804D003, 6C450A604C382416C482FED43098B4E95BD61B480B0CEFD728A269446AF18708 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:42:51.0865 0x03c8  L1C - ok
15:42:51.0927 0x03c8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:42:51.0985 0x03c8  LanmanServer - ok
15:42:52.0004 0x03c8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:52.0059 0x03c8  LanmanWorkstation - ok
15:42:52.0107 0x03c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:42:52.0165 0x03c8  lltdio - ok
15:42:52.0211 0x03c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:42:52.0266 0x03c8  lltdsvc - ok
15:42:52.0286 0x03c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:42:52.0355 0x03c8  lmhosts - ok
15:42:52.0441 0x03c8  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5, 7CEF2455D21A355542B290F4F18EDBC444F3704A31E569652D96A0A3E6799826 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:42:52.0461 0x03c8  LMS - ok
15:42:52.0507 0x03c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:42:52.0523 0x03c8  LSI_FC - ok
15:42:52.0538 0x03c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:42:52.0558 0x03c8  LSI_SAS - ok
15:42:52.0572 0x03c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:42:52.0590 0x03c8  LSI_SAS2 - ok
15:42:52.0620 0x03c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:42:52.0634 0x03c8  LSI_SCSI - ok
15:42:52.0664 0x03c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:42:52.0728 0x03c8  luafv - ok
15:42:52.0758 0x03c8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:42:52.0802 0x03c8  Mcx2Svc - ok
15:42:52.0834 0x03c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:42:52.0846 0x03c8  megasas - ok
15:42:52.0866 0x03c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:42:52.0894 0x03c8  MegaSR - ok
15:42:52.0970 0x03c8  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:42:52.0983 0x03c8  MEIx64 - ok
15:42:53.0005 0x03c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:42:53.0062 0x03c8  MMCSS - ok
15:42:53.0086 0x03c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:42:53.0128 0x03c8  Modem - ok
15:42:53.0153 0x03c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:42:53.0195 0x03c8  monitor - ok
15:42:53.0229 0x03c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:42:53.0242 0x03c8  mouclass - ok
15:42:53.0264 0x03c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:42:53.0278 0x03c8  mouhid - ok
15:42:53.0333 0x03c8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:42:53.0347 0x03c8  mountmgr - ok
15:42:53.0420 0x03c8  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:42:53.0437 0x03c8  MozillaMaintenance - ok
15:42:53.0473 0x03c8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:42:53.0492 0x03c8  mpio - ok
15:42:53.0510 0x03c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:42:53.0556 0x03c8  mpsdrv - ok
15:42:53.0616 0x03c8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:42:53.0721 0x03c8  MpsSvc - ok
15:42:53.0773 0x03c8  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:42:53.0803 0x03c8  MRxDAV - ok
15:42:53.0857 0x03c8  [ B7FADA5E1E55BB63F90EB9F8F016113B, 33C2C898E4AD0CBD34D9A6CF51987A4703009E23CD9D4F4294BF444C4D3D5A60 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:53.0884 0x03c8  mrxsmb - ok
15:42:53.0911 0x03c8  [ 34AFF1849B3EC042C40C5EEC9D78562A, E3378A9977B429812C38529C562FE27945706ADB5E9E877C4A90B0285631A501 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:53.0958 0x03c8  mrxsmb10 - ok
15:42:53.0994 0x03c8  [ 058CE7A55E140EB0C72FBA6FD2FA72DE, B1D89E524A621BDCC464882EF621BDC7779BFCBCC9FD923D70DE130C41D0DB4C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:54.0040 0x03c8  mrxsmb20 - ok
15:42:54.0084 0x03c8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:42:54.0096 0x03c8  msahci - ok
15:42:54.0135 0x03c8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:42:54.0150 0x03c8  msdsm - ok
15:42:54.0189 0x03c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:42:54.0247 0x03c8  MSDTC - ok
15:42:54.0297 0x03c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:42:54.0354 0x03c8  Msfs - ok
15:42:54.0372 0x03c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:42:54.0425 0x03c8  mshidkmdf - ok
15:42:54.0439 0x03c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:42:54.0453 0x03c8  msisadrv - ok
15:42:54.0504 0x03c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:42:54.0612 0x03c8  MSiSCSI - ok
15:42:54.0618 0x03c8  msiserver - ok
15:42:54.0659 0x03c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:42:54.0722 0x03c8  MSKSSRV - ok
15:42:54.0752 0x03c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:54.0804 0x03c8  MSPCLOCK - ok
15:42:54.0810 0x03c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:42:54.0881 0x03c8  MSPQM - ok
15:42:54.0909 0x03c8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:42:54.0942 0x03c8  MsRPC - ok
15:42:54.0958 0x03c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:42:54.0975 0x03c8  mssmbios - ok
15:42:54.0998 0x03c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:42:55.0081 0x03c8  MSTEE - ok
15:42:55.0119 0x03c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:42:55.0134 0x03c8  MTConfig - ok
15:42:55.0149 0x03c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:42:55.0164 0x03c8  Mup - ok
