Win 8.1: Goldeneye - Überprüfen ob er wirklich entfernt ist

Thread · 08.12.2016, 14:10

Hallo Forum,

wie so einige Firmen sind wir diesmal auch auf einen Anhang reingefallen. Genauer die aktuelle Goldeneye Version die per Makro in einer Exceldatei versteckt war.
https://www.heise.de/security/meldung/Goldeneye-Ransomware-greift-gezielt-Personalabteilungen-an-3562281.html?hg=1&hgi=3&hgf=false

Trotz Scan mit AvastPro wurde keine Warnung ausgegeben, weswegen die Datei geöffnet wurde. Ab heute gilt dann die Richtlinie: Nur noch .pdf Dateien. Allerdings war das eine Stelle für die tatsächlich sehr sehr dringend jemand benötigt wird. Die PDF sah gut aus, weswegen die XLS blöderweise geöffnet und ausgeführt wurde.

Im Prinzip ist ermal nichts dramatisches passiert. Er hat beim Client einige pdf, doc und pptx Dateien verschlüsselt. Bilder und dotx Dateien hat er nicht angefasst. Scheinbar auch doc Dateien in bestimmten Verzeichnissen nicht.

Fast alle Daten (bis auf 3 Powerpoints de gestern Nacht erstellt wurden) sind alle Dateien als Backup vorhanden. Wenn die 3 Powerpoints entschlüsselt werden könnten, wäre das klasse weil es ca. 4 Stunden Arbeit erstpart, aber auch kein Drama wenn nicht.

Der Client wurde dann mit Malwarebytes Anti-Maleware gescannt. Avast läuft gerade noch ein Tiefenscan durch, jedoch bezweifel ich dass Avast diesmal was findet...hat ja auch beim ersten mal nicht.

Malewarebytes hat einiges entfernt. Vor allem SpyHunter den ich im ersten Schreck installiert hatte, bevor mir eingefallen ist, dass das ja nicht soooo seriös ist.

Habe die txt vom Scan mal hoch geladen.

Meine Frage jetzt: Wie kann ich auf Nummer sicher gehen, dass der Rechner frei von der Ransomware ist? Bei Ruhe sind CPU Auslastung und Zugriffsraten auf die Festplatte normal (CPU 99% Leerlaufprozess und Festplatte ruhe). Allerdings kann man den Explorer nur eingeschränkt bedienen (Öffnen nur über Pfadeingabe und über die Favs, bei Anklicken von z.B. USB Sticks hängt er sich auf).

Die Ransomware hat auch die Wiederherstellungspunkte gekillt. Es gibt allerdings einen Wiederherstellungsstick den ich ebenfalls verwenden werden. Will aber sicher gehen, dass alles weg ist.

System aufsetzen wäre sicher eine Lösung, jedoch äußerst ungern, da der Rechner sowieso Mitte Dezember erstetzt werden soll. Doppelte Arbeit sollte daher erstpart weden. Rechner muss nur noch 1 Woche durchhalten.

Vielen Dank für eure Hilfe.

Edit: Nochmal Malewarebytes drüber laufen lassen. Beim ersten waren die Rootkits deaktiviert. Nun hat er auch 4 Infektionen mit Petya gefunden. Das dürfte er vermutlich sein, da er ja auf Petya basiert?

Vielleicht noch als Hinweis wg. der Checkliste: Wir sind eine kleine gGmbH (also gemeinnützig) im Ausbildungsbereich. Ich bin kein IT-Experte aber auf dem Gebiet etwas bewandert, weswegen ich mich um die Computer kümmere. (eine eigene IT Abteilung können wir uns nicht leisten). Tue mein bestes, habe es aber (wie man sieht) nicht geschafft mich aktuell genug auf dem Laufenden zu halten. Bin nur froh, dass ich zumindest von allem ordentliche Backups habe. Ich hoffe daher, dass mir hier trotzdem geholfen wird.

M-K-D-B · 08.12.2016, 17:24

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Bitte die Logdateien von MBAM mit den "Petya"-Funden posten.
Die verschlüsselten Dateien können derzeit nicht entschlüsselt werden.

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von MBAM mit den Funden,
die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Thread · 08.12.2016, 19:01

Hallo Matthias,

vielen Dank, dass du mir hilfst.

FRST

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
durchgeführt von R (Administrator) auf 3-MPS (08-12-2016 18:31:59)
Gestartet von C:\Users\R\Desktop
Geladene Profile: R &  (Verfügbare Profile: R)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\avast software\avast\AvastSvc.exe
(AVAST Software) C:\Program Files\avast software\avast\afwServ.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) D:\Program Files (x86)\StarMoney Business 7\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pokki) C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(AVAST Software) C:\Program Files\avast software\avast\avastui.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Pokki) C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-10-01] (Synaptics Incorporated)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980368 2011-11-05] (The Eraser Project)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKLM-x32\...\Run: [Tilt] => C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [724992 2009-06-26] ()
HKLM-x32\...\Run: [SMB7StarMoneyRunEntry] => D:\Program Files (x86)\StarMoney Business 7\app\oflagent.exe [29504 2016-07-19] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [EPSONAB2883 (Epson Stylus Office B42WD)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGKE.EXE /FU "C:\Windows\TEMP\E_SA755.tmp" /EF "HKCU"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [Amazon Music] => C:\Users\R\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819048 2016-11-11] (Google)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPSONAB2883 (Epson Stylus Office B42WD)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGKE.EXE /FU "C:\Windows\TEMP\E_SA755.tmp" /EF "HKCU"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\R\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819048 2016-11-11] (Google)
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-07] (AVAST Software)
Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-07]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk [2016-01-31]
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-1773416356-3014083401-955314134-1002] => 162.208.49.45:3127
ProxyServer: [S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 162.208.49.45:3127
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2DBF1935-72F3-48B3-96C2-6413339E02AF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B1CA2C96-DA11-4CF2-97FC-1A748FF90DD1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.dhl.de/popweb/now/jsp/sessiontimeout.jsp
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.dhl.de/popweb/now/jsp/sessiontimeout.jsp
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002 -> DefaultScope {72A2DC7E-489C-48D6-A915-7FEEB2C8FF10} URL = 
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002 -> {72A2DC7E-489C-48D6-A915-7FEEB2C8FF10} URL = 
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {72A2DC7E-489C-48D6-A915-7FEEB2C8FF10} URL = 
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {72A2DC7E-489C-48D6-A915-7FEEB2C8FF10} URL = 
SearchScopes: HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-30] (Oracle Corporation)
Toolbar: HKLM-x32 - Kein Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6yyda3ag.default
FF DefaultProfile: lcqkonpc.default
FF ProfilePath: C:\Users\R\AppData\Roaming\Pencil\Profiles\bpf62cz9.default [2015-12-09]
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default [2016-04-08]
FF Homepage: Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default -> hxxp://www.google.de/
FF Extension: (Kiwi Conversations) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\@kiwi-firefox.xpi [2016-01-14]
FF Extension: (German Dictionary) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-02-08]
FF Extension: (Ghostery) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\firefox@ghostery.com.xpi [2016-01-14]
FF Extension: (Personas Plus) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\personas@christopher.beard.xpi [2016-02-15]
FF Extension: (TinEye Reverse Image Search) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\tineye@ideeinc.com.xpi [2015-08-28]
FF Extension: (WOT) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-02-08]
FF Extension: (Adblock Plus) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-08]
FF Extension: (Tab Mix Plus) - C:\Users\R\AppData\Roaming\Mozilla_sellmore\Firefox\Profiles\6yyda3ag.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-02-08]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\6yyda3ag.default\extensions\tineye@ideeinc.com.xpi [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\6yyda3ag.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\6yyda3ag.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\6yyda3ag.default\extensions\personas@christopher.beard.xpi [nicht gefunden]
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default [2016-10-31]
FF DefaultSearchEngine: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> Wikipedia (de)
FF Homepage: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> file:///D:/Benutzer/R.%20S/RSM/Homepages/Portal/portal.php
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> ftp", "162.208.49.45"
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> ftp_port", 3127
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> http", "162.208.49.45"
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> http_port", 3127
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> ssl", "162.208.49.45"
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> ssl_port", 3127
FF NetworkProxy: Mozilla_alt\Firefox\Profiles\n0mpvb8n.default -> type", 1
FF Extension: (All Tabs Helper) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\alltabshelper@alltabshelper.org [2016-09-21]
FF Extension: (Deutsches Wörterbuch, klassisch und reformiert) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\alterechtschreibung@gmail.com [2015-10-11] [ist nicht signiert]
FF Extension: (FindBar Tweak) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\fbt@quicksaver.xpi [2016-06-02]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-10-12]
FF Extension: (Ghostery) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\firefox@ghostery.com.xpi [2016-09-21]
FF Extension: (FoxyProxy Standard) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\foxyproxy@eric.h.jung [2016-09-01]
FF Extension: (Multi Links Plus) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\multilinksplus@hugsmile.eu.xpi [2016-10-12]
FF Extension: (Personas Plus) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\personas@christopher.beard.xpi [2016-07-30]
FF Extension: (TinEye Reverse Image Search) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\tineye@ideeinc.com.xpi [2016-09-01]
FF Extension: (uBlock Origin) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\uBlock0@raymondhill.net.xpi [2015-10-11]
FF Extension: (Flagfox) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-10-12]
FF Extension: (WOT) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: (Flash and Video Download) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-09-21]
FF Extension: (Tab Mix Plus) - C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-06]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\n0mpvb8n.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\n0mpvb8n.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\n0mpvb8n.default\extensions\tineye@ideeinc.com.xpi [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\n0mpvb8n.default\extensions\foxyproxy@eric.h.jung [nicht gefunden]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\n0mpvb8n.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [nicht gefunden]
FF SearchPlugin: C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\searchplugins\firefox-add-ons.xml [2016-02-03]
FF SearchPlugin: C:\Users\R\AppData\Roaming\Mozilla_alt\Firefox\Profiles\n0mpvb8n.default\searchplugins\wikipedia-eng.xml [2015-01-09]
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default [2016-10-31]
FF Homepage: Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default -> file:///D:/Benutzer/R.%20S/RSM/Homepages/Portal/portal.php
FF Extension: (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\de_DE@dicts.j3e.de [2016-10-31]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-10-13]
FF Extension: (Personas Plus) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\personas@christopher.beard.xpi [2016-10-13]
FF Extension: (TinEye Reverse Image Search) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\tineye@ideeinc.com.xpi [2016-10-13]
FF Extension: (uBlock Origin) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-26]
FF Extension: (Flagfox) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-10-13]
FF Extension: (WOT) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-10-31]
FF Extension: (Flash and Video Download) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-10-31]
FF Extension: (Tab Mix Plus) - C:\Users\R\AppData\Roaming\Mozilla - Kopie\Firefox\Profiles\lcqkonpc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-29]
FF Extension: (TinEye Reverse Image Search) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\extensions\tineye@ideeinc.com.xpi [2016-10-13]
FF Extension: (Tab Mix Plus) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-29]
FF Extension: (Kein Name) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [nicht gefunden]
FF Extension: (Flash and Video Download) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-11-01]
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default [2016-12-08]
FF Homepage: Mozilla\Firefox\Profiles\lcqkonpc.default -> file:///D:/Benutzer/R.%20S/RSM/Homepages/Portal/portal.php
FF Extension: (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\de_DE@dicts.j3e.de [2016-11-29]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-12-05]
FF Extension: (Privacy Badger) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2016-11-07]
FF Extension: (Personas Plus) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\personas@christopher.beard.xpi [2016-12-08]
FF Extension: (uBlock Origin) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\uBlock0@raymondhill.net.xpi [2016-11-30]
FF Extension: (Flagfox) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\lcqkonpc.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-11-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\R\AppData\Local\Google\Chrome\User Data\Default [2016-12-08]
CHR Extension: (Google Docs) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-25]
CHR Extension: (Google Drive) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-06]
CHR Extension: (Avast Online Security) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-08]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-11-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Google Mail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
CHR HKU\S-1-5-21-1773416356-3014083401-955314134-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-11-07] (AVAST Software)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3040496 2016-10-04] (Microsoft Corporation)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-07-24] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
S4 ReflectService.exe; D:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 ServiceProviderRegistry; C:\Windows\System32\Essentials\ProviderRegistryService.exe [34816 2013-08-22] (Microsoft Corporation)
R2 StarMoney Business 7 OnlineUpdate; D:\Program Files (x86)\StarMoney Business 7\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-01-26] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
S4 WseClientMgmtSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)
S4 WseClientMonitorSvc; C:\Windows\System32\Essentials\WseClientMonitorSvc.exe [39936 2013-08-22] (Microsoft Corporation)
S4 WseHealthSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)
S4 WseNtfSvc; C:\Windows\System32\Essentials\SharedServiceHost.exe [24576 2013-08-22] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S4 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [83312 2016-08-30] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-07] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-11-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-07] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-28] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-28] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
R3 NWIM; C:\Windows\system32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2016-07-13] (Audials AG)
R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2016-04-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2007-10-11] (Softwareentwicklung Remus - ArchiCrypt )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-01] (Synaptics Incorporated)
S3 SUMMACUTamd; C:\Windows\System32\Drivers\AMDX64CUT.sys [25600 2008-11-21] (Windows (R) Codename Longhorn DDK provider)
U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 HWiNFO32; \??\C:\Users\R\AppData\Local\Temp\HWiNFO64A.SYS [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-09 00:58 - 2016-12-09 00:58 - 00000000 _____ C:\Recovery.txt
2016-12-08 18:31 - 2016-12-08 18:32 - 00038814 _____ C:\Users\R\Desktop\FRST.txt
2016-12-08 18:31 - 2016-12-08 18:31 - 02420224 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2016-12-08 18:31 - 2016-12-08 18:31 - 00000000 ____D C:\FRST
2016-12-08 15:23 - 2016-12-08 15:23 - 00028479 _____ C:\ProgramData\agent.1481207007.bdinstall.bin
2016-12-08 14:46 - 2016-12-08 14:46 - 00002138 _____ C:\ShadeDecryptor.1.1.0.2_08.12.2016_14.46.40_log.txt
2016-12-08 14:46 - 2016-12-08 14:46 - 00002118 _____ C:\WildfireDecryptor.1.0.0.2_08.12.2016_14.46.16_log.txt
2016-12-08 14:21 - 2016-12-08 14:21 - 00028189 _____ C:\ProgramData\agent.1481203236.bdinstall.bin
2016-12-08 14:17 - 2016-12-08 14:17 - 00000000 ____D C:\ProgramData\BDLogging
2016-12-08 14:06 - 2016-12-08 14:06 - 00013623 _____ C:\Users\R\Desktop\Scan.txt
2016-12-08 13:38 - 2016-12-08 13:40 - 00002208 _____ C:\RannohDecryptor.1.9.3.0_08.12.2016_13.38.25_log.txt
2016-12-08 13:35 - 2016-12-08 13:36 - 00000000 ____D C:\Users\R\Desktop\Neuer Ordner (2)
2016-12-08 12:59 - 2016-12-08 13:00 - 00002028 _____ C:\CoinVaultDecryptor.1.0.0.4_08.12.2016_12.59.59_log.txt
2016-12-08 12:59 - 2016-12-08 12:59 - 00002550 _____ C:\RakhniDecryptor.1.17.8.2_08.12.2016_12.59.44_log.txt
2016-12-08 12:59 - 2016-12-08 12:59 - 00002112 _____ C:\RannohDecryptor.1.9.3.0_08.12.2016_12.59.14_log.txt
2016-12-08 12:55 - 2016-12-08 13:00 - 32639194 _____ C:\XoristDecryptor.2.5.1.0_08.12.2016_12.55.46_log.txt
2016-12-08 12:54 - 2016-12-08 15:28 - 00000000 ____D C:\Users\R\Desktop\Decrypt
2016-12-08 12:48 - 2016-12-08 12:48 - 00003690 _____ C:\Windows\System32\Tasks\ALU_SelfUpgrade
2016-12-08 12:46 - 2016-12-08 12:46 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-12-08 12:44 - 2016-12-08 15:23 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-12-08 12:44 - 2016-12-08 12:44 - 00047134 _____ C:\ProgramData\agent.1481197461.bdinstall.bin
2016-12-08 12:44 - 2016-12-08 12:44 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-12-08 12:13 - 2016-12-08 12:13 - 00002138 _____ C:\ShadeDecryptor.1.1.0.2_08.12.2016_12.13.06_log.txt
2016-12-08 12:12 - 2016-12-08 12:12 - 00002118 _____ C:\WildfireDecryptor.1.0.0.2_08.12.2016_12.12.40_log.txt
2016-12-08 12:09 - 2016-12-08 12:14 - 00000000 ____D C:\Users\R\Desktop\Neuer Ordner
2016-12-08 11:54 - 2016-12-08 18:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-08 11:54 - 2016-12-08 11:54 - 00001078 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-08 11:54 - 2016-12-08 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-08 11:54 - 2016-12-08 11:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-08 11:54 - 2016-12-08 11:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-08 11:54 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-08 11:54 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-08 11:54 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-08 11:53 - 2016-12-08 11:54 - 22851472 _____ (Malwarebytes ) C:\Users\R\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-08 11:35 - 2016-12-08 11:35 - 00000000 _____ C:\autoexec.bat
2016-12-08 11:34 - 2016-12-08 12:03 - 00000000 ____D C:\Users\R\AppData\Roaming\Enigma Software Group
2016-12-08 11:34 - 2016-12-08 11:34 - 00000000 ____D C:\sh4ldr
2016-12-08 11:32 - 2016-12-08 12:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-12-08 11:23 - 2016-12-08 11:23 - 11816960 _____ C:\Users\R\Desktop\sardu_08_12_2016_11_23.iso
2016-12-08 08:39 - 2016-12-08 15:50 - 00000000 ____D C:\Users\R\AppData\Roaming\{2de12c60-39ce-4980-a5c3-135a2498e9a8}
2016-12-08 08:38 - 2016-12-08 15:50 - 00000000 ____D C:\Users\R\AppData\Roaming\{de11265a-a0d3-4b5f-862f-7151b3943d20}
2016-12-08 08:38 - 2016-12-08 08:38 - 00000778 _____ C:\Users\R\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-08 08:38 - 2016-12-08 08:38 - 00000778 _____ C:\Users\R\Downloads\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-08 08:38 - 2016-12-08 08:38 - 00000778 _____ C:\Users\R\Desktop\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-08 08:38 - 2016-12-08 08:38 - 00000778 _____ C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-11-27 15:18 - 2016-11-27 15:18 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2016-11-27 15:18 - 2016-11-27 15:18 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-11-27 14:49 - 2016-11-27 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2016-11-27 14:45 - 2016-11-27 14:45 - 00000000 ____D C:\Program Files (x86)\HW Info
2016-11-27 14:34 - 2016-11-27 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-11-27 14:34 - 2011-09-21 10:25 - 00021992 _____ (CPUID) C:\Windows\system32\Drivers\cpuz135_x64.sys
2016-11-17 08:52 - 2016-12-08 18:28 - 00000000 ____D C:\Users\R\AppData\LocalLow\Mozilla
2016-11-16 14:45 - 2016-11-16 14:45 - 00000000 ____D C:\Program Files\Common Files\Adobe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-08 18:31 - 2014-07-24 08:18 - 00000000 __RDO C:\Users\R\OneDrive
2016-12-08 18:29 - 2014-07-24 08:16 - 00000000 ____D C:\Users\R\AppData\Local\SweetLabs App Platform
2016-12-08 18:27 - 2016-11-04 18:55 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d236c4a7cef67c.job
2016-12-08 18:27 - 2014-08-10 21:17 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 18:27 - 2014-07-24 09:16 - 00000000 ____D C:\Users\R\AppData\Roaming\Spamihilator
2016-12-08 16:12 - 2014-07-24 08:22 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1773416356-3014083401-955314134-1002
2016-12-08 16:09 - 2014-07-04 01:50 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-12-08 16:09 - 2014-07-04 01:50 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-12-08 16:09 - 2014-03-18 11:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-08 16:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-12-08 16:04 - 2014-07-03 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-08 16:04 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 16:01 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-12-08 15:50 - 2014-03-18 10:45 - 00000000 ____D C:\Windows\ShellNew
2016-12-08 15:46 - 2014-10-23 16:21 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 15:34 - 2014-08-10 21:17 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 12:49 - 2014-07-24 08:19 - 00002431 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2016-12-08 12:47 - 2016-11-07 13:16 - 00003276 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2016-12-08 12:22 - 2016-01-18 18:02 - 00000000 ____D C:\ProgramData\ScanSoft
2016-12-08 12:22 - 2016-01-18 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2016-12-08 12:22 - 2016-01-18 18:01 - 00000000 ____D C:\ProgramData\Nuance
2016-12-08 12:22 - 2016-01-18 18:01 - 00000000 ____D C:\Program Files (x86)\Nuance
2016-12-08 12:22 - 2014-07-24 10:14 - 00000000 ____D C:\Users\R\AppData\Local\CrashDumps
2016-12-08 12:04 - 2016-06-09 10:09 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-08 12:03 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-12-08 11:34 - 2014-07-24 08:16 - 00000000 ____D C:\Users\R
2016-12-08 09:36 - 2015-05-23 17:18 - 00000000 ____D C:\Users\R\.mediathek3
2016-12-08 09:35 - 2016-07-30 09:20 - 00000000 ____D C:\Users\R\AppData\Roaming\WMBrowser
2016-12-08 09:35 - 2016-07-30 09:20 - 00000000 ____D C:\Users\R\AppData\Roaming\WM Recorder
2016-12-08 08:38 - 2015-06-14 08:49 - 00000000 ____D C:\Users\R\.android
2016-12-08 08:37 - 2014-07-24 08:16 - 00000000 ____D C:\Users\R\AppData\Local\Packages
2016-12-07 18:40 - 2014-07-24 08:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-12-07 18:01 - 2016-02-02 21:41 - 00000000 ____D C:\Users\R\AppData\Roaming\vlc
2016-12-07 13:51 - 2014-07-24 08:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-07 13:28 - 2015-09-29 11:42 - 00000000 ____D C:\ProgramData\firebird
2016-12-06 22:08 - 2016-01-18 18:05 - 00000352 _____ C:\Windows\BRRBCOM.INI
2016-12-06 11:27 - 2014-07-24 10:18 - 00000000 ____D C:\Program Files (x86)\SummaWinplot
2016-12-04 12:55 - 2014-08-10 21:18 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-01 07:26 - 2014-07-24 08:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-27 15:48 - 2014-07-26 21:14 - 01714688 ___SH C:\Users\R\Desktop\Thumbs.db
2016-11-27 14:53 - 2014-10-26 10:32 - 00000000 ____D C:\Users\R\AppData\Roaming\NVIDIA
2016-11-22 14:35 - 2015-09-23 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-22 13:38 - 2014-07-24 09:13 - 00000000 ____D C:\Users\R\AppData\Roaming\FileZilla
2016-11-16 14:45 - 2014-06-11 09:25 - 00000000 ____D C:\ProgramData\Adobe
2016-11-16 12:00 - 2014-08-10 21:17 - 00000000 ____D C:\Users\R\AppData\Local\Google
2016-11-15 22:14 - 2016-04-17 15:41 - 00000000 ____D C:\Users\R\AppData\Local\Windows Live
2016-11-15 19:39 - 2014-07-24 09:28 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-15 19:39 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-08 21:51 - 2016-06-09 10:22 - 00003906 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1465464122