15:42:55.0203 0x03c8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:42:55.0299 0x03c8  napagent - ok
15:42:55.0365 0x03c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:42:55.0397 0x03c8  NativeWifiP - ok
15:42:55.0545 0x03c8  [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
15:42:55.0584 0x03c8  NAUpdate - ok
15:42:55.0679 0x03c8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:42:55.0728 0x03c8  NDIS - ok
15:42:55.0757 0x03c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:55.0831 0x03c8  NdisCap - ok
15:42:55.0869 0x03c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:55.0929 0x03c8  NdisTapi - ok
15:42:55.0954 0x03c8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:55.0998 0x03c8  Ndisuio - ok
15:42:56.0033 0x03c8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:56.0083 0x03c8  NdisWan - ok
15:42:56.0099 0x03c8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:42:56.0175 0x03c8  NDProxy - ok
15:42:56.0252 0x03c8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:42:56.0285 0x03c8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:42:56.0541 0x03c8  Detect skipped due to KSN trusted
15:42:56.0541 0x03c8  Net Driver HPZ12 - ok
15:42:56.0585 0x03c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:42:56.0647 0x03c8  NetBIOS - ok
15:42:56.0701 0x03c8  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:42:56.0737 0x03c8  NetBT - ok
15:42:56.0761 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] Netlogon        C:\Windows\system32\lsass.exe
15:42:56.0775 0x03c8  Netlogon - ok
15:42:56.0816 0x03c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:42:56.0873 0x03c8  Netman - ok
15:42:56.0968 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:56.0985 0x03c8  NetMsmqActivator - ok
15:42:56.0998 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0015 0x03c8  NetPipeActivator - ok
15:42:57.0055 0x03c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:42:57.0143 0x03c8  netprofm - ok
15:42:57.0190 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0207 0x03c8  NetTcpActivator - ok
15:42:57.0223 0x03c8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:57.0240 0x03c8  NetTcpPortSharing - ok
15:42:57.0271 0x03c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:42:57.0284 0x03c8  nfrd960 - ok
15:42:57.0358 0x03c8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:42:57.0390 0x03c8  NlaSvc - ok
15:42:57.0413 0x03c8  nnqsrorm - ok
15:42:57.0437 0x03c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:42:57.0480 0x03c8  Npfs - ok
15:42:57.0513 0x03c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:42:57.0557 0x03c8  nsi - ok
15:42:57.0577 0x03c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:42:57.0646 0x03c8  nsiproxy - ok
15:42:57.0754 0x03c8  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:42:57.0825 0x03c8  Ntfs - ok
15:42:57.0849 0x03c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:42:57.0899 0x03c8  Null - ok
15:42:58.0429 0x03c8  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:42:59.0026 0x03c8  nvlddmkm - ok
15:42:59.0115 0x03c8  [ 4086D655D237E091ECC34BEC94E55C3E, 498A57AC8F02247A4C95A74F0C19FF49A2B91872DB22B7EF7FAC4195402D9447 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:42:59.0127 0x03c8  nvpciflt - ok
15:42:59.0147 0x03c8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:42:59.0164 0x03c8  nvraid - ok
15:42:59.0204 0x03c8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:42:59.0226 0x03c8  nvstor - ok
15:42:59.0339 0x03c8  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:42:59.0382 0x03c8  nvsvc - ok
15:42:59.0577 0x03c8  [ 7BAB808957880CF38EFC6816FEF7276E, C230EC66E6069C2CC820DFE468EC45192E99CBC5CD822E828F59C8DC9564B6E5 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:42:59.0655 0x03c8  nvUpdatusService - ok
15:42:59.0685 0x03c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:42:59.0700 0x03c8  nv_agp - ok
15:42:59.0724 0x03c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:42:59.0739 0x03c8  ohci1394 - ok
15:42:59.0773 0x03c8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:59.0790 0x03c8  ose - ok
15:43:00.0102 0x03c8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:43:00.0364 0x03c8  osppsvc - ok
15:43:00.0405 0x03c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:43:00.0479 0x03c8  p2pimsvc - ok
15:43:00.0526 0x03c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:43:00.0578 0x03c8  p2psvc - ok
15:43:00.0622 0x03c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:43:00.0662 0x03c8  Parport - ok
15:43:00.0701 0x03c8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:43:00.0715 0x03c8  partmgr - ok
15:43:00.0770 0x03c8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:43:00.0808 0x03c8  PcaSvc - ok
15:43:00.0841 0x03c8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:43:00.0858 0x03c8  pci - ok
15:43:00.0889 0x03c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:43:00.0900 0x03c8  pciide - ok
15:43:00.0924 0x03c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:43:00.0943 0x03c8  pcmcia - ok
15:43:00.0969 0x03c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:43:00.0982 0x03c8  pcw - ok
15:43:01.0058 0x03c8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:43:01.0095 0x03c8  PEAUTH - ok
15:43:01.0172 0x03c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:43:01.0207 0x03c8  PerfHost - ok
15:43:01.0324 0x03c8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:43:01.0438 0x03c8  pla - ok
15:43:01.0510 0x03c8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:43:01.0550 0x03c8  PlugPlay - ok
15:43:01.0647 0x03c8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:43:01.0676 0x03c8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:43:01.0916 0x03c8  Detect skipped due to KSN trusted
15:43:01.0916 0x03c8  Pml Driver HPZ12 - ok
15:43:01.0954 0x03c8  PnkBstrA - ok
15:43:01.0978 0x03c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:43:01.0993 0x03c8  PNRPAutoReg - ok
15:43:02.0027 0x03c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:43:02.0051 0x03c8  PNRPsvc - ok
15:43:02.0125 0x03c8  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:43:02.0164 0x03c8  PolicyAgent - ok
15:43:02.0207 0x03c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:43:02.0255 0x03c8  Power - ok
15:43:02.0294 0x03c8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:43:02.0339 0x03c8  PptpMiniport - ok
15:43:02.0362 0x03c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:43:02.0377 0x03c8  Processor - ok
15:43:02.0432 0x03c8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:43:02.0503 0x03c8  ProfSvc - ok
15:43:02.0517 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:43:02.0531 0x03c8  ProtectedStorage - ok
15:43:02.0560 0x03c8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:43:02.0605 0x03c8  Psched - ok
15:43:02.0692 0x03c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:43:02.0786 0x03c8  ql2300 - ok
15:43:02.0819 0x03c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:43:02.0835 0x03c8  ql40xx - ok
15:43:02.0879 0x03c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:43:02.0908 0x03c8  QWAVE - ok
15:43:02.0938 0x03c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:43:02.0957 0x03c8  QWAVEdrv - ok
15:43:02.0971 0x03c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:43:03.0058 0x03c8  RasAcd - ok
15:43:03.0107 0x03c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:03.0151 0x03c8  RasAgileVpn - ok
15:43:03.0182 0x03c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:43:03.0252 0x03c8  RasAuto - ok
15:43:03.0304 0x03c8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:03.0352 0x03c8  Rasl2tp - ok
15:43:03.0388 0x03c8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:43:03.0486 0x03c8  RasMan - ok
15:43:03.0526 0x03c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:03.0609 0x03c8  RasPppoe - ok
15:43:03.0637 0x03c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:43:03.0705 0x03c8  RasSstp - ok
15:43:03.0762 0x03c8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:43:03.0813 0x03c8  rdbss - ok
15:43:03.0853 0x03c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:43:03.0900 0x03c8  rdpbus - ok
15:43:03.0932 0x03c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:43:03.0981 0x03c8  RDPCDD - ok
15:43:03.0993 0x03c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:43:04.0036 0x03c8  RDPENCDD - ok
15:43:04.0056 0x03c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:43:04.0108 0x03c8  RDPREFMP - ok
15:43:04.0165 0x03c8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:43:04.0229 0x03c8  RDPWD - ok
15:43:04.0260 0x03c8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:43:04.0280 0x03c8  rdyboost - ok
15:43:04.0311 0x03c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:43:04.0367 0x03c8  RemoteAccess - ok
15:43:04.0409 0x03c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:43:04.0461 0x03c8  RemoteRegistry - ok
15:43:04.0510 0x03c8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:43:04.0552 0x03c8  RFCOMM - ok
15:43:04.0592 0x03c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:43:04.0661 0x03c8  RpcEptMapper - ok
15:43:04.0703 0x03c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:43:04.0736 0x03c8  RpcLocator - ok
15:43:04.0799 0x03c8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
15:43:04.0839 0x03c8  RpcSs - ok
15:43:04.0877 0x03c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:43:04.0924 0x03c8  rspndr - ok
15:43:04.0992 0x03c8  [ BB1C3DF1D6CC0972E9C7268A19E62D2E, C362BA0CB2B8CC0CBBD44A76DBC8FD2B44546B027CD794DC64E24D50BEA4FAC6 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:43:05.0016 0x03c8  RSUSBSTOR - ok
15:43:05.0127 0x03c8  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:43:05.0165 0x03c8  RTL8167 - ok
15:43:05.0233 0x03c8  [ 301FBA4594FB5C0A469299A65106B4AA, 53683D49420B4647DBA63B1A6328511620DF615EAE6F42221A16AD3D3B77EE19 ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
15:43:05.0251 0x03c8  s1018bus - ok
15:43:05.0290 0x03c8  [ D1D7C744F79710357E60FC04D125ED01, E7C10217323887E2605872720BB36BAB5CF3E24BDA1365F033A79EBB817A397B ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
15:43:05.0300 0x03c8  s1018mdfl - ok
15:43:05.0352 0x03c8  [ 7DBE12CCCD837D4266B2DDD80A329C09, 557873A5D508471108F1756FEE5D88F80702D7CA3D7684B61046C1C5A80E14D9 ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
15:43:05.0367 0x03c8  s1018mdm - ok
15:43:05.0452 0x03c8  [ 065FF5E62D2D18A6D93FD925546CD549, 18D38DA96C618B96BE715E2E3F17C15E80468879DB68E3AAB333E0CBB3822070 ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
15:43:05.0465 0x03c8  s1018mgmt - ok