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-16 09:57 - 2015-10-16 10:06 - 0000600 _____ () C:\Users\R\AppData\Local\PUTTY.RND
2014-07-24 13:30 - 2016-04-27 19:02 - 0007633 _____ () C:\Users\R\AppData\Local\Resmon.ResmonCfg
2016-12-08 12:44 - 2016-12-08 12:44 - 0047134 _____ () C:\ProgramData\agent.1481197461.bdinstall.bin
2016-12-08 14:21 - 2016-12-08 14:21 - 0028189 _____ () C:\ProgramData\agent.1481203236.bdinstall.bin
2016-12-08 15:23 - 2016-12-08 15:23 - 0028479 _____ () C:\ProgramData\agent.1481207007.bdinstall.bin
2014-07-03 16:15 - 2014-07-03 16:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\R\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\R\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\R\AppData\Local\Temp\AskSLib.dll
C:\Users\R\AppData\Local\Temp\bassmod.dll
C:\Users\R\AppData\Local\Temp\bdfilters.dll
C:\Users\R\AppData\Local\Temp\COMAP.EXE
C:\Users\R\AppData\Local\Temp\dotnetfx.exe
C:\Users\R\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\R\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\R\AppData\Local\Temp\gkey.exe
C:\Users\R\AppData\Local\Temp\libeay32.dll
C:\Users\R\AppData\Local\Temp\MB365.exe
C:\Users\R\AppData\Local\Temp\octAB27.tmp.exe
C:\Users\R\AppData\Local\Temp\octFFD1.tmp.exe
C:\Users\R\AppData\Local\Temp\On4UD.dll
C:\Users\R\AppData\Local\Temp\ose00000.exe
C:\Users\R\AppData\Local\Temp\ose00001.exe
C:\Users\R\AppData\Local\Temp\passta.exe
C:\Users\R\AppData\Local\Temp\pkeyui.exe
C:\Users\R\AppData\Local\Temp\proxy_util_w32.dll
C:\Users\R\AppData\Local\Temp\proxy_vole1388382856151261747.dll
C:\Users\R\AppData\Local\Temp\proxy_vole2060271509888409092.dll
C:\Users\R\AppData\Local\Temp\proxy_vole6957148257714310769.dll
C:\Users\R\AppData\Local\Temp\proxy_vole7904459317073825849.dll
C:\Users\R\AppData\Local\Temp\QuickStores_Unlocker.exe
C:\Users\R\AppData\Local\Temp\Setup.exe
C:\Users\R\AppData\Local\Temp\sfamcc00001.dll
C:\Users\R\AppData\Local\Temp\sfextra.dll
C:\Users\R\AppData\Local\Temp\shelper.dll
C:\Users\R\AppData\Local\Temp\SkypeSetup.exe
C:\Users\R\AppData\Local\Temp\ssleay32.dll
C:\Users\R\AppData\Local\Temp\tmp1EB4.tmp.exe
C:\Users\R\AppData\Local\Temp\tmp5C36.tmp.exe
C:\Users\R\AppData\Local\Temp\tmp8653.tmp.exe
C:\Users\R\AppData\Local\Temp\utt846A.tmp.exe
C:\Users\R\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\R\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\R\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\R\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\R\AppData\Local\Temp\wabk.exe
C:\Users\R\AppData\Local\Temp\_isC98A.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-06 09:29

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

Thread · 08.12.2016, 19:06

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016
durchgeführt von R (08-12-2016 18:32:26)
Gestartet von C:\Users\R\Desktop
Windows 8.1 (Update) (X64) (2014-07-24 07:16:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1773416356-3014083401-955314134-500 - Administrator - Enabled)
Gast (S-1-5-21-1773416356-3014083401-955314134-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1773416356-3014083401-955314134-1004 - Limited - Enabled)
R (S-1-5-21-1773416356-3014083401-955314134-1002 - Administrator - Enabled) => C:\Users\R