15:43:05.0517 0x03c8  [ 5101D815BDF0D667E3D5F0EA727CAAEE, 070BCE2EE15DD067E794BF80A79011B646775E55EE848614DFD45E405420AB0D ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
15:43:05.0527 0x03c8  s1018nd5 - ok
15:43:05.0548 0x03c8  [ 13F220C65B444AC9BDA49DACFC3230BB, 996B46949AEE14D1D43D9D68759CA0EBA7C43B83363E2F2C674A9A0A249C7881 ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
15:43:05.0561 0x03c8  s1018obex - ok
15:43:05.0598 0x03c8  [ CE7D8BCE80211D8A35F6BD7A87791860, 93A5DEB41B5AA3F706EB5F601BB3CFF45B51310BBB3D0320A91B4A2CF9560B6D ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
15:43:05.0614 0x03c8  s1018unic - ok
15:43:05.0639 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] SamSs           C:\Windows\system32\lsass.exe
15:43:05.0656 0x03c8  SamSs - ok
15:43:05.0691 0x03c8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:43:05.0706 0x03c8  sbp2port - ok
15:43:05.0737 0x03c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:43:05.0814 0x03c8  SCardSvr - ok
15:43:05.0849 0x03c8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:43:05.0890 0x03c8  scfilter - ok
15:43:06.0010 0x03c8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:43:06.0118 0x03c8  Schedule - ok
15:43:06.0144 0x03c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:43:06.0193 0x03c8  SCPolicySvc - ok
15:43:06.0240 0x03c8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:43:06.0310 0x03c8  SDRSVC - ok
15:43:06.0336 0x03c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:43:06.0395 0x03c8  secdrv - ok
15:43:06.0446 0x03c8  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
15:43:06.0471 0x03c8  seclogon - ok
15:43:06.0498 0x03c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:43:06.0563 0x03c8  SENS - ok
15:43:06.0590 0x03c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:43:06.0617 0x03c8  SensrSvc - ok
15:43:06.0642 0x03c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:43:06.0656 0x03c8  Serenum - ok
15:43:06.0686 0x03c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:43:06.0722 0x03c8  Serial - ok
15:43:06.0745 0x03c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:43:06.0759 0x03c8  sermouse - ok
15:43:06.0792 0x03c8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:43:06.0863 0x03c8  SessionEnv - ok
15:43:06.0886 0x03c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:43:06.0922 0x03c8  sffdisk - ok
15:43:06.0951 0x03c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:43:06.0966 0x03c8  sffp_mmc - ok
15:43:06.0989 0x03c8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:43:07.0006 0x03c8  sffp_sd - ok
15:43:07.0018 0x03c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:43:07.0031 0x03c8  sfloppy - ok
15:43:07.0099 0x03c8  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:43:07.0138 0x03c8  Sftfs - ok
15:43:07.0228 0x03c8  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:43:07.0259 0x03c8  sftlist - ok
15:43:07.0288 0x03c8  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:43:07.0309 0x03c8  Sftplay - ok
15:43:07.0335 0x03c8  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:43:07.0346 0x03c8  Sftredir - ok
15:43:07.0361 0x03c8  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:43:07.0373 0x03c8  Sftvol - ok
15:43:07.0430 0x03c8  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:43:07.0449 0x03c8  sftvsa - ok
15:43:07.0495 0x03c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:43:07.0550 0x03c8  SharedAccess - ok
15:43:07.0588 0x03c8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:07.0643 0x03c8  ShellHWDetection - ok
15:43:07.0681 0x03c8  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
15:43:07.0715 0x03c8  SiSGbeLH - ok
15:43:07.0741 0x03c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:43:07.0754 0x03c8  SiSRaid2 - ok
15:43:07.0771 0x03c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:43:07.0785 0x03c8  SiSRaid4 - ok
15:43:07.0903 0x03c8  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:43:07.0930 0x03c8  SkypeUpdate - ok
15:43:07.0960 0x03c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:43:08.0005 0x03c8  Smb - ok
15:43:08.0048 0x03c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:43:08.0064 0x03c8  SNMPTRAP - ok
15:43:08.0077 0x03c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:43:08.0089 0x03c8  spldr - ok
15:43:08.0132 0x03c8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:43:08.0175 0x03c8  Spooler - ok
15:43:08.0347 0x03c8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:43:08.0562 0x03c8  sppsvc - ok
15:43:08.0594 0x03c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:43:08.0640 0x03c8  sppuinotify - ok
15:43:08.0703 0x03c8  [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd            C:\Windows\System32\Drivers\sptd.sys
15:43:08.0737 0x03c8  sptd - ok
15:43:08.0807 0x03c8  [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:43:08.0853 0x03c8  srv - ok
15:43:08.0881 0x03c8  [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:43:08.0928 0x03c8  srv2 - ok
15:43:08.0973 0x03c8  [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:43:09.0015 0x03c8  srvnet - ok
15:43:09.0061 0x03c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:43:09.0114 0x03c8  SSDPSRV - ok
15:43:09.0134 0x03c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:43:09.0189 0x03c8  SstpSvc - ok
15:43:09.0252 0x03c8  [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
15:43:09.0268 0x03c8  ss_bus - ok
15:43:09.0316 0x03c8  [ 451DB3D10E6112E06B4506D4A7BECEC1, 18C361E7E478CB9991638EE412C05E40B89BAD542519E62F4CED4055A80F3216 ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
15:43:09.0325 0x03c8  ss_mdfl - ok
15:43:09.0343 0x03c8  [ EF40C8A268A5263A0EF48FED8E57CBED, 253C2B5E5075D01B7E27C6F9548291DADB4C9B635849DDA9E2DA3E5785DE9B75 ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
15:43:09.0358 0x03c8  ss_mdm - ok
15:43:09.0385 0x03c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:43:09.0401 0x03c8  stexstor - ok
15:43:09.0458 0x03c8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:43:09.0503 0x03c8  stisvc - ok
15:43:09.0519 0x03c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:43:09.0530 0x03c8  swenum - ok
15:43:09.0579 0x03c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:43:09.0645 0x03c8  swprv - ok
15:43:09.0755 0x03c8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:43:09.0872 0x03c8  SysMain - ok
15:43:09.0908 0x03c8  SystemStoreService - ok
15:43:09.0943 0x03c8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:09.0968 0x03c8  TabletInputService - ok
15:43:09.0994 0x03c8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:43:10.0072 0x03c8  TapiSrv - ok
15:43:10.0214 0x03c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:43:10.0295 0x03c8  Tcpip - ok
15:43:10.0403 0x03c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:43:10.0478 0x03c8  TCPIP6 - ok
15:43:10.0519 0x03c8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:43:10.0536 0x03c8  tcpipreg - ok
15:43:10.0559 0x03c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:43:10.0618 0x03c8  TDPIPE - ok
15:43:10.0671 0x03c8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:43:10.0685 0x03c8  TDTCP - ok
15:43:10.0737 0x03c8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:43:10.0753 0x03c8  tdx - ok
15:43:10.0799 0x03c8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:43:10.0816 0x03c8  TermDD - ok
15:43:10.0888 0x03c8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:43:10.0957 0x03c8  TermService - ok
15:43:10.0985 0x03c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:43:11.0038 0x03c8  Themes - ok
15:43:11.0072 0x03c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:43:11.0117 0x03c8  THREADORDER - ok
15:43:11.0146 0x03c8  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:43:11.0186 0x03c8  TPM - ok
15:43:11.0231 0x03c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:43:11.0310 0x03c8  TrkWks - ok
15:43:11.0363 0x03c8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:11.0420 0x03c8  TrustedInstaller - ok
15:43:11.0469 0x03c8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:11.0484 0x03c8  tssecsrv - ok
15:43:11.0536 0x03c8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:43:11.0555 0x03c8  TsUsbFlt - ok
15:43:11.0575 0x03c8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:43:11.0613 0x03c8  TsUsbGD - ok
15:43:11.0653 0x03c8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:43:11.0730 0x03c8  tunnel - ok
15:43:11.0756 0x03c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:43:11.0770 0x03c8  uagp35 - ok
15:43:11.0811 0x03c8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:43:11.0907 0x03c8  udfs - ok
15:43:11.0949 0x03c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:43:11.0968 0x03c8  UI0Detect - ok
15:43:11.0999 0x03c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:43:12.0014 0x03c8  uliagpkx - ok
15:43:12.0035 0x03c8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:43:12.0052 0x03c8  umbus - ok
15:43:12.0063 0x03c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:43:12.0076 0x03c8  UmPass - ok
15:43:12.0246 0x03c8  [ 3C5405EF78576E8E4D791EB18F6856A8, 18FD6A5C0ACD045B324F46C7C596D537D52F43B7F2896F0D54CEBEFF4886CAEC ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:43:12.0268 0x03c8  UNS - ok
15:43:12.0308 0x03c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:43:12.0393 0x03c8  upnphost - ok
15:43:12.0427 0x03c8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:12.0452 0x03c8  usbccgp - ok
15:43:12.0486 0x03c8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:43:12.0511 0x03c8  usbcir - ok
15:43:12.0531 0x03c8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:43:12.0565 0x03c8  usbehci - ok
15:43:12.0623 0x03c8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:43:12.0675 0x03c8  usbhub - ok
15:43:12.0718 0x03c8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:43:12.0732 0x03c8  usbohci - ok
15:43:12.0762 0x03c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:43:12.0783 0x03c8  usbprint - ok
15:43:12.0813 0x03c8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:43:12.0840 0x03c8  usbscan - ok
15:43:12.0894 0x03c8  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:43:12.0927 0x03c8  USBSTOR - ok
15:43:12.0958 0x03c8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:43:12.0972 0x03c8  usbuhci - ok
15:43:13.0013 0x03c8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:43:13.0044 0x03c8  usbvideo - ok
15:43:13.0077 0x03c8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:43:13.0099 0x03c8  usb_rndisx - ok