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM-x32\...\Adobe_67a7fb1e97aa14ee9ef0950eb6fd757) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.04)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Ahnenblatt 2.83 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.83.0.1 - Dirk Böttcher)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Audials (HKLM-x32\...\{F0D5A178-FACC-4C07-BD2B-9A4117C5A2C7}) (Version: 14.1.8400.0 - Audials AG)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.10.150607 - )
AVStoDVD 2.8.2 (HKLM-x32\...\AVStoDVD) (Version: 2.8.2 - MrC)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.2.0.0 - ASCOMP Software GmbH)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.2.1014 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BeamNG.drive (HKLM\...\Steam App 284160) (Version:  - BeamNG)
Belegmanager 3.0 (HKLM-x32\...\Belegmanager) (Version: 3.0 - eurodata)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)
Brother MFL-Pro Suite MFC-L8650CDW (HKLM-x32\...\{A3C8ED27-D848-441A-AE81-E42E27109558}) (Version: 1.0.6.0 - Brother Industries, Ltd.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version:  - )
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CardRecoveryPro 2.6.5 (HKLM-x32\...\{D9E1CADA-D103-47AE-B3F8-0C0CD0E5856E}_is1) (Version: 2.6.5 - LionSea Software co., ltd)
Corel WinDVD Pro 11 (HKLM-x32\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.7.0.2 - Corel Inc.)
CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Druckerdeinstallation für EPSON WF-2010 Series (HKLM\...\EPSON WF-2010 Series) (Version:  - SEIKO EPSON Corporation)
DVDFab 9.1.4.0 (17/04/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Epson Benutzerhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Useg) (Version:  - )
Epson Netzwerkhandbuch WF-2010 Series (HKLM-x32\...\WF-2010 Series Netg) (Version:  - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project)
f4transkript (HKLM-x32\...\f4transkript) (Version:  - audiotranskription.de)
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video to MP3 Converter (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.65.1029 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GHOST (HKLM-x32\...\{AC968B0F-024A-4323-BD6B-C2A85D183F34}) (Version: 1.00.0000 - Ihr Firmenname)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.75 - Google Inc.)
Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.123 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Host App Service (HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
Host App Service (HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
ICA (x32 Version: 11.7.0.2 - Corel Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstallUsbDrivers 1.0 (HKLM-x32\...\InstallUsbDrivers_is1) (Version:  - Summa)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IPM (x32 Version: 11.5 - Corel Inc.) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{4CC65EFD-0604-4978-B336-C43283645D58}) (Version: 2.0.1310 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (x32 Version: 2.0.1310 - KYOCERA Document Solutions Inc.) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 6.1.1225 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mein Büro (HKLM-x32\...\{55010C6D-49CB-4ECF-AAEA-7279F73A5EF2}_is1) (Version: 16.0 - Buhl Data Service GmbH)
Microsoft Access Runtime 2013 (HKLM-x32\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4875.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyTomTom 3.2.0.1116 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.1116 - TomTom)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
Pokki Start Menu (HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
psynetic® Gif-X 3.00 (HKLM-x32\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.28148 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Setup (x32 Version: 11.7.0.2 - Corel Inc.) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spamihilator 1.6.0 (64-Bit) (HKLM\...\{A7AE76C5-098C-4F88-8557-F59060F77808}) (Version: 1.6.0 - Michel Krämer)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StarMoney (x32 Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney Business 7  (HKLM-x32\...\{9DE70672-E8D7-4F9D-98F4-078BCC8C5DCC}) (Version: 7 - Star Finanz GmbH)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Summa Cutter Control 4.20.0.0 (HKLM-x32\...\Summa Cutter Control_is1) (Version:  - )
Summa Cutter Tools 1.24.0.0 (HKLM-x32\...\Summa Cutter Tools_is1) (Version:  - Summa)
Summa WinPlot 10.0.11 (HKLM-x32\...\Summa - WinPlot_is1) (Version: 10.0.11.0 - Summa bvba)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.17 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Video Download Capture Version 4.9.6 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.6 - APOWERSOFT LIMITED)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Summa (SUMMACUTamd) USB  (12/12/2012 6.4.6000.4) (HKLM\...\4A4EDF21C698BE90DD492AE3C95F9342F6208B1F) (Version: 12/12/2012 6.4.6000.4 - Summa)
Windows Driver Package - Summa (SUMMADC3amd) USB  (12/12/2012 6.4.6000.0) (HKLM\...\63E777885E5B941B5A0C2DDF9085E35EA579B1FA) (Version: 12/12/2012 6.4.6000.0 - Summa)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinDVD (x32 Version: 11.7.0.2 - Corel Inc.) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\R\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1773416356-3014083401-955314134-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\R\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {050EAD2C-D800-4987-A795-1DD43298FCEC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {1382E74B-1C17-405A-9295-F9E1FE742069} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {1B462B0A-C774-4E06-917E-C5C3BE4B3A91} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1773416356-3014083401-955314134-1002 => C:\Users\R\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2016-04-17] (Microsoft Corporation)
Task: {20D158FC-11E6-40B8-8B9C-BE60BE28694C} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {26F28FF7-7FDF-4703-B6E4-CB8CBE6CE97F} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\RDP Group Configuration => cmd.exe 
Task: {27FBAA52-8CB4-48BA-863C-5D0896A6D764} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup => cmd.exe 
Task: {29FAE3C7-7042-4FF0-88D0-95663FB7EBDA} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Add-in Management => cmd.exe 
Task: {45BDEB42-1082-4564-9673-9FE6742D08A2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {48202B74-A1C6-4D5F-9130-1DFB72491EC6} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\VPN Routes Repair => cmd.exe 
Task: {4F818464-DFF4-4FA1-8B7C-580CC06E5F74} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => D:\Program Files (x86)\CheckDrive\CheckDrive.exe
Task: {535CE2F6-C308-4A59-83B3-A7BB01F86B98} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {55C1CF8E-C314-4F7A-AD82-87941F1B315C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {67EA2E5E-B2AC-493E-85B9-6A78EAECE23E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)
Task: {6D5E97D4-8A62-4436-A225-B1945307EDBF} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\51772996\D\UpgradeDownload.exe [2016-12-08] ()
Task: {70945366-0626-4C9D-BAD0-B112D21AE07B} - System32\Tasks\SafeZone scheduled Autoupdate 1465464122 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {76C00F09-7CEF-417C-AB90-376F39D59078} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)
Task: {83F07634-DF23-4446-A4C9-F02F9BBB3869} - System32\Tasks\SweetLabs App Platform => C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {8674650F-C99A-4AB3-BA93-28AEA25B52D5} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Alert Evaluations => cmd.exe 
Task: {8880097C-26BF-4570-A028-EA9843088E1B} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Health Definition Update => cmd.exe 
Task: {8D139CFA-DDF3-4EFA-9BDC-ED8B3FEBF6D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
Task: {99380063-B00B-4DB9-B811-AB1CAD2EC73B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {9C8CF458-1B2A-447E-9E4E-11EAC4A39C37} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {A0A8699F-821F-46C6-9609-4281346A78A3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {AB46920D-DA52-4172-904C-886880CDD569} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {B5DA3310-2D6D-4F7D-B35E-3ACF880C5F14} - System32\Tasks\{811AC4BD-0120-420F-A4DA-0227188C7613} => pcalua.exe -a "D:\Program Files (x86)\The Creative Assembly\Rome - Total War\RomeTW.exe" -d "D:\Program Files (x86)\The Creative Assembly\Rome - Total War"
Task: {B671035E-BB2F-46C1-BDAA-6B2694AD0F0E} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Client Computer Backup on Idle => cmd.exe 
Task: {B751CD14-3188-4002-893C-CD9F17B5E831} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {BA805968-1B13-40F3-9D51-C04E5B4783D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-11-07] (AVAST Software)
Task: {BE290344-8AF6-44BB-927C-372BD0EC9997} - System32\Tasks\APM_off => C:\hdparm\hdparm.exe [2007-02-24] ()
Task: {BF22044C-200A-4D5E-B0AB-028793679CE7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {C4A486B4-9772-4EFF-8F07-44DC366895A3} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\File History Settings Synchronization => cmd.exe 
Task: {C91E1D23-38E1-41F2-B697-220759AB5654} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {D2BAD4EA-2BAB-4E55-B05D-9CFB8E97A1AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {D4D063A0-3851-4686-85DB-CDCD17547ECA} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {D5197029-46E2-469C-9D17-FBA1D3009DB6} - System32\Tasks\GoogleUpdateTaskMachineCore1d236c4a7cef67c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)
Task: {E9D41EAC-45B3-4DAF-A1AC-8C0493E7FA6D} - System32\Tasks\Microsoft\Windows\Windows Server Essentials\Connector Cleanup => cmd.exe 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d236c4a7cef67c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-07-24 09:28 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-01-18 18:05 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2016-11-01 13:26 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-31 12:47 - 2016-01-31 12:47 - 00073728 _____ () C:\Program Files\Spamihilator\zlib1.dll
2016-01-31 12:47 - 2016-01-31 12:47 - 00380928 _____ () C:\Program Files\Spamihilator\sqlite3.dll
2013-07-08 17:53 - 2013-07-08 17:53 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2016-11-07 21:37 - 2016-11-07 21:37 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-08 10:55 - 2016-12-08 10:55 - 03066880 _____ () C:\Program Files\AVAST Software\Avast\defs\16120802\algo.dll
2016-11-07 21:37 - 2016-11-07 21:37 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-24 12:05 - 2011-01-13 10:44 - 00232800 _____ () D:\Program Files (x86)\StarMoney Business 7\ouservice\PATCHW32.dll
2014-07-03 16:13 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-15 14:32 - 2016-07-15 14:32 - 48936448 _____ () C:\Program Files\avast software\avast\libcef.dll
2016-11-07 21:37 - 2016-11-07 21:37 - 00169064 _____ () C:\Program Files\avast software\avast\JsonRpcServer.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00569856 _____ () C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 01400846 _____ () C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00151054 _____ () C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00222734 _____ () C:\Users\R\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
2016-09-21 10:21 - 2016-09-21 10:21 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\commerzbank.de -> hxxps://commerzbank.de
IE trusted site: HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\commerzbank.de -> hxxps://commerzbank.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1773416356-3014083401-955314134-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\R\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\R\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: CLKMSVC10_99E320F5 => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: RichVideo => 2
HKLM\...\StartupApproved\StartupFolder: => "Canon LBP2900 Status Window.lnk"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "Windows8FirewallControl"
HKLM\...\StartupApproved\Run32: => "SAFE2009 File Redirection Starter"
HKLM\...\StartupApproved\Run32: => "SMB60StarMoneyRunEntry"
HKLM\...\StartupApproved\Run32: => "SAFE2009 HotKeys"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Tilt"
HKLM\...\StartupApproved\Run32: => "SMB7StarMoneyRunEntry"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "EPSONAB2883 (Epson Stylus Office B42WD)"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "EPSONAA1C3F (Epson Stylus Office B42WD)"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "MyTomTomSA.exe"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPSONAB2883 (Epson Stylus Office B42WD)"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPSONAA1C3F (Epson Stylus Office B42WD)"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MyTomTomSA.exe"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-1773416356-3014083401-955314134-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{D712051C-9E18-45F3-99B7-414599AD1A13}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{9EC4845B-F5FB-4A96-8C4A-7CE708B67ECC}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{787A81D6-64C5-4496-9EEB-2B0931F16FDB}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{73862A5F-1EF4-4007-8128-85F2CF7EA374}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F1B2BD7C-1B01-4963-9824-6A90F27E0822}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{39223E0E-FCB7-44D1-9229-0BD1A1843139}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7FDA33E8-284D-4356-AD9A-C314970B4C0D}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{DF9AF005-608D-472E-8679-A984A104A22F}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{576EF453-D240-48A8-A0DC-4B1469D7E205}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9643BA76-9B3E-47AF-950D-DDF7B32AD0F9}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{B7E48630-99DF-404D-841C-BBE13010B5F0}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{80BFB282-F2FE-4BAC-8C1B-DC6AD077923D}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{624EE437-FEA8-49BF-B9F6-300C9D560FE1}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{5C58EE01-727D-4950-8EFB-CDE2C1BB5B5C}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{FD33AD9F-51EB-4F17-B2E2-93D201444A3F}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{18DC9DCE-FC00-418C-AB96-4E213A683CB6}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1EE2B3C2-F4F4-4BF0-A037-0CBC32695917}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{01C8DA3F-66A2-47ED-AE7D-9CBC6F510B5A}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{AD01B071-D46E-481C-B82B-5DA54A6D5463}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7B834EDB-3840-4838-83D5-B9711C5239F3}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{EA030072-146B-4AC3-BC41-D56FDEA1C3A1}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{4BC3EDE5-54D2-4ECB-B72E-07DFE6C9D4C4}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{CAA09BFE-819C-453D-902C-ADCF19D7662B}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F1C44C46-B666-42AA-8297-9DCF56244170}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{51E21825-E959-4CDC-8841-62040F84DB2E}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{F816EA6F-3E13-487E-AEA9-F5410C90AB6E}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{47294C9C-52F8-4385-91DA-7958F13D47B4}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F0EF9DE6-834F-4D0F-8266-14F3FD2E8EEC}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{89075EE9-F633-4053-B402-EE9EA59C757D}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D21ADF3A-4CD1-471B-9A6C-6C15A9A768F0}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{9D2A7915-9C2F-4BDE-9432-06F9B359FEA4}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{30C3C7DC-C1EC-45CC-ABF4-72D9A2B8035A}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C9DCF8FB-5CE3-474C-A1BE-1F4C80D846DF}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{DD7C73E0-F455-4CB0-85B5-AC5BFCF09CA2}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{16707ECE-BC61-4738-A1B6-D52C482D8B3C}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{496AA33D-E69A-4256-A7CC-31A8B1A320B9}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{E820AA82-08FB-4F9E-B728-BB11BD3A6043}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{D6F6CE34-31F9-44CA-B139-B3B47DEF5C52}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{F0094651-CA6C-42AD-87C2-9D9478D7A7CB}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{C05CCF6E-9EFF-4EE0-91CA-6DFA39495790}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{20A321C7-A385-40A8-8C1C-688440418AAF}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{83FAC62E-C705-4B9A-B0C5-CF56E0242B6C}] => C:\Program Files (x86)\Windows8FirewallControl\Windows8FirewallService.exe