15:43:13.0127 0x03c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:43:13.0178 0x03c8  UxSms - ok
15:43:13.0195 0x03c8  [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] VaultSvc        C:\Windows\system32\lsass.exe
15:43:13.0208 0x03c8  VaultSvc - ok
15:43:13.0252 0x03c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:43:13.0267 0x03c8  vdrvroot - ok
15:43:13.0304 0x03c8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:43:13.0403 0x03c8  vds - ok
15:43:13.0487 0x03c8  [ E4DA1D85CCCB610DFF0C0E116900E17F, 874EB88B9E2743654094F04AB04C254BBDFBCDECBB200514E73F696098B847F3 ] vflt            C:\Windows\system32\DRIVERS\vfilter.sys
15:43:13.0514 0x03c8  vflt - ok
15:43:13.0550 0x03c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:13.0567 0x03c8  vga - ok
15:43:13.0581 0x03c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:43:13.0661 0x03c8  VgaSave - ok
15:43:13.0694 0x03c8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:43:13.0714 0x03c8  vhdmp - ok
15:43:13.0733 0x03c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:43:13.0745 0x03c8  viaide - ok
15:43:13.0775 0x03c8  [ A99CA064AD11266FE7067A79BF78BBB5, B5AFFBA1A9A6E51639A89B9F6C0678E70F73D2BF37D5F88F4AD45DFC6798597D ] vnet            C:\Windows\system32\DRIVERS\virtualnet.sys
15:43:13.0798 0x03c8  vnet - ok
15:43:13.0815 0x03c8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:43:13.0829 0x03c8  volmgr - ok
15:43:13.0865 0x03c8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:43:13.0890 0x03c8  volmgrx - ok
15:43:13.0917 0x03c8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:43:13.0940 0x03c8  volsnap - ok
15:43:14.0024 0x03c8  [ CED5750ECF0D60F76727BE53CE05ED68, 192E7767BED6C1EA925F5A790EC75A1C2BC4FF20F6C832A1C910D515AA565B69 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
15:43:14.0057 0x03c8  vpnagent - ok
15:43:14.0109 0x03c8  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
15:43:14.0125 0x03c8  vpnva - ok
15:43:14.0161 0x03c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:43:14.0179 0x03c8  vsmraid - ok
15:43:14.0274 0x03c8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:43:14.0392 0x03c8  VSS - ok
15:43:14.0418 0x03c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:43:14.0439 0x03c8  vwifibus - ok
15:43:14.0449 0x03c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:14.0493 0x03c8  vwififlt - ok
15:43:14.0532 0x03c8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:43:14.0578 0x03c8  vwifimp - ok
15:43:14.0625 0x03c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:43:14.0684 0x03c8  W32Time - ok
15:43:14.0709 0x03c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:43:14.0750 0x03c8  WacomPen - ok
15:43:14.0788 0x03c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:43:14.0860 0x03c8  WANARP - ok
15:43:14.0885 0x03c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:43:14.0931 0x03c8  Wanarpv6 - ok
15:43:15.0072 0x03c8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:43:15.0133 0x03c8  WatAdminSvc - ok
15:43:15.0240 0x03c8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:43:15.0333 0x03c8  wbengine - ok
15:43:15.0371 0x03c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:43:15.0430 0x03c8  WbioSrvc - ok
15:43:15.0493 0x03c8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:43:15.0530 0x03c8  wcncsvc - ok
15:43:15.0552 0x03c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:15.0580 0x03c8  WcsPlugInService - ok
15:43:15.0594 0x03c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:43:15.0606 0x03c8  Wd - ok
15:43:15.0665 0x03c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:43:15.0709 0x03c8  Wdf01000 - ok
15:43:15.0745 0x03c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:43:15.0777 0x03c8  WdiServiceHost - ok
15:43:15.0784 0x03c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:43:15.0803 0x03c8  WdiSystemHost - ok
15:43:15.0861 0x03c8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:43:15.0893 0x03c8  WebClient - ok
15:43:15.0920 0x03c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:43:15.0976 0x03c8  Wecsvc - ok
15:43:15.0996 0x03c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:43:16.0063 0x03c8  wercplsupport - ok
15:43:16.0114 0x03c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:43:16.0169 0x03c8  WerSvc - ok
15:43:16.0192 0x03c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:16.0250 0x03c8  WfpLwf - ok
15:43:16.0311 0x03c8  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:43:16.0329 0x03c8  WimFltr - ok
15:43:16.0354 0x03c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:43:16.0370 0x03c8  WIMMount - ok
15:43:16.0401 0x03c8  WinDefend - ok
15:43:16.0425 0x03c8  WinHttpAutoProxySvc - ok
15:43:16.0487 0x03c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:43:16.0570 0x03c8  Winmgmt - ok
15:43:16.0701 0x03c8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:43:16.0810 0x03c8  WinRM - ok
15:43:16.0866 0x03c8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:43:16.0891 0x03c8  WinUsb - ok
15:43:16.0968 0x03c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:43:17.0022 0x03c8  Wlansvc - ok
15:43:17.0099 0x03c8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:43:17.0111 0x03c8  wlcrasvc - ok
15:43:17.0276 0x03c8  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:43:17.0368 0x03c8  wlidsvc - ok
15:43:17.0394 0x03c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:43:17.0430 0x03c8  WmiAcpi - ok
15:43:17.0477 0x03c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:43:17.0501 0x03c8  wmiApSrv - ok
15:43:17.0527 0x03c8  WMPNetworkSvc - ok
15:43:17.0547 0x03c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:43:17.0573 0x03c8  WPCSvc - ok
15:43:17.0585 0x03c8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:43:17.0625 0x03c8  WPDBusEnum - ok
15:43:17.0659 0x03c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:43:17.0701 0x03c8  ws2ifsl - ok
15:43:17.0730 0x03c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:43:17.0772 0x03c8  wscsvc - ok
15:43:17.0777 0x03c8  WSearch - ok
15:43:17.0959 0x03c8  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:43:18.0095 0x03c8  wuauserv - ok
15:43:18.0127 0x03c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:43:18.0150 0x03c8  WudfPf - ok
15:43:18.0182 0x03c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:18.0202 0x03c8  WUDFRd - ok
15:43:18.0230 0x03c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:43:18.0248 0x03c8  wudfsvc - ok
15:43:18.0286 0x03c8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:43:18.0325 0x03c8  WwanSvc - ok
15:43:18.0382 0x03c8  ================ Scan global ===============================
15:43:18.0427 0x03c8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:43:18.0479 0x03c8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:43:18.0501 0x03c8  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:43:18.0535 0x03c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:43:18.0578 0x03c8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:43:18.0590 0x03c8  [ Global ] - ok
15:43:18.0591 0x03c8  ================ Scan MBR ==================================
15:43:18.0599 0x03c8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:43:18.0683 0x03c8  \Device\Harddisk0\DR0 - ok
15:43:18.0684 0x03c8  ================ Scan VBR ==================================
15:43:18.0686 0x03c8  [ A61950525177438573CFB3403C148985 ] \Device\Harddisk0\DR0\Partition1
15:43:18.0688 0x03c8  \Device\Harddisk0\DR0\Partition1 - ok
15:43:18.0721 0x03c8  [ 086E329F5B6B3361D1A3C70D4729D98E ] \Device\Harddisk0\DR0\Partition2
15:43:18.0721 0x03c8  \Device\Harddisk0\DR0\Partition2 - ok
15:43:18.0731 0x03c8  [ 929F8AF0832A2C47C4122DADA709B7AA ] \Device\Harddisk0\DR0\Partition3
15:43:18.0733 0x03c8  \Device\Harddisk0\DR0\Partition3 - ok
15:43:18.0763 0x03c8  [ 2BC8539521F6C11277A05A8FA6D13283 ] \Device\Harddisk0\DR0\Partition4
15:43:18.0764 0x03c8  \Device\Harddisk0\DR0\Partition4 - ok
15:43:18.0765 0x03c8  ================ Scan generic autorun ======================
15:43:18.0765 0x03c8  ETDCtrl - ok
15:43:18.0935 0x03c8  [ 384366C69DF4C11133915C3315F541CC, BD41B24DA14D30F927DBA4377EB3ED3D28DED1E61159D99B29D9E90CECBBEB71 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
15:43:18.0984 0x03c8  Nvtmru - ok
15:43:19.0052 0x03c8  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:43:19.0077 0x03c8  AdobeAAMUpdater-1.0 - ok
15:43:19.0111 0x03c8  [ BE49AF92F13030E188DBE8E2841D173A, AFC312A888F63D34E4F4E27A3FF50D5569BCAF0DD061671CC661E778FEC02EEB ] C:\Windows\system32\igfxtray.exe
15:43:19.0127 0x03c8  IgfxTray - ok
15:43:19.0150 0x03c8  [ 664FF61BE83FCACBF67A8D307011ADF5, B5270D13A355002336D25C092C042CA8E36795D23EB81134418BB2A8ABFBDF66 ] C:\Windows\system32\hkcmd.exe
15:43:19.0175 0x03c8  HotKeysCmds - ok
15:43:19.0223 0x03c8  [ 899D435E1C190C204E349CE0E483098B, FC6E84D7A382FBCBF3B2DAA4B75BD78F447359F314C1CD4424759E2EC97FD2DE ] C:\Windows\system32\igfxpers.exe
15:43:19.0252 0x03c8  Persistence - ok
15:43:19.0388 0x03c8  MRT - ok
15:43:19.0588 0x03c8  [ 86D3BEA2B995DCEA877D25725D77DC5E, 5C91AD24E7473D5E665A68A7CF52BDD8A795E63E864246577C6F7D4C82F1E5C1 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
15:43:19.0799 0x03c8  ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
15:43:20.0031 0x03c8  Detect skipped due to KSN trusted
15:43:20.0031 0x03c8  ASUSPRP - ok
15:43:20.0095 0x03c8  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:43:20.0114 0x03c8  USB3MON - ok
15:43:20.0191 0x03c8  [ D9AB754613208112B840C75B6762B909, 6869D2E42852A24BF7E34C396E790808729CFCF1086F8AF18E0EBD1071C4C2EF ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
15:43:20.0210 0x03c8  ATKOSD2 - ok
15:43:20.0231 0x03c8  [ BC31B27061F27E8968CD0435C038F712, E2FAB6AF6CFFB7762B9A82E156D9D63B53B278D72BC4CCA870AC9016917ED683 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
15:43:20.0245 0x03c8  ATKMEDIA - ok
15:43:20.0293 0x03c8  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
15:43:20.0308 0x03c8  HControlUser - ok
15:43:20.0455 0x03c8  [ B9BF29CC884BDD499803C3ED1F97FA41, 0432039F03F8708746FEB2BD4D045DDA9DE9E3DD737023676DEA1EDADDD9B1F3 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
15:43:20.0546 0x03c8  Wireless Console 3 - ok
15:43:20.0659 0x03c8  [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
15:43:20.0712 0x03c8  DivXUpdate - ok
15:43:20.0759 0x03c8  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:43:20.0777 0x03c8  SunJavaUpdateSched - ok
15:43:20.0878 0x03c8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
15:43:20.0890 0x03c8  HP Software Update - ok
15:43:20.0987 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0054 0x03c8  Sidebar - ok