FirewallRules: [{1F05A636-EF9C-44AB-9480-0CFCEA0C5DA5}] => C:\Program Files (x86)\Windows8FirewallControl\Windows8FirewallControl.exe
FirewallRules: [{96480EBF-F7C7-4E46-B746-71F7B48711C9}] => C:\Users\R\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2DD08A29-C92F-477A-8C80-8833E8630D45}] => E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F9D4FA9C-E891-493D-8ED2-08041302AED5}] => E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{AAE60AB3-7E3C-4DFC-8392-14A639DDBC32}] => D:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{5BE9FD02-48C0-4886-B1EA-3BEA6267316A}] => D:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [TCP Query User{B453005C-7779-4CB6-BF9F-7159A9F3334F}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{ECCF6190-42DF-4E36-834C-40F6077DADA5}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CBE5D23A-4618-42FB-9BDC-328DB5682AEF}C:\users\r\appdata\roaming\wuala\wuala.exe] => C:\users\r\appdata\roaming\wuala\wuala.exe
FirewallRules: [UDP Query User{EDEFFB74-E529-4771-8746-85D1C98CB535}C:\users\r\appdata\roaming\wuala\wuala.exe] => C:\users\r\appdata\roaming\wuala\wuala.exe
FirewallRules: [TCP Query User{244C3A1D-9315-4D9E-8E43-81F3A0C7A538}C:\users\r\appdata\roaming\wuala\wuala.exe] => C:\users\r\appdata\roaming\wuala\wuala.exe
FirewallRules: [UDP Query User{FD0D094C-83D2-49CE-A76A-D223E1D4FF32}C:\users\r\appdata\roaming\wuala\wuala.exe] => C:\users\r\appdata\roaming\wuala\wuala.exe
FirewallRules: [{F229CD6A-3C39-4A3C-8105-E73E6A10FCC2}] => D:\Program Files (x86)\sMedio\WinDVD11\\WinDVD.exe
FirewallRules: [{36DA93DA-D4FE-40B3-B921-AE3EB7729A34}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38FC9582-F1E4-424D-BB8A-F861A7528971}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{64559B9A-20A8-4A02-A8B9-503902EC6ACC}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6FB2F826-1068-45C9-9111-70AC79BFCEF3}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpexplorer\rtmpexplorer\rtmpsrv.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpexplorer\rtmpexplorer\rtmpsrv.exe
FirewallRules: [UDP Query User{D0A67625-66E0-49FC-B5B5-A833098AE5AD}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpexplorer\rtmpexplorer\rtmpsrv.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpexplorer\rtmpexplorer\rtmpsrv.exe
FirewallRules: [TCP Query User{4474B744-A36F-4E5E-B88C-A53817053110}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpgw.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpgw.exe
FirewallRules: [UDP Query User{3E5730DA-A90F-4389-8848-10F4E45E383D}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpgw.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpgw.exe
FirewallRules: [TCP Query User{BE67D34E-7D59-4559-B51E-AE65F8E5F17E}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpsrv.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpsrv.exe
FirewallRules: [UDP Query User{29EBDBDD-BCBE-4994-87E2-5416A2659C71}D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpsrv.exe] => D:\benutzer\r. s\downloads\programme\streamtrasport\rtmpdump-2.4-2013-12-22\rtmpsrv.exe
FirewallRules: [{2037F805-784D-4BC1-965D-CE8F1ED0E6EB}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{12DE2B81-131E-4208-BB02-AD58D64C23E6}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{B9ED65A3-148B-45A1-A6C6-8F0C2E2C09B7}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{0AFCDD5B-84BA-470A-AB63-CE53F2008947}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{33F0CB2C-DAD7-453A-A330-D024CBCCC000}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{9955FEF3-D40A-4872-AAE2-7C3E90AAF40A}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{43F7E860-10E8-4416-997B-5E52EF2859FF}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{21D82743-293B-421A-BF35-13E131626632}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{40FCB438-788B-4DE8-A87A-87F5E895072C}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{251E3D03-606C-4259-9D70-7229A8081379}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{0D73C9F3-8DD0-4B9A-825D-6775EFEC7D8C}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{2B2E346B-6981-4FAA-9B21-47985F467687}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{AAE6EBE1-11A6-4B1F-9392-587AEF6998EC}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{A370AA28-6A15-43A1-A609-C91CFDE8B7EF}] => D:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [TCP Query User{2F7E3696-27AD-403F-8C54-DD12E327347C}D:\program files (x86)\weiterbildungsrecht\lplocal.exe] => D:\program files (x86)\weiterbildungsrecht\lplocal.exe
FirewallRules: [UDP Query User{5D799EF7-F27A-4581-905B-8891AE476980}D:\program files (x86)\weiterbildungsrecht\lplocal.exe] => D:\program files (x86)\weiterbildungsrecht\lplocal.exe
FirewallRules: [{AE4E65DF-D0BF-42B0-9818-265816B7A2F6}] => C:\Users\R\AppData\Local\Temp\nsd873F.tmp\CnetInstaller-75996768.exe
FirewallRules: [{DD6565C3-26ED-496B-95E8-5201F518A392}] => C:\Users\R\AppData\Local\Temp\nsd873F.tmp\CnetInstaller-75996768.exe
FirewallRules: [{48D04A76-BE90-4830-8513-5C9ED637AEA5}] => C:\Users\R\AppData\Local\Temp\nsiD2EE.tmp\CnetInstaller-75996768.exe
FirewallRules: [{28B2EBE6-8943-4187-A183-8040BB56A536}] => C:\Users\R\AppData\Local\Temp\nsiD2EE.tmp\CnetInstaller-75996768.exe
FirewallRules: [TCP Query User{A75B59F8-638A-4765-97E4-AA1DE9FC87DE}D:\program files\spamihilator\dccproc.exe] => D:\program files\spamihilator\dccproc.exe
FirewallRules: [UDP Query User{9125A23C-C906-4195-AF51-884507F97488}D:\program files\spamihilator\dccproc.exe] => D:\program files\spamihilator\dccproc.exe
FirewallRules: [{89472B83-CE7B-4411-AF1F-34564674ACF3}] => C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{D64506BD-7BC4-415A-9714-162904EE8449}] => C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{4AB49ED0-099A-42C5-A75D-E9E202208860}] => D:\Program Files (x86)\StarMoney Business 7\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{0FED5B40-0368-4D2B-9AA7-BC431842FF54}] => D:\Program Files (x86)\StarMoney Business 7\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{E31D6B83-DA42-403E-B732-D0169D4DBCC5}] => D:\Program Files (x86)\StarMoney Business 7\app\StarMoney.exe
FirewallRules: [{36634B62-C114-4A60-BF8B-6E62CF8CD99B}] => D:\Program Files (x86)\StarMoney Business 7\app\StarMoney.exe
FirewallRules: [{8646F636-1616-41CF-BB0D-A2FF477C8C87}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECB45ECF-FFEA-42B7-87B4-78293A451BDB}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{87649746-0778-4163-AD0D-901BC23D421A}D:\abamsoft\finos\finos.exe] => D:\abamsoft\finos\finos.exe
FirewallRules: [UDP Query User{9CE9F759-B4DF-44A0-83D6-15605486CAD2}D:\abamsoft\finos\finos.exe] => D:\abamsoft\finos\finos.exe
FirewallRules: [{9E67C012-0598-4B02-BD8B-9D1001328790}] => C:\Program Files (x86)\Brother\Brmfl14b\FAXRX.EXE
FirewallRules: [{F42C1954-21F7-4F79-8F2D-44EBF8650B6C}] => LPort=54925
FirewallRules: [{99B33557-EB7B-47E0-AC08-2E1755323CE7}] => C:\Program Files\Spamihilator\spamihilator.exe
FirewallRules: [{7C0445E2-0CEB-4408-BE3C-3F2E88F783CD}] => C:\Program Files\Spamihilator\cdcc.exe
FirewallRules: [{5927F290-0653-41B7-8E06-C1A7D310D507}] => C:\Program Files\Spamihilator\dccproc.exe
FirewallRules: [{E0636661-C1A7-4C92-AEBC-B60ECFC9EF63}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0B951A8F-5E89-4F75-AF8C-E8ED8AEE8405}] => LPort=2869
FirewallRules: [{E3054D76-DABC-4F30-A2F4-A54EBF4F24B0}] => LPort=1900
FirewallRules: [TCP Query User{B9298821-952D-4D5E-9DDD-95BDA312A8D6}D:\program files (x86)\filezilla client\filezilla.exe] => D:\program files (x86)\filezilla client\filezilla.exe
FirewallRules: [UDP Query User{6DF1787B-551B-4DD0-9AA2-6CC985FAA491}D:\program files (x86)\filezilla client\filezilla.exe] => D:\program files (x86)\filezilla client\filezilla.exe
FirewallRules: [{F7ABFD4F-B104-4515-BFA2-39650237EF84}] => C:\Program Files\avast software\avast\ng\vbox\aswFe.exe
FirewallRules: [{DEB208BE-D1AA-4F71-B603-C239BB1302B4}] => C:\Program Files\avast software\avast\ng\vbox\aswFe.exe
FirewallRules: [{609E6C4F-1FFB-4DE9-BDC1-29F73E3CA83E}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{28C16ACE-5C26-4571-BD7C-AA111BD8A30F}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5923DA16-2DEA-463A-A2D3-AB13F7724891}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{25C1D525-917A-4F95-B0EC-E99841BD164F}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D8D3AB85-AFD3-43A2-9ABA-47F9286C04D3}] => D:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{67A03072-97DF-416E-8112-7F446902B345}] => D:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{E918D70B-863B-411A-AB00-901BDF2DE740}] => C:\Program Files (x86)\Audials\Audials 2016\Audials.exe
FirewallRules: [{FD3A2AF7-A5D4-42F8-BED6-63C0FF935C30}] => LPort=12972
FirewallRules: [{C1E6EED6-5AD9-4D9D-8C8C-3964D71D087B}] => LPort=14714
FirewallRules: [{6FC04479-D1CC-4E88-B3C1-E077EF4983F6}] => LPort=31931
FirewallRules: [{4EEF90F6-4A25-4109-B19D-E1A3C98CF3C1}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6257771F-5BE9-49EE-AD61-1A2D8E6DB940}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EE6FABC1-3E17-4B2F-98A5-68BFFB7C8699}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{47771EEC-B993-402B-B188-4C4A0360A291}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9A030650-4C55-4527-AE2D-3624AA2D48A3}D:\program files (x86)\lfs\lfs.exe] => D:\program files (x86)\lfs\lfs.exe
FirewallRules: [UDP Query User{545C97AD-F8A2-41A1-B60B-60EE089DC71F}D:\program files (x86)\lfs\lfs.exe] => D:\program files (x86)\lfs\lfs.exe
FirewallRules: [TCP Query User{5E625474-0D40-463B-A387-C394FA5D4895}D:\program files (x86)\lfs\lfs lazy\lfslazy.exe] => D:\program files (x86)\lfs\lfs lazy\lfslazy.exe
FirewallRules: [UDP Query User{06BC9717-EB41-4FB5-84AF-727043BED0F6}D:\program files (x86)\lfs\lfs lazy\lfslazy.exe] => D:\program files (x86)\lfs\lfs lazy\lfslazy.exe
FirewallRules: [{2C855079-C7D6-4B8D-8E24-65BB85763F10}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CF4046A8-88BB-4433-9D13-8F82A3E2FD09}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5D267097-72F2-47BC-92B2-1AD0715A73F8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3EA8B880-3D44-48A1-9DCC-2E1BB099216C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8013B1E4-91FE-4DE6-A390-FC1700A26744}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{D2182F48-E85A-4B93-B01B-363C56CC3BE5}D:\program files (x86)\lfs\lfs.exe] => D:\program files (x86)\lfs\lfs.exe
FirewallRules: [UDP Query User{649DF31B-C9B1-40B7-B11C-EB6F3C4DB36F}D:\program files (x86)\lfs\lfs.exe] => D:\program files (x86)\lfs\lfs.exe
FirewallRules: [TCP Query User{E3DD888E-5028-4FA7-B275-82BB4A34CA98}D:\program files (x86)\lfs\lfs lazy\lfslazy.exe] => D:\program files (x86)\lfs\lfs lazy\lfslazy.exe
FirewallRules: [UDP Query User{7FBFFB37-AB67-49EB-AA75-0611931F70C6}D:\program files (x86)\lfs\lfs lazy\lfslazy.exe] => D:\program files (x86)\lfs\lfs lazy\lfslazy.exe
FirewallRules: [{FFC5451A-1C43-4576-B5A6-8C6316F96308}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/08/2016 06:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0x1104
Startzeit der fehlerhaften Anwendung: 0x01d2517845e8749a
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: a3f383eb-bd6b-11e6-8493-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 04:06:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0xebc
Startzeit der fehlerhaften Anwendung: 0x01d251646dc8f47d
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: da336a65-bd57-11e6-8493-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 04:00:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0x01d25163889fc32a
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: 0fa68314-bd57-11e6-8491-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 03:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0x01d25162ba7e54b6
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: 08abe75a-bd56-11e6-848e-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 03:51:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0x01d251627a7a9084
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: c112e18f-bd55-11e6-848c-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 03:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0x11c8
Startzeit der fehlerhaften Anwendung: 0x01d2515cb1ee1c45
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: bf83ca4a-bd51-11e6-848b-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 03:09:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0xf00
Startzeit der fehlerhaften Anwendung: 0x01d2515a3acc3fba
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: ed492e6e-bd4f-11e6-848b-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 02:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0x15a4
Startzeit der fehlerhaften Anwendung: 0x01d2514f5f31971d
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: 7107d5b3-bd4d-11e6-848b-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 01:38:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pandaunransom.exe, Version 0.0.0.35 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b08

Startzeit: 01d2514fbbc6e04c

Endzeit: 0

Anwendungspfad: F:\sardu\pandaunransom.exe

Berichts-ID: 3350e119-bd43-11e6-848b-600292348a3f

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/08/2016 01:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000170b
ID des fehlerhaften Prozesses: 0x1f88
Startzeit der fehlerhaften Anwendung: 0x01d2514f513de88d
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll
Berichtskennung: 9865b654-bd42-11e6-848b-600292348a3f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (12/08/2016 04:06:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/08/2016 04:04:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (12/08/2016 04:04:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "regi" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/08/2016 04:01:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (12/08/2016 04:01:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "regi" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/08/2016 04:00:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/08/2016 03:58:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (12/08/2016 03:58:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "regi" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/08/2016 03:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (12/08/2016 03:55:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "regi" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16264.27 MB
Verfügbarer physikalischer RAM: 13138.72 MB
Summe virtueller Speicher: 18696.27 MB
Verfügbarer virtueller Speicher: 15427.73 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:232.08 GB) (Free:142.46 GB) NTFS
Drive d: (DATA) (Fixed) (Total:914.51 GB) (Free:231.69 GB) NTFS
Drive k: () (Network) (Total:2742.65 GB) (Free:2042.92 GB) 
Drive z: () (Network) (Total:2779.26 GB) (Free:862.49 GB) 

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Den einen MBAM Report hatte ich ja in Post 1 angehangen. Zu dem zweiten Suchlauf finde ich leider keinen Log. Daher ein Screenshot des Karantäne Containers (siehe Post 2...sorry hatte etwas mit der Beitragslänge zu kämpfen). Hoffe das ist OK.

Schade dass eine Entschlüsselung noch nicht möglich ist. Da heißt es jetzt wohl leider Nachtschicht einlegen um den Unterricht für morgen nochmal neu vorzubereiten.

...Was für Menschen tun sowas nur. Es gäbe so viel sinnvolleres was man mit solchen Kenntnissen anfangen kann.

TBSS Teil 1

Code:

ATTFilter

18:42:44.0106 0x188c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
18:42:44.0107 0x188c  UEFI system
18:42:49.0790 0x188c  ============================================================
18:42:49.0790 0x188c  Current date / time: 2016/12/08 18:42:49.0790
18:42:49.0790 0x188c  SystemInfo:
18:42:49.0790 0x188c  
18:42:49.0790 0x188c  OS Version: 6.3.9600 ServicePack: 0.0
18:42:49.0790 0x188c  Product type: Workstation
18:42:49.0790 0x188c  ComputerName: 3-MPS
18:42:49.0790 0x188c  UserName: R
18:42:49.0790 0x188c  Windows directory: C:\Windows
18:42:49.0790 0x188c  System windows directory: C:\Windows
18:42:49.0790 0x188c  Running under WOW64
18:42:49.0790 0x188c  Processor architecture: Intel x64
18:42:49.0790 0x188c  Number of processors: 8
18:42:49.0790 0x188c  Page size: 0x1000
18:42:49.0790 0x188c  Boot type: Normal boot
18:42:49.0790 0x188c  CodeIntegrityOptions = 0x00000001
18:42:49.0790 0x188c  ============================================================
18:42:49.0855 0x188c  KLMD registered as C:\Windows\system32\drivers\45875544.sys
18:42:49.0855 0x188c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18264, osProperties = 0x19
18:42:49.0970 0x188c  System UUID: {D4C643FB-3F0D-D8DC-9BA4-5B0F1DF452DB}
18:42:50.0379 0x188c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:50.0395 0x188c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:50.0399 0x188c  ============================================================
18:42:50.0399 0x188c  \Device\Harddisk0\DR0:
18:42:50.0399 0x188c  GPT partitions:
18:42:50.0399 0x188c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C10E053C-F9A0-48D1-97AD-1C9C1FF613D6}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
18:42:50.0399 0x188c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A02AC684-F1E3-4DE5-88D4-BABF461F1719}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
18:42:50.0399 0x188c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2F6AC43C-4292-40A9-A301-0A8D47F8C625}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
18:42:50.0399 0x188c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {278CE264-1364-4619-AE63-A083898D5863}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1D026800
18:42:50.0399 0x188c  MBR partitions:
18:42:50.0399 0x188c  \Device\Harddisk1\DR1:
18:42:50.0400 0x188c  GPT partitions:
18:42:50.0400 0x188c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8604E963-DFB3-4D7F-B6F7-9507DB8807B2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x72505800
18:42:50.0400 0x188c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {67F506BB-4A90-4AF2-B45A-DB10CB9F8F42}, Name: Basic data partition, StartLBA 0x72506000, BlocksNum 0x2200800
18:42:50.0400 0x188c  MBR partitions:
18:42:50.0400 0x188c  ============================================================
18:42:50.0401 0x188c  C: <-> \Device\Harddisk0\DR0\Partition4
18:42:50.0414 0x188c  D: <-> \Device\Harddisk1\DR1\Partition1
18:42:50.0414 0x188c  ============================================================
18:42:50.0414 0x188c  Initialize success
18:42:50.0414 0x188c  ============================================================
18:42:52.0719 0x1814  ============================================================
18:42:52.0719 0x1814  Scan started
18:42:52.0719 0x1814  Mode: Manual; 
18:42:52.0719 0x1814  ============================================================
18:42:52.0719 0x1814  KSN ping started
18:43:15.0041 0x1814  KSN ping finished: false
18:43:16.0956 0x1814  ================ Scan system memory ========================
18:43:16.0956 0x1814  System memory - ok
18:43:16.0957 0x1814  ================ Scan services =============================
18:43:16.0986 0x1814  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:43:16.0990 0x1814  1394ohci - ok
18:43:17.0006 0x1814  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:43:17.0008 0x1814  3ware - ok
18:43:17.0026 0x1814  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:43:17.0034 0x1814  ACPI - ok
18:43:17.0039 0x1814  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:43:17.0041 0x1814  acpiex - ok
18:43:17.0044 0x1814  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:43:17.0045 0x1814  acpipagr - ok
18:43:17.0048 0x1814  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:43:17.0048 0x1814  AcpiPmi - ok
18:43:17.0052 0x1814  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:43:17.0052 0x1814  acpitime - ok
18:43:17.0057 0x1814  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:43:17.0059 0x1814  AdobeARMservice - ok
18:43:17.0078 0x1814  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
18:43:17.0089 0x1814  ADP80XX - ok
18:43:17.0098 0x1814  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:43:17.0101 0x1814  AeLookupSvc - ok
18:43:17.0114 0x1814  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
18:43:17.0122 0x1814  AFD - ok
18:43:17.0128 0x1814  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:43:17.0129 0x1814  agp440 - ok
18:43:17.0133 0x1814  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
18:43:17.0134 0x1814  ahcache - ok
18:43:17.0139 0x1814  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
18:43:17.0141 0x1814  ALG - ok
18:43:17.0147 0x1814  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:43:17.0149 0x1814  AmdK8 - ok
18:43:17.0154 0x1814  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:43:17.0155 0x1814  AmdPPM - ok
18:43:17.0159 0x1814  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:43:17.0160 0x1814  amdsata - ok
18:43:17.0168 0x1814  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:43:17.0172 0x1814  amdsbs - ok
18:43:17.0175 0x1814  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:43:17.0176 0x1814  amdxata - ok
18:43:17.0179 0x1814  [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
18:43:17.0184 0x1814  Apowersoft_AudioDevice - ok
18:43:17.0189 0x1814  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:43:17.0190 0x1814  AppID - ok
18:43:17.0194 0x1814  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:43:17.0195 0x1814  AppIDSvc - ok
18:43:17.0200 0x1814  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
18:43:17.0202 0x1814  Appinfo - ok
18:43:17.0216 0x1814  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
18:43:17.0224 0x1814  AppReadiness - ok
18:43:17.0252 0x1814  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
18:43:17.0270 0x1814  AppXSvc - ok
18:43:17.0276 0x1814  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:43:17.0278 0x1814  arcsas - ok
18:43:17.0282 0x1814  [ 00171C6C15B481B6E4286EBFEFA8E5BD, E8946C62059C04B78FED4B605BF2123C22293A458FFED70739735063003F4351 ] aswHdsKe        C:\Windows\system32\drivers\aswHdsKe.sys
18:43:17.0283 0x1814  aswHdsKe - ok
18:43:17.0286 0x1814  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:43:17.0287 0x1814  aswHwid - ok
18:43:17.0292 0x1814  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:43:17.0294 0x1814  aswMonFlt - ok
18:43:17.0304 0x1814  [ 75325BC6BE15471331FFCEEC14E1DA03, 68A9DC2C4518DBAD54E60B7C89F713DD9FD287D42CFC75700D44A5B8CA4AED0F ] aswNetSec       C:\Windows\system32\drivers\aswNetSec.sys
18:43:17.0310 0x1814  aswNetSec - ok
18:43:17.0315 0x1814  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:43:17.0316 0x1814  aswRdr - ok
18:43:17.0320 0x1814  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:43:17.0321 0x1814  aswRvrt - ok
18:43:17.0340 0x1814  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:43:17.0354 0x1814  aswSnx - ok
18:43:17.0366 0x1814  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:43:17.0373 0x1814  aswSP - ok
18:43:17.0379 0x1814  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:43:17.0382 0x1814  aswStm - ok
18:43:17.0390 0x1814  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:43:17.0394 0x1814  aswVmm - ok
18:43:17.0398 0x1814  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:43:17.0399 0x1814  AsyncMac - ok
18:43:17.0402 0x1814  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:43:17.0402 0x1814  atapi - ok
18:43:17.0407 0x1814  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
18:43:17.0413 0x1814  AthBTPort - ok
18:43:17.0426 0x1814  [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
18:43:17.0438 0x1814  AtherosSvc - ok
18:43:17.0518 0x1814  [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
18:43:17.0583 0x1814  athr - ok
18:43:17.0596 0x1814  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
18:43:17.0606 0x1814  atksgt - ok
18:43:17.0613 0x1814  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:43:17.0617 0x1814  AudioEndpointBuilder - ok
18:43:17.0641 0x1814  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:43:17.0654 0x1814  Audiosrv - ok
18:43:17.0662 0x1814  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:43:17.0665 0x1814  avast! Antivirus - ok
18:43:17.0671 0x1814  [ CAA9BB913356E9FD56761C9352B7054B, E810C6EE0673BEBCF9C74223D120589E8441CB1B74D25A7E10554B6EA96D6909 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
18:43:17.0675 0x1814  avast! Firewall - ok
18:43:17.0677 0x1814  AvastVBoxSvc - ok
18:43:17.0688 0x1814  [ 81862C2A991036C85FDA23FFDC140F92, 32E6671729A9FFB4A187A4E22F69EB44BCF35AD4BBD5003E046914AACFD58557 ] avmike          C:\Program Files\FRITZ!Fernzugang\avmike.exe
18:43:17.0700 0x1814  avmike - ok
18:43:17.0705 0x1814  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:43:17.0707 0x1814  AxInstSV - ok
18:43:17.0722 0x1814  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:43:17.0730 0x1814  b06bdrv - ok
18:43:17.0734 0x1814  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:43:17.0735 0x1814  BasicDisplay - ok
18:43:17.0739 0x1814  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:43:17.0740 0x1814  BasicRender - ok
18:43:17.0888 0x1814  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl63a.sys
18:43:18.0003 0x1814  BCM43XX - ok
18:43:18.0014 0x1814  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
18:43:18.0014 0x1814  bcmfn2 - ok
18:43:18.0025 0x1814  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:43:18.0030 0x1814  BDESVC - ok
18:43:18.0033 0x1814  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
18:43:18.0034 0x1814  Beep - ok
18:43:18.0051 0x1814  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
18:43:18.0063 0x1814  BFE - ok
18:43:18.0087 0x1814  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
18:43:18.0102 0x1814  BITS - ok
18:43:18.0110 0x1814  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:43:18.0121 0x1814  Bonjour Service - ok
18:43:18.0126 0x1814  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:43:18.0127 0x1814  bowser - ok
18:43:18.0134 0x1814  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:43:18.0139 0x1814  BrokerInfrastructure - ok
18:43:18.0144 0x1814  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
18:43:18.0147 0x1814  Browser - ok
18:43:18.0156 0x1814  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:43:18.0168 0x1814  BrYNSvc - ok
18:43:18.0177 0x1814  [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
18:43:18.0187 0x1814  BTATH_A2DP - ok
18:43:18.0192 0x1814  [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
18:43:18.0198 0x1814  btath_avdt - ok
18:43:18.0202 0x1814  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
18:43:18.0206 0x1814  BTATH_BUS - ok
18:43:18.0211 0x1814  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:43:18.0216 0x1814  BTATH_LWFLT - ok
18:43:18.0221 0x1814  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
18:43:18.0228 0x1814  BTATH_RCP - ok
18:43:18.0244 0x1814  [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
18:43:18.0259 0x1814  BtFilter - ok
18:43:18.0263 0x1814  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:43:18.0264 0x1814  BthAvrcpTg - ok
18:43:18.0268 0x1814  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
18:43:18.0269 0x1814  BthEnum - ok
18:43:18.0273 0x1814  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:43:18.0274 0x1814  BthHFEnum - ok
18:43:18.0278 0x1814  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:43:18.0279 0x1814  bthhfhid - ok
18:43:18.0286 0x1814  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
18:43:18.0292 0x1814  BthHFSrv - ok
18:43:18.0300 0x1814  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:43:18.0303 0x1814  BthLEEnum - ok
18:43:18.0307 0x1814  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:43:18.0309 0x1814  BTHMODEM - ok
18:43:18.0315 0x1814  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
18:43:18.0317 0x1814  BthPan - ok
18:43:18.0351 0x1814  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:43:18.0367 0x1814  BTHPORT - ok
18:43:18.0372 0x1814  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
18:43:18.0375 0x1814  bthserv - ok
18:43:18.0379 0x1814  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:43:18.0380 0x1814  BTHUSB - ok
18:43:18.0385 0x1814  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:43:18.0386 0x1814  cdfs - ok
18:43:18.0394 0x1814  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:43:18.0396 0x1814  cdrom - ok
18:43:18.0402 0x1814  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:43:18.0405 0x1814  CertPropSvc - ok
18:43:18.0412 0x1814  [ 75A561F505EA4D0A13EEFBB8CBDB1C35, C422F9E3D5122BA9E3BDB556A9DA1A357AB0CFBD84DC01A612B253D79EFA0DA6 ] certsrv         C:\Program Files\FRITZ!Fernzugang\certsrv.exe
18:43:18.0419 0x1814  certsrv - ok
18:43:18.0423 0x1814  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
18:43:18.0424 0x1814  circlass - ok
18:43:18.0435 0x1814  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:43:18.0441 0x1814  CLFS - ok
18:43:18.0496 0x1814  [ 99C73D65BF6E6AE66D1B4337D8260C97, D13E9861125ABFA892F7FCED1E007FD5FBEE27954C9084286FFD186193157D3A ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:43:18.0536 0x1814  ClickToRunSvc - ok
18:43:18.0546 0x1814  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:43:18.0547 0x1814  CmBatt - ok
18:43:18.0559 0x1814  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:43:18.0567 0x1814  CNG - ok
18:43:18.0572 0x1814  [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64    C:\Windows\System32\drivers\lvbflt64.sys
18:43:18.0576 0x1814  CompFilter64 - ok
18:43:18.0580 0x1814  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:43:18.0581 0x1814  CompositeBus - ok
18:43:18.0583 0x1814  COMSysApp - ok
18:43:18.0587 0x1814  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:43:18.0588 0x1814  condrv - ok
18:43:18.0607 0x1814  [ 42468E76986C1132B099F307A85778C6, 8ECEB22171A6540DBE1EFA05C1E7FEAECEB0D2E0F719731FC9C237F49B3AB329 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:43:18.0619 0x1814  cphs - ok
18:43:18.0622 0x1814  [ C08063F052308B6F5882482615387F30, 523D1D43E896077F32CD9ACAA8E85B513BFB7B013A625E56F0D4E9675D9822BA ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
18:43:18.0627 0x1814  cpuz135 - ok
18:43:18.0633 0x1814  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:43:18.0636 0x1814  CryptSvc - ok
18:43:18.0640 0x1814  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
18:43:18.0641 0x1814  dam - ok
18:43:18.0661 0x1814  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:43:18.0675 0x1814  DcomLaunch - ok
18:43:18.0689 0x1814  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
18:43:18.0698 0x1814  defragsvc - ok
18:43:18.0709 0x1814  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:43:18.0715 0x1814  DeviceAssociationService - ok
18:43:18.0721 0x1814  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:43:18.0725 0x1814  DeviceInstall - ok
18:43:18.0730 0x1814  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:43:18.0733 0x1814  Dfsc - ok
18:43:18.0742 0x1814  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:43:18.0748 0x1814  Dhcp - ok
18:43:18.0790 0x1814  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:43:18.0814 0x1814  DiagTrack - ok
18:43:18.0829 0x1814  [ ABD573313386C93625643BEEB89E5400, DA9A9F6F42FD7E3097A54069251A01B313EA21C5BC96E2284B3EF63B974D2E91 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
18:43:18.0842 0x1814  DigitalWave.Update.Service - ok
18:43:18.0848 0x1814  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
18:43:18.0850 0x1814  disk - ok
18:43:18.0853 0x1814  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:43:18.0854 0x1814  dmvsc - ok
18:43:18.0862 0x1814  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:43:18.0866 0x1814  Dnscache - ok
18:43:18.0874 0x1814  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:43:18.0879 0x1814  dot3svc - ok
18:43:18.0885 0x1814  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
18:43:18.0888 0x1814  DPS - ok
18:43:18.0892 0x1814  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:43:18.0892 0x1814  drmkaud - ok
18:43:18.0899 0x1814  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:43:18.0903 0x1814  DsmSvc - ok
18:43:18.0935 0x1814  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:43:18.0955 0x1814  DXGKrnl - ok
18:43:18.0962 0x1814  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:43:18.0965 0x1814  Eaphost - ok
18:43:19.0034 0x1814  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:43:19.0078 0x1814  ebdrv - ok
18:43:19.0086 0x1814  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
18:43:19.0089 0x1814  EFS - ok
18:43:19.0094 0x1814  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:43:19.0096 0x1814  EhStorClass - ok
18:43:19.0102 0x1814  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:43:19.0104 0x1814  EhStorTcgDrv - ok
18:43:19.0150 0x1814  [ 93F194B160AD93B776D8DAED3D76A2C5, A6089D65459F09DC69368A68E898824327B064DEB8BC47D192B7F71D4A5252EE ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
18:43:19.0198 0x1814  ePowerSvc - ok
18:43:19.0204 0x1814  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:43:19.0205 0x1814  ErrDev - ok
18:43:19.0219 0x1814  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
18:43:19.0227 0x1814  EventSystem - ok
18:43:19.0236 0x1814  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:43:19.0239 0x1814  exfat - ok
18:43:19.0247 0x1814  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:43:19.0250 0x1814  fastfat - ok
18:43:19.0265 0x1814  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
18:43:19.0275 0x1814  Fax - ok
18:43:19.0279 0x1814  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:43:19.0280 0x1814  fdc - ok
18:43:19.0283 0x1814  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:43:19.0285 0x1814  fdPHost - ok
18:43:19.0288 0x1814  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:43:19.0291 0x1814  FDResPub - ok
18:43:19.0296 0x1814  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
18:43:19.0299 0x1814  fhsvc - ok
18:43:19.0303 0x1814  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:43:19.0305 0x1814  FileInfo - ok
18:43:19.0309 0x1814  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:43:19.0310 0x1814  Filetrace - ok
18:43:19.0325 0x1814  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:43:19.0344 0x1814  FLEXnet Licensing Service - ok
18:43:19.0349 0x1814  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:43:19.0350 0x1814  flpydisk - ok
18:43:19.0360 0x1814  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:43:19.0365 0x1814  FltMgr - ok
18:43:19.0402 0x1814  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
18:43:19.0423 0x1814  FontCache - ok
18:43:19.0428 0x1814  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:19.0429 0x1814  FontCache3.0.0.0 - ok
18:43:19.0433 0x1814  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:43:19.0434 0x1814  FsDepends - ok
18:43:19.0437 0x1814  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:43:19.0438 0x1814  Fs_Rec - ok
18:43:19.0453 0x1814  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:43:19.0462 0x1814  fvevol - ok
18:43:19.0466 0x1814  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:43:19.0467 0x1814  FxPPM - ok
18:43:19.0472 0x1814  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:43:19.0473 0x1814  gagp30kx - ok
18:43:19.0477 0x1814  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:43:19.0478 0x1814  gencounter - ok
18:43:19.0484 0x1814  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:43:19.0486 0x1814  GPIOClx0101 - ok
18:43:19.0515 0x1814  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:43:19.0535 0x1814  gpsvc - ok
18:43:19.0542 0x1814  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:19.0545 0x1814  gupdate - ok
18:43:19.0549 0x1814  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:19.0552 0x1814  gupdatem - ok
18:43:19.0565 0x1814  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:19.0571 0x1814  HdAudAddService - ok
18:43:19.0576 0x1814  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:43:19.0578 0x1814  HDAudBus - ok
18:43:19.0581 0x1814  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:43:19.0582 0x1814  HidBatt - ok
18:43:19.0587 0x1814  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:43:19.0589 0x1814  HidBth - ok
18:43:19.0593 0x1814  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:43:19.0594 0x1814  hidi2c - ok
18:43:19.0598 0x1814  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:43:19.0599 0x1814  HidIr - ok
18:43:19.0602 0x1814  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
18:43:19.0605 0x1814  hidserv - ok
18:43:19.0608 0x1814  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:43:19.0609 0x1814  HidUsb - ok
18:43:19.0614 0x1814  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:43:19.0617 0x1814  hkmsvc - ok
18:43:19.0625 0x1814  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:19.0631 0x1814  HomeGroupListener - ok
18:43:19.0643 0x1814  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:19.0652 0x1814  HomeGroupProvider - ok
18:43:19.0656 0x1814  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:43:19.0658 0x1814  HpSAMD - ok
18:43:19.0676 0x1814  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:43:19.0690 0x1814  HTTP - ok
18:43:19.0715 0x1814  HWiNFO32 - ok
18:43:19.0732 0x1814  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:43:19.0733 0x1814  hwpolicy - ok
18:43:19.0736 0x1814  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:43:19.0737 0x1814  hyperkbd - ok
18:43:19.0740 0x1814  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:43:19.0741 0x1814  HyperVideo - ok
18:43:19.0747 0x1814  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:43:19.0749 0x1814  i8042prt - ok
18:43:19.0753 0x1814  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:43:19.0754 0x1814  iaLPSSi_GPIO - ok
18:43:19.0759 0x1814  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:43:19.0761 0x1814  iaLPSSi_I2C - ok
18:43:19.0777 0x1814  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
18:43:19.0793 0x1814  iaStorA - ok
18:43:19.0809 0x1814  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
18:43:19.0818 0x1814  iaStorAV - ok
18:43:19.0832 0x1814  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:43:19.0838 0x1814  iaStorV - ok
18:43:19.0841 0x1814  IEEtwCollectorService - ok
18:43:19.0919 0x1814  [ 09E41C653B31A4AF5B0E5D25C3FBC057, B45740F3FCF3565AC1D40486B9313B61F0824B36BD6C28DB057497ACD9D4FB39 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:43:19.0992 0x1814  igfx - ok
18:43:20.0022 0x1814  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:43:20.0038 0x1814  IKEEXT - ok
18:43:20.0044 0x1814  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:43:20.0048 0x1814  intaud_WaveExtensible - ok
18:43:20.0111 0x1814  [ 8EB4D1D7806D05E5AB39D96464D801CA, 73853F56CD05243B1CABED2CA2420DFC8BA53F951030EECCD0D2A0E26D8A0D1B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:43:20.0182 0x1814  IntcAzAudAddService - ok
18:43:20.0200 0x1814  [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:43:20.0212 0x1814  IntcDAud - ok
18:43:20.0243 0x1814  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:43:20.0261 0x1814  Intel(R) Capability Licensing Service Interface - ok
18:43:20.0281 0x1814  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:43:20.0300 0x1814  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:43:20.0304 0x1814  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:43:20.0305 0x1814  intelide - ok
18:43:20.0309 0x1814  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
18:43:20.0311 0x1814  intelpep - ok
18:43:20.0316 0x1814  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:43:20.0318 0x1814  intelppm - ok
18:43:20.0323 0x1814  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:20.0325 0x1814  IpFilterDriver - ok
18:43:20.0346 0x1814  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:43:20.0360 0x1814  iphlpsvc - ok
18:43:20.0366 0x1814  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:43:20.0368 0x1814  IPMIDRV - ok
18:43:20.0374 0x1814  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:43:20.0376 0x1814  IPNAT - ok
18:43:20.0380 0x1814  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:43:20.0381 0x1814  IRENUM - ok
18:43:20.0385 0x1814  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:43:20.0386 0x1814  isapnp - ok
18:43:20.0397 0x1814  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:43:20.0402 0x1814  iScsiPrt - ok
18:43:20.0407 0x1814  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:43:20.0413 0x1814  IviRegMgr - ok
18:43:20.0417 0x1814  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
18:43:20.0421 0x1814  iwdbus - ok
18:43:20.0427 0x1814  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:43:20.0435 0x1814  jhi_service - ok
18:43:20.0446 0x1814  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:43:20.0452 0x1814  k57nd60a - ok
18:43:20.0457 0x1814  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:43:20.0458 0x1814  kbdclass - ok
18:43:20.0462 0x1814  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:43:20.0463 0x1814  kbdhid - ok
18:43:20.0467 0x1814  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:43:20.0467 0x1814  kdnic - ok
18:43:20.0471 0x1814  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
18:43:20.0474 0x1814  KeyIso - ok
18:43:20.0480 0x1814  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:43:20.0482 0x1814  KSecDD - ok
18:43:20.0487 0x1814  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:43:20.0490 0x1814  KSecPkg - ok
18:43:20.0494 0x1814  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:43:20.0495 0x1814  ksthunk - ok
18:43:20.0505 0x1814  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:43:20.0513 0x1814  KtmRm - ok
18:43:20.0523 0x1814  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:43:20.0530 0x1814  LanmanServer - ok
18:43:20.0539 0x1814  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:20.0547 0x1814  LanmanWorkstation - ok
18:43:20.0560 0x1814  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
18:43:20.0569 0x1814  lfsvc - ok
18:43:20.0574 0x1814  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
18:43:20.0578 0x1814  lirsgt - ok
18:43:20.0582 0x1814  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:43:20.0583 0x1814  lltdio - ok

Thread · 08.12.2016, 19:06

TBSS Teil 2:

Code:

ATTFilter

18:43:20.0592 0x1814  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:43:20.0598 0x1814  lltdsvc - ok
18:43:20.0601 0x1814  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
18:43:20.0605 0x1814  LMDriver - ok
18:43:20.0608 0x1814  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:43:20.0610 0x1814  lmhosts - ok
18:43:20.0620 0x1814  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:43:20.0633 0x1814  LMS - ok
18:43:20.0645 0x1814  [ 5259A9DAB76FFBCE3CD94C710FF49621, 80DF535A44D002CB5D2634C1EDA81F9E50E4220C3A86082C365024AC7F774C5A ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
18:43:20.0657 0x1814  LMSvc - ok
18:43:20.0664 0x1814  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:43:20.0666 0x1814  LSI_SAS - ok
18:43:20.0671 0x1814  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:43:20.0672 0x1814  LSI_SAS2 - ok
18:43:20.0678 0x1814  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
18:43:20.0679 0x1814  LSI_SAS3 - ok
18:43:20.0684 0x1814  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:43:20.0685 0x1814  LSI_SSS - ok
18:43:20.0706 0x1814  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
18:43:20.0719 0x1814  LSM - ok
18:43:20.0725 0x1814  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:43:20.0728 0x1814  luafv - ok
18:43:20.0740 0x1814  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
18:43:20.0750 0x1814  LVRS64 - ok
18:43:20.0871 0x1814  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
18:43:20.0948 0x1814  LVUVC64 - ok
18:43:20.0957 0x1814  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:43:20.0961 0x1814  MBAMProtector - ok
18:43:20.0988 0x1814  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:43:21.0022 0x1814  MBAMScheduler - ok
18:43:21.0044 0x1814  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:43:21.0071 0x1814  MBAMService - ok
18:43:21.0078 0x1814  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:43:21.0089 0x1814  MBAMSwissArmy - ok
18:43:21.0093 0x1814  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:43:21.0098 0x1814  MBAMWebAccessControl - ok
18:43:21.0099 0x1814  McAfee SiteAdvisor Service - ok
18:43:21.0104 0x1814  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
18:43:21.0105 0x1814  megasas - ok
18:43:21.0119 0x1814  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
18:43:21.0127 0x1814  megasr - ok
18:43:21.0133 0x1814  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:43:21.0138 0x1814  MEIx64 - ok
18:43:21.0143 0x1814  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
18:43:21.0146 0x1814  MMCSS - ok
18:43:21.0150 0x1814  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
18:43:21.0151 0x1814  Modem - ok
18:43:21.0154 0x1814  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:43:21.0155 0x1814  monitor - ok
18:43:21.0159 0x1814  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:43:21.0161 0x1814  mouclass - ok
18:43:21.0164 0x1814  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:43:21.0165 0x1814  mouhid - ok
18:43:21.0170 0x1814  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:43:21.0172 0x1814  mountmgr - ok
18:43:21.0177 0x1814  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:43:21.0180 0x1814  MozillaMaintenance - ok
18:43:21.0184 0x1814  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:43:21.0185 0x1814  mpsdrv - ok
18:43:21.0203 0x1814  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:43:21.0218 0x1814  MpsSvc - ok
18:43:21.0224 0x1814  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:43:21.0227 0x1814  MRxDAV - ok
18:43:21.0236 0x1814  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:21.0242 0x1814  mrxsmb - ok
18:43:21.0250 0x1814  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:21.0254 0x1814  mrxsmb10 - ok
18:43:21.0261 0x1814  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:21.0264 0x1814  mrxsmb20 - ok
18:43:21.0269 0x1814  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:43:21.0271 0x1814  MsBridge - ok
18:43:21.0277 0x1814  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
18:43:21.0281 0x1814  MSDTC - ok
18:43:21.0286 0x1814  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:43:21.0287 0x1814  Msfs - ok
18:43:21.0291 0x1814  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:43:21.0292 0x1814  msgpiowin32 - ok
18:43:21.0295 0x1814  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:43:21.0296 0x1814  mshidkmdf - ok
18:43:21.0298 0x1814  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:43:21.0299 0x1814  mshidumdf - ok
18:43:21.0302 0x1814  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:43:21.0303 0x1814  msisadrv - ok
18:43:21.0309 0x1814  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:43:21.0313 0x1814  MSiSCSI - ok
18:43:21.0316 0x1814  msiserver - ok
18:43:21.0319 0x1814  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:43:21.0320 0x1814  MSKSSRV - ok
18:43:21.0325 0x1814  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:43:21.0326 0x1814  MsLldp - ok
18:43:21.0329 0x1814  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:21.0329 0x1814  MSPCLOCK - ok
18:43:21.0332 0x1814  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:43:21.0333 0x1814  MSPQM - ok
18:43:21.0343 0x1814  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:43:21.0348 0x1814  MsRPC - ok
18:43:21.0354 0x1814  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:43:21.0355 0x1814  mssmbios - ok
18:43:21.0358 0x1814  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:43:21.0359 0x1814  MSTEE - ok
18:43:21.0362 0x1814  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:43:21.0363 0x1814  MTConfig - ok
18:43:21.0366 0x1814  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
18:43:21.0368 0x1814  Mup - ok
18:43:21.0372 0x1814  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:43:21.0373 0x1814  mvumis - ok
18:43:21.0385 0x1814  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
18:43:21.0394 0x1814  napagent - ok
18:43:21.0406 0x1814  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:43:21.0412 0x1814  NativeWifiP - ok
18:43:21.0418 0x1814  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:43:21.0423 0x1814  NcaSvc - ok
18:43:21.0428 0x1814  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
18:43:21.0432 0x1814  NcbService - ok
18:43:21.0436 0x1814  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:43:21.0440 0x1814  NcdAutoSetup - ok
18:43:21.0468 0x1814  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:43:21.0484 0x1814  NDIS - ok
18:43:21.0489 0x1814  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:43:21.0491 0x1814  NdisCap - ok
18:43:21.0496 0x1814  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:43:21.0498 0x1814  NdisImPlatform - ok
18:43:21.0501 0x1814  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:21.0502 0x1814  NdisTapi - ok
18:43:21.0506 0x1814  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:21.0508 0x1814  Ndisuio - ok
18:43:21.0511 0x1814  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
18:43:21.0512 0x1814  NdisVirtualBus - ok
18:43:21.0518 0x1814  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:21.0522 0x1814  NdisWan - ok
18:43:21.0528 0x1814  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:21.0531 0x1814  NdisWanLegacy - ok
18:43:21.0536 0x1814  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:43:21.0538 0x1814  NDProxy - ok
18:43:21.0543 0x1814  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:43:21.0545 0x1814  Ndu - ok
18:43:21.0549 0x1814  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:43:21.0550 0x1814  NetBIOS - ok
18:43:21.0558 0x1814  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:43:21.0562 0x1814  NetBT - ok
18:43:21.0566 0x1814  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
18:43:21.0569 0x1814  Netlogon - ok
18:43:21.0576 0x1814  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
18:43:21.0582 0x1814  Netman - ok
18:43:21.0596 0x1814  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:43:21.0606 0x1814  netprofm - ok
18:43:21.0614 0x1814  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:21.0618 0x1814  NetTcpPortSharing - ok
18:43:21.0623 0x1814  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
18:43:21.0624 0x1814  netvsc - ok
18:43:21.0634 0x1814  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:43:21.0641 0x1814  NlaSvc - ok
18:43:21.0645 0x1814  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:43:21.0646 0x1814  Npfs - ok
18:43:21.0650 0x1814  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:43:21.0651 0x1814  npsvctrig - ok
18:43:21.0654 0x1814  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
18:43:21.0657 0x1814  nsi - ok
18:43:21.0660 0x1814  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:43:21.0662 0x1814  nsiproxy - ok
18:43:21.0699 0x1814  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:43:21.0727 0x1814  Ntfs - ok
18:43:21.0731 0x1814  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
18:43:21.0732 0x1814  Null - ok
18:43:21.0959 0x1814  [ B600B82E9CEB1C97B751B19E0914B520, ED0AE29B4A38A70792E7C5D4F0971068EE3BB4ACC66A9054ED35611F2008AA9F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:43:22.0193 0x1814  nvlddmkm - ok
18:43:22.0210 0x1814  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:43:22.0213 0x1814  nvraid - ok
18:43:22.0219 0x1814  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:43:22.0222 0x1814  nvstor - ok
18:43:22.0226 0x1814  [ 66B4D2AA9C733A40B1C673402E99A7D0, DD4297CCB3527C95E52132271C296D277FC4C5FB59731AF25FCC19A523A8D20C ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:43:22.0230 0x1814  nvvad_WaveExtensible - ok
18:43:22.0235 0x1814  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:43:22.0238 0x1814  nv_agp - ok
18:43:22.0247 0x1814  [ 9ED2D6751813F5589710A8122CD227B2, 6CC824DFF403E0C43FE036E40EFDD0FD4B95D908EF3C687E21D9AD54491DFE81 ] NWIM            C:\Windows\system32\DRIVERS\avmnwim.sys
18:43:22.0259 0x1814  NWIM - ok
18:43:22.0264 0x1814  [ 18D041C4E99653D5C782AD2B3E4AAE04, B991AF5CFCF9174E050D5034FAB044C0FB01CBC0C0FB01F0ACF2C52B227BF33D ] nwtsrv          C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
18:43:22.0272 0x1814  nwtsrv - ok
18:43:22.0500 0x1814  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
18:43:22.0554 0x1814  Origin Client Service - ok
18:43:22.0562 0x1814  [ E133C2D85CFF4EDD7FE8E8F0F8BE6CDB, 6C5E7D9C81A409E67C143CD3AED33BDDC3967FA4C9AB3B98560B7D3BF57D093D ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:22.0565 0x1814  ose - ok
18:43:22.0577 0x1814  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:43:22.0585 0x1814  p2pimsvc - ok
18:43:22.0597 0x1814  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
18:43:22.0606 0x1814  p2psvc - ok
18:43:22.0615 0x1814  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
18:43:22.0617 0x1814  Parport - ok
18:43:22.0621 0x1814  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:43:22.0623 0x1814  partmgr - ok
18:43:22.0637 0x1814  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:43:22.0647 0x1814  PcaSvc - ok
18:43:22.0658 0x1814  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
18:43:22.0663 0x1814  pci - ok
18:43:22.0665 0x1814  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:43:22.0666 0x1814  pciide - ok
18:43:22.0672 0x1814  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:43:22.0675 0x1814  pcmcia - ok
18:43:22.0680 0x1814  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:43:22.0681 0x1814  pcw - ok
18:43:22.0685 0x1814  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
18:43:22.0687 0x1814  pdc - ok
18:43:22.0704 0x1814  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:43:22.0715 0x1814  PEAUTH - ok
18:43:22.0729 0x1814  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:43:22.0732 0x1814  PerfHost - ok
18:43:22.0772 0x1814  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
18:43:22.0798 0x1814  pla - ok
18:43:22.0812 0x1814  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:43:22.0817 0x1814  PlugPlay - ok
18:43:22.0833 0x1814  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:43:22.0836 0x1814  PNRPAutoReg - ok
18:43:22.0868 0x1814  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:43:22.0876 0x1814  PNRPsvc - ok
18:43:22.0904 0x1814  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:43:22.0913 0x1814  PolicyAgent - ok
18:43:22.0934 0x1814  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
18:43:22.0939 0x1814  Power - ok
18:43:22.0946 0x1814  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:43:22.0948 0x1814  PptpMiniport - ok
18:43:23.0022 0x1814  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:43:23.0063 0x1814  PrintNotify - ok
18:43:23.0072 0x1814  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
18:43:23.0075 0x1814  Processor - ok
18:43:23.0096 0x1814  [ BA2DA685FB152180908C7D778B2BBD61, 335C81941855D3DE90443E47E42D44645BE2AB736334DB96C0890D82EEF03475 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
18:43:23.0124 0x1814  ProductAgentService - ok
18:43:23.0133 0x1814  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:43:23.0139 0x1814  ProfSvc - ok
18:43:23.0145 0x1814  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:43:23.0147 0x1814  Psched - ok
18:43:23.0155 0x1814  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:43:23.0163 0x1814  PSI_SVC_2 - ok
18:43:23.0171 0x1814  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
18:43:23.0178 0x1814  QWAVE - ok
18:43:23.0182 0x1814  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:43:23.0183 0x1814  QWAVEdrv - ok
18:43:23.0186 0x1814  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
18:43:23.0190 0x1814  RadioShim - ok
18:43:23.0193 0x1814  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:43:23.0194 0x1814  RasAcd - ok
18:43:23.0199 0x1814  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:43:23.0200 0x1814  RasAgileVpn - ok
18:43:23.0205 0x1814  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
18:43:23.0210 0x1814  RasAuto - ok
18:43:23.0214 0x1814  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:23.0216 0x1814  Rasl2tp - ok
18:43:23.0233 0x1814  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
18:43:23.0243 0x1814  RasMan - ok
18:43:23.0248 0x1814  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:23.0249 0x1814  RasPppoe - ok
18:43:23.0254 0x1814  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:43:23.0256 0x1814  RasSstp - ok
18:43:23.0267 0x1814  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:43:23.0273 0x1814  rdbss - ok
18:43:23.0277 0x1814  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:43:23.0278 0x1814  rdpbus - ok
18:43:23.0284 0x1814  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:43:23.0287 0x1814  RDPDR - ok
18:43:23.0292 0x1814  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:43:23.0293 0x1814  RdpVideoMiniport - ok
18:43:23.0300 0x1814  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:43:23.0304 0x1814  rdyboost - ok
18:43:23.0620 0x1814  [ 302266897C0E1C64340F2EA0C4029DCB, E18FA3739223191A941F3518A86DAE43FEB7417C3462892C482F3F9467D2AB92 ] ReflectService.exe D:\Program Files\Macrium\Reflect\ReflectService.exe
18:43:23.0682 0x1814  ReflectService.exe - ok
18:43:23.0704 0x1814  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
18:43:23.0717 0x1814  ReFS - ok
18:43:23.0720 0x1814  regi - ok
18:43:23.0727 0x1814  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:43:23.0733 0x1814  RemoteAccess - ok
18:43:23.0740 0x1814  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:43:23.0745 0x1814  RemoteRegistry - ok
18:43:23.0752 0x1814  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:43:23.0754 0x1814  RFCOMM - ok
18:43:23.0763 0x1814  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:43:23.0772 0x1814  RichVideo - ok
18:43:23.0777 0x1814  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:43:23.0781 0x1814  RpcEptMapper - ok
18:43:23.0785 0x1814  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
18:43:23.0787 0x1814  RpcLocator - ok
18:43:23.0806 0x1814  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll
18:43:23.0820 0x1814  RpcSs - ok
18:43:23.0824 0x1814  [ DC73D9D076BDA93E3B48153A1B356B58, BD6D4FCA9AF25333C069DEE7D643453496ACF51840F9936850368772281239D0 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys
18:43:23.0828 0x1814  RrNetCapFilterDriver - ok
18:43:23.0837 0x1814  [ 2C4A3A52ED1569DB84BDF3C0C5B8FE71, 1BB291CC15678AEBADA5B09CBF975400C3BD59D39A5549F6DD363673A66BDCF5 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
18:43:23.0848 0x1814  RSPCIESTOR - ok
18:43:23.0853 0x1814  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:43:23.0854 0x1814  rspndr - ok
18:43:23.0857 0x1814  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:43:23.0858 0x1814  s3cap - ok
18:43:23.0862 0x1814  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
18:43:23.0865 0x1814  SamSs - ok
18:43:23.0871 0x1814  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:43:23.0873 0x1814  sbp2port - ok
18:43:23.0879 0x1814  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:43:23.0884 0x1814  SCardSvr - ok
18:43:23.0890 0x1814  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
18:43:23.0894 0x1814  ScDeviceEnum - ok
18:43:23.0898 0x1814  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:43:23.0899 0x1814  scfilter - ok
18:43:23.0927 0x1814  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
18:43:23.0947 0x1814  Schedule - ok
18:43:23.0967 0x1814  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:43:23.0970 0x1814  SCPolicySvc - ok
18:43:24.0009 0x1814  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:43:24.0013 0x1814  sdbus - ok
18:43:24.0023 0x1814  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:43:24.0025 0x1814  sdstor - ok
18:43:24.0028 0x1814  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:43:24.0029 0x1814  secdrv - ok
18:43:24.0032 0x1814  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
18:43:24.0035 0x1814  seclogon - ok
18:43:24.0046 0x1814  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
18:43:24.0050 0x1814  SENS - ok
18:43:24.0080 0x1814  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:43:24.0087 0x1814  SensrSvc - ok
18:43:24.0137 0x1814  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:43:24.0139 0x1814  SerCx - ok
18:43:24.0148 0x1814  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
18:43:24.0151 0x1814  SerCx2 - ok
18:43:24.0155 0x1814  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:43:24.0156 0x1814  Serenum - ok
18:43:24.0163 0x1814  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
18:43:24.0165 0x1814  Serial - ok
18:43:24.0169 0x1814  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:43:24.0170 0x1814  sermouse - ok
18:43:24.0179 0x1814  [ 71A4BFE920625143884AE5D01BC9D23A, 8DF8DA13F47F9DC2F0E4D905225B5C4B8413EC3214D27BE1C38201E5A37EBC6B ] ServiceProviderRegistry C:\Windows\System32\Essentials\ProviderRegistryService.exe
18:43:24.0180 0x1814  ServiceProviderRegistry - ok
18:43:24.0190 0x1814  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
18:43:24.0198 0x1814  SessionEnv - ok
18:43:24.0202 0x1814  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:43:24.0203 0x1814  sfloppy - ok
18:43:24.0214 0x1814  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:43:24.0223 0x1814  SharedAccess - ok
18:43:24.0240 0x1814  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:43:24.0252 0x1814  ShellHWDetection - ok
18:43:24.0257 0x1814  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:43:24.0259 0x1814  SiSRaid2 - ok
18:43:24.0263 0x1814  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:43:24.0265 0x1814  SiSRaid4 - ok
18:43:24.0274 0x1814  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:43:24.0287 0x1814  SkypeUpdate - ok
18:43:24.0291 0x1814  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
18:43:24.0296 0x1814  SLEE_16_DRIVER - ok
18:43:24.0301 0x1814  [ 3660CA8089E00C721EAC28F7093CB156, E1FA33C868D605B6CBAE1F781F201D99EE494A4551BD9C524CC28733F7260BBA ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
18:43:24.0305 0x1814  SmbDrvI - ok
18:43:24.0309 0x1814  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
18:43:24.0313 0x1814  smphost - ok
18:43:24.0318 0x1814  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:43:24.0322 0x1814  SNMPTRAP - ok
18:43:24.0335 0x1814  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:43:24.0342 0x1814  spaceport - ok
18:43:24.0346 0x1814  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:43:24.0348 0x1814  SpbCx - ok
18:43:24.0359 0x1814  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
18:43:24.0365 0x1814  speedfan - ok
18:43:24.0386 0x1814  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
18:43:24.0401 0x1814  Spooler - ok
18:43:24.0531 0x1814  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
18:43:24.0633 0x1814  sppsvc - ok
18:43:24.0652 0x1814  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:43:24.0658 0x1814  srv - ok
18:43:24.0676 0x1814  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:43:24.0686 0x1814  srv2 - ok
18:43:24.0693 0x1814  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:43:24.0697 0x1814  srvnet - ok
18:43:24.0705 0x1814  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:43:24.0712 0x1814  SSDPSRV - ok
18:43:24.0717 0x1814  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:43:24.0723 0x1814  SstpSvc - ok
18:43:24.0853 0x1814  [ E2496AF75B2099453D6DBCD91C600D2D, 4B00123F677F6998223B5C51ADFB44781348919BA154442146AA0542C36D76B9 ] StarMoney Business 7 OnlineUpdate D:\Program Files (x86)\StarMoney Business 7\ouservice\StarMoneyOnlineUpdate.exe
18:43:24.0874 0x1814  StarMoney Business 7 OnlineUpdate - ok
18:43:24.0905 0x1814  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:43:24.0942 0x1814  Steam Client Service - ok
18:43:24.0950 0x1814  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:43:24.0951 0x1814  stexstor - ok
18:43:24.0955 0x1814  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\System32\drivers\serscan.sys
18:43:24.0956 0x1814  StillCam - ok
18:43:24.0972 0x1814  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
18:43:24.0985 0x1814  stisvc - ok
18:43:24.0991 0x1814  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:43:24.0993 0x1814  storahci - ok
18:43:24.0998 0x1814  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:43:24.0999 0x1814  storflt - ok
18:43:25.0017 0x1814  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
18:43:25.0019 0x1814  stornvme - ok
18:43:25.0022 0x1814  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
18:43:25.0025 0x1814  StorSvc - ok
18:43:25.0029 0x1814  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:43:25.0031 0x1814  storvsc - ok
18:43:25.0034 0x1814  [ A822A6ACC33D97E4C939B13F57772989, 4124782C724B320E26254063B9DEFEC6F2EA417A3BFF9F57CDAA6E11C77469EC ] SUMMACUTamd     C:\Windows\System32\Drivers\AMDX64CUT.sys
18:43:25.0038 0x1814  SUMMACUTamd - ok
18:43:25.0042 0x1814  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
18:43:25.0046 0x1814  svsvc - ok
18:43:25.0049 0x1814  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
18:43:25.0049 0x1814  swenum - ok
18:43:25.0068 0x1814  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
18:43:25.0080 0x1814  swprv - ok
18:43:25.0093 0x1814  [ 0E9B6EFC43977D5969DF70FF51A5E302, E7DFE3FBBE9891D2F76C82D18D5C6D5E4ED94B97D9E17A709799DB8A8776D795 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:43:25.0108 0x1814  SynTP - ok
18:43:25.0139 0x1814  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
18:43:25.0158 0x1814  SysMain - ok
18:43:25.0167 0x1814  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:43:25.0175 0x1814  SystemEventsBroker - ok
18:43:25.0181 0x1814  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:43:25.0187 0x1814  TabletInputService - ok
18:43:25.0195 0x1814  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:43:25.0203 0x1814  TapiSrv - ok
18:43:25.0207 0x1814  [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
18:43:25.0211 0x1814  tbhsd - ok
18:43:25.0268 0x1814  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:43:25.0301 0x1814  Tcpip - ok
18:43:25.0358 0x1814  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:43:25.0391 0x1814  TCPIP6 - ok
18:43:25.0400 0x1814  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:43:25.0401 0x1814  tcpipreg - ok
18:43:25.0407 0x1814  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:43:25.0409 0x1814  tdx - ok
18:43:25.0543 0x1814  [ DA1B697C42888BA804DD07BA49B116B1, D5CE76608771845B58A597B7337000E219DC1466613F79313F6E82D33FF55F48 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:43:25.0655 0x1814  TeamViewer - ok
18:43:25.0666 0x1814  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:43:25.0667 0x1814  terminpt - ok
18:43:25.0694 0x1814  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
18:43:25.0712 0x1814  TermService - ok
18:43:25.0717 0x1814  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
18:43:25.0721 0x1814  Themes - ok
18:43:25.0725 0x1814  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:43:25.0728 0x1814  THREADORDER - ok
18:43:25.0739 0x1814  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:43:25.0746 0x1814  TimeBroker - ok
18:43:25.0752 0x1814  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:43:25.0755 0x1814  TPM - ok
18:43:25.0760 0x1814  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
18:43:25.0765 0x1814  TrkWks - ok
18:43:25.0769 0x1814  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:43:25.0771 0x1814  TrustedInstaller - ok
18:43:25.0776 0x1814  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:43:25.0778 0x1814  TsUsbFlt - ok
18:43:25.0781 0x1814  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:43:25.0782 0x1814  TsUsbGD - ok
18:43:25.0788 0x1814  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:43:25.0791 0x1814  tunnel - ok
18:43:25.0795 0x1814  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:43:25.0796 0x1814  uagp35 - ok
18:43:25.0800 0x1814  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:43:25.0802 0x1814  UASPStor - ok
18:43:25.0809 0x1814  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:43:25.0813 0x1814  UCX01000 - ok
18:43:25.0821 0x1814  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:43:25.0826 0x1814  udfs - ok
18:43:25.0830 0x1814  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
18:43:25.0831 0x1814  UEFI - ok
18:43:25.0837 0x1814  [ B4EE7221F45468EF27DED05568A54AD7, DA9ECA510B631CDE6C6B0964376279423BE62F15D2042EA472D7E553E70881E5 ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
18:43:25.0847 0x1814  UEIPSvc - ok
18:43:25.0852 0x1814  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:43:25.0857 0x1814  UI0Detect - ok
18:43:25.0860 0x1814  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:43:25.0862 0x1814  uliagpkx - ok
18:43:25.0866 0x1814  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:43:25.0868 0x1814  umbus - ok
18:43:25.0871 0x1814  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:43:25.0872 0x1814  UmPass - ok
18:43:25.0881 0x1814  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:43:25.0888 0x1814  UmRdpService - ok
18:43:25.0928 0x1814  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 D:\Program Files\Unlocker\UnlockerDriver5.sys
18:43:25.0931 0x1814  UnlockerDriver5 - ok
18:43:25.0943 0x1814  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
18:43:25.0952 0x1814  upnphost - ok
18:43:25.0958 0x1814  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:43:25.0960 0x1814  usbaudio - ok
18:43:25.0966 0x1814  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:43:25.0969 0x1814  usbccgp - ok
18:43:25.0974 0x1814  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:43:25.0976 0x1814  usbcir - ok
18:43:25.0981 0x1814  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:43:25.0983 0x1814  usbehci - ok
18:43:25.0993 0x1814  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:43:26.0000 0x1814  usbhub - ok
18:43:26.0013 0x1814  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:43:26.0020 0x1814  USBHUB3 - ok
18:43:26.0024 0x1814  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:43:26.0025 0x1814  usbohci - ok
18:43:26.0030 0x1814  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:43:26.0031 0x1814  usbprint - ok
18:43:26.0035 0x1814  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
18:43:26.0036 0x1814  usbscan - ok
18:43:26.0043 0x1814  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:43:26.0045 0x1814  USBSTOR - ok
18:43:26.0049 0x1814  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:43:26.0050 0x1814  usbuhci - ok
18:43:26.0058 0x1814  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:43:26.0062 0x1814  usbvideo - ok
18:43:26.0072 0x1814  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:43:26.0077 0x1814  USBXHCI - ok
18:43:26.0081 0x1814  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:43:26.0082 0x1814  usb_rndisx - ok
18:43:26.0086 0x1814  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
18:43:26.0089 0x1814  VaultSvc - ok
18:43:26.0093 0x1814  VBoxAswDrv - ok
18:43:26.0097 0x1814  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:43:26.0098 0x1814  vdrvroot - ok
18:43:26.0123 0x1814  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
18:43:26.0144 0x1814  vds - ok
18:43:26.0152 0x1814  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:43:26.0155 0x1814  VerifierExt - ok
18:43:26.0171 0x1814  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:43:26.0179 0x1814  vhdmp - ok
18:43:26.0183 0x1814  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:43:26.0184 0x1814  viaide - ok
18:43:26.0188 0x1814  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:43:26.0190 0x1814  vmbus - ok
18:43:26.0193 0x1814  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:43:26.0194 0x1814  VMBusHID - ok
18:43:26.0206 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:43:26.0215 0x1814  vmicguestinterface - ok
18:43:26.0227 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:43:26.0236 0x1814  vmicheartbeat - ok
18:43:26.0248 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:43:26.0257 0x1814  vmickvpexchange - ok
18:43:26.0269 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:43:26.0278 0x1814  vmicrdv - ok
18:43:26.0289 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:43:26.0298 0x1814  vmicshutdown - ok
18:43:26.0311 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:43:26.0320 0x1814  vmictimesync - ok
18:43:26.0331 0x1814  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
18:43:26.0340 0x1814  vmicvss - ok
18:43:26.0345 0x1814  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:43:26.0347 0x1814  volmgr - ok
18:43:26.0358 0x1814  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:43:26.0363 0x1814  volmgrx - ok
18:43:26.0374 0x1814  [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:43:26.0378 0x1814  volsnap - ok
18:43:26.0383 0x1814  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:43:26.0385 0x1814  vpci - ok
18:43:26.0391 0x1814  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:43:26.0393 0x1814  vsmraid - ok
18:43:26.0420 0x1814  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
18:43:26.0442 0x1814  VSS - ok
18:43:26.0452 0x1814  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:43:26.0457 0x1814  VSTXRAID - ok
18:43:26.0460 0x1814  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:43:26.0461 0x1814  vwifibus - ok
18:43:26.0465 0x1814  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:43:26.0466 0x1814  vwififlt - ok
18:43:26.0469 0x1814  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:43:26.0470 0x1814  vwifimp - ok
18:43:26.0482 0x1814  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
18:43:26.0490 0x1814  W32Time - ok
18:43:26.0496 0x1814  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:43:26.0497 0x1814  WacomPen - ok
18:43:26.0502 0x1814  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:43:26.0503 0x1814  WANARP - ok
18:43:26.0507 0x1814  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:43:26.0509 0x1814  Wanarpv6 - ok
18:43:26.0544 0x1814  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
18:43:26.0568 0x1814  wbengine - ok
18:43:26.0582 0x1814  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:43:26.0591 0x1814  WbioSrvc - ok
18:43:26.0603 0x1814  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:43:26.0612 0x1814  Wcmsvc - ok
18:43:26.0623 0x1814  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:43:26.0632 0x1814  wcncsvc - ok
18:43:26.0636 0x1814  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:43:26.0640 0x1814  WcsPlugInService - ok
18:43:26.0644 0x1814  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:43:26.0645 0x1814  WdBoot - ok
18:43:26.0663 0x1814  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:43:26.0676 0x1814  Wdf01000 - ok
18:43:26.0685 0x1814  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:43:26.0690 0x1814  WdFilter - ok
18:43:26.0695 0x1814  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:43:26.0699 0x1814  WdiServiceHost - ok
18:43:26.0703 0x1814  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:43:26.0707 0x1814  WdiSystemHost - ok
18:43:26.0712 0x1814  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
18:43:26.0714 0x1814  WdNisDrv - ok
18:43:26.0716 0x1814  WdNisSvc - ok
18:43:26.0724 0x1814  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
18:43:26.0730 0x1814  WebClient - ok
18:43:26.0737 0x1814  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:43:26.0743 0x1814  Wecsvc - ok
18:43:26.0746 0x1814  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
18:43:26.0750 0x1814  WEPHOSTSVC - ok
18:43:26.0755 0x1814  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:43:26.0759 0x1814  wercplsupport - ok
18:43:26.0764 0x1814  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
18:43:26.0769 0x1814  WerSvc - ok
18:43:26.0774 0x1814  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:43:26.0777 0x1814  WFPLWFS - ok
18:43:26.0781 0x1814  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:43:26.0785 0x1814  WiaRpc - ok
18:43:26.0788 0x1814  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:43:26.0789 0x1814  WIMMount - ok
18:43:26.0791 0x1814  WinDefend - ok
18:43:26.0811 0x1814  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:43:26.0824 0x1814  WinHttpAutoProxySvc - ok
18:43:26.0834 0x1814  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:43:26.0838 0x1814  Winmgmt - ok
18:43:26.0890 0x1814  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:43:26.0930 0x1814  WinRM - ok
18:43:26.0941 0x1814  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
18:43:26.0943 0x1814  WinUsb - ok
18:43:26.0975 0x1814  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:43:27.0000 0x1814  WlanSvc - ok
18:43:27.0038 0x1814  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:43:27.0064 0x1814  wlidsvc - ok
18:43:27.0068 0x1814  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:43:27.0070 0x1814  WmiAcpi - ok
18:43:27.0080 0x1814  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:43:27.0083 0x1814  wmiApSrv - ok
18:43:27.0085 0x1814  WMPNetworkSvc - ok
18:43:27.0091 0x1814  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
18:43:27.0094 0x1814  Wof - ok
18:43:27.0133 0x1814  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
18:43:27.0158 0x1814  workfolderssvc - ok
18:43:27.0163 0x1814  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:43:27.0165 0x1814  wpcfltr - ok
18:43:27.0168 0x1814  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:43:27.0172 0x1814  WPCSvc - ok
18:43:27.0176 0x1814  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:43:27.0181 0x1814  WPDBusEnum - ok
18:43:27.0184 0x1814  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:43:27.0185 0x1814  WpdUpFltr - ok
18:43:27.0189 0x1814  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:43:27.0190 0x1814  ws2ifsl - ok
18:43:27.0198 0x1814  [ B81732E39ACF6C4B5BCC24EEBF2C1C7C, 76B3E4F652208E6E713E84B985E8CFC13443FC3FAA4B9A79F1EEEF1400DC550F ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe
18:43:27.0207 0x1814  WsAppService - ok
18:43:27.0214 0x1814  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
18:43:27.0220 0x1814  wscsvc - ok
18:43:27.0224 0x1814  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
18:43:27.0225 0x1814  WSDPrintDevice - ok
18:43:27.0229 0x1814  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\Windows\System32\drivers\WSDScan.sys
18:43:27.0230 0x1814  WSDScan - ok
18:43:27.0232 0x1814  WSearch - ok
18:43:27.0237 0x1814  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseClientMgmtSvc C:\Windows\System32\Essentials\SharedServiceHost.exe
18:43:27.0238 0x1814  WseClientMgmtSvc - ok
18:43:27.0242 0x1814  [ 353B9F34A8530616815378627A4B1D81, 5D5584D83572354E1013B93066896C30EEB2A5CB21093360716CA58BA73BF76B ] WseClientMonitorSvc C:\Windows\System32\Essentials\WseClientMonitorSvc.exe
18:43:27.0243 0x1814  WseClientMonitorSvc - ok
18:43:27.0246 0x1814  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseHealthSvc    C:\Windows\System32\Essentials\SharedServiceHost.exe
18:43:27.0246 0x1814  WseHealthSvc - ok
18:43:27.0249 0x1814  [ 5F1CC403B0DB46931836C94A494742A8, E403412F6D77C7D5CBEFD4043005029BAF05E7883E143CA0A1D54C39CE057D3C ] WseNtfSvc       C:\Windows\System32\Essentials\SharedServiceHost.exe
18:43:27.0250 0x1814  WseNtfSvc - ok
18:43:27.0313 0x1814  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
18:43:27.0363 0x1814  WSService - ok
18:43:27.0428 0x1814  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
18:43:27.0480 0x1814  wuauserv - ok
18:43:27.0492 0x1814  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:43:27.0494 0x1814  WudfPf - ok
18:43:27.0501 0x1814  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:43:27.0504 0x1814  WUDFRd - ok
18:43:27.0509 0x1814  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:43:27.0514 0x1814  wudfsvc - ok
18:43:27.0520 0x1814  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
18:43:27.0524 0x1814  WUDFWpdFs - ok
18:43:27.0530 0x1814  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
18:43:27.0533 0x1814  WUDFWpdMtp - ok
18:43:27.0545 0x1814  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:43:27.0556 0x1814  WwanSvc - ok
18:43:27.0561 0x1814  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\Windows\System32\drivers\xusb22.sys
18:43:27.0563 0x1814  xusb22 - ok
18:43:27.0569 0x1814  ================ Scan global ===============================
18:43:27.0574 0x1814  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
18:43:27.0581 0x1814  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:43:27.0592 0x1814  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:43:27.0607 0x1814  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
18:43:27.0616 0x1814  [ Global ] - ok
18:43:27.0616 0x1814  ================ Scan MBR ==================================
18:43:27.0617 0x1814  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:43:27.0624 0x1814  \Device\Harddisk0\DR0 - ok
18:43:27.0646 0x1814  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:43:27.0650 0x1814  \Device\Harddisk1\DR1 - ok
18:43:27.0650 0x1814  ================ Scan VBR ==================================
18:43:27.0651 0x1814  [ E27D78F407CF62FFA99D7BE015FDDB15 ] \Device\Harddisk0\DR0\Partition1
18:43:27.0652 0x1814  \Device\Harddisk0\DR0\Partition1 - ok
18:43:27.0654 0x1814  [ 0450B42A8C579369822746E74674FD77 ] \Device\Harddisk0\DR0\Partition2
18:43:27.0654 0x1814  \Device\Harddisk0\DR0\Partition2 - ok
18:43:27.0656 0x1814  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:43:27.0656 0x1814  \Device\Harddisk0\DR0\Partition3 - ok
18:43:27.0658 0x1814  [ F