15:43:21.0087 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0137 0x03c8  mctadmin - ok
15:43:21.0214 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0265 0x03c8  Sidebar - ok
15:43:21.0288 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0310 0x03c8  mctadmin - ok
15:43:21.0382 0x03c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:21.0438 0x03c8  Sidebar - ok
15:43:21.0454 0x03c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:21.0480 0x03c8  mctadmin - ok
15:43:21.0587 0x03c8  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:43:21.0678 0x03c8  Sidebar - ok
15:43:21.0753 0x03c8  AVG-Secure-Search-Update_0913b - ok
15:43:21.0847 0x03c8  [ 0346AAE0888B0EDE2598891400444F40, 641B8F015DA3A1876C19F10B8E3C800A6A596CCB14AA7A3A5B48F7873F3967A9 ] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
15:43:21.0901 0x03c8  Remote Mouse - detected UnsignedFile.Multi.Generic ( 1 )
15:43:22.0130 0x03c8  Detect skipped due to KSN trusted
15:43:22.0130 0x03c8  Remote Mouse - ok
15:43:22.0435 0x03c8  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\***\AppData\Local\Akamai\netsession_win.exe
15:43:22.0659 0x03c8  Akamai NetSession Interface - ok
15:43:22.0804 0x03c8  [ 5BD320A19EA11F9FDDA3AF9BA3CE1280, 48A5B053D893776DBC88B017A401D0FAA6B7669A0F11CA667B112E965510005C ] C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:43:22.0870 0x03c8  Spotify Web Helper - ok
15:43:22.0986 0x03c8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:43:23.0000 0x03c8  Dropbox Update - ok
15:43:23.0038 0x03c8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:43:23.0119 0x03c8  RESTART_STICKY_NOTES - ok
15:43:23.0120 0x03c8  Waiting for KSN requests completion. In queue: 170
15:43:24.0203 0x03c8  Win FW state via NFP2: enabled ( trusted )
15:43:24.0424 0x03c8  ============================================================
15:43:24.0424 0x03c8  Scan finished
15:43:24.0424 0x03c8  ============================================================
15:43:24.0438 0x0730  Detected object count: 0
15:43:24.0438 0x0730  Actual detected object count: 0

hier noch die zwei anderen (komischen):

Code:

ATTFilter

15:41:06.0899 0x1c10  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:41:06.0900 0x1c10  UEFI system
15:41:17.0091 0x1c10  EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
15:41:17.0096 0x1e44  Deinitialize success

Code:

ATTFilter

15:40:26.0993 0x1fbc  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
15:40:26.0993 0x1fbc  UEFI system
15:40:36.0952 0x1fbc  ============================================================
15:40:36.0952 0x1fbc  Current date / time: 2016/09/19 15:40:36.0952
15:40:36.0953 0x1fbc  SystemInfo:
15:40:36.0953 0x1fbc  
15:40:36.0953 0x1fbc  OS Version: 6.1.7601 ServicePack: 1.0
15:40:36.0953 0x1fbc  Product type: Workstation
15:40:36.0953 0x1fbc  ComputerName: ***
15:40:36.0953 0x1fbc  UserName: ***
15:40:36.0953 0x1fbc  Windows directory: C:\Windows
15:40:36.0953 0x1fbc  System windows directory: C:\Windows
15:40:36.0953 0x1fbc  Running under WOW64
15:40:36.0953 0x1fbc  Processor architecture: Intel x64
15:40:36.0953 0x1fbc  Number of processors: 4
15:40:36.0953 0x1fbc  Page size: 0x1000
15:40:36.0953 0x1fbc  Boot type: Normal boot
15:40:36.0953 0x1fbc  CodeIntegrityOptions = 0x00000001
15:40:36.0953 0x1fbc  ============================================================
15:40:37.0238 0x1fbc  KLMD registered as C:\Windows\system32\drivers\73728516.sys
15:40:37.0238 0x1fbc  KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23418, osProperties = 0x1
15:40:38.0326 0x1fbc  System UUID: {15847918-A0DB-0DCF-BE3D-E77BA7618038}
15:40:38.0977 0x1fbc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:40:38.0983 0x1fbc  ============================================================
15:40:38.0983 0x1fbc  \Device\Harddisk0\DR0:
15:40:38.0983 0x1fbc  GPT partitions:
15:40:38.0983 0x1fbc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {254607CA-2283-44AE-9D11-C4DC5C87709C}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
15:40:38.0983 0x1fbc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CAFB138C-EC31-492D-88B2-5ECB7C6B5E86}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
15:40:38.0983 0x1fbc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7AC58CFB-3A7B-4281-ABA7-E9915A803AD0}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0x370E1800
15:40:38.0984 0x1fbc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {482C0C54-1501-4CE5-BE86-A683B9B61F32}, Name: Basic data partition, StartLBA 0x37186000, BlocksNum 0x3200000
15:40:38.0984 0x1fbc  MBR partitions:
15:40:38.0984 0x1fbc  ============================================================
15:40:39.0000 0x1fbc  C: <-> \Device\Harddisk0\DR0\Partition3
15:40:39.0000 0x1fbc  ============================================================
15:40:39.0000 0x1fbc  Initialize success
15:40:39.0000 0x1fbc  ============================================================
15:40:56.0813 0x1d7c  Deinitialize success

cosinus · 19.09.2016, 19:54

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Windows 7- in Firefox wird ständig auf Werbung umgeleitet (wahrscheinlich Onclickads)

Log-Analyse und Auswertung: Windows 7- in Firefox wird ständig auf Werbung umgeleitet (wahrscheinlich Onclickads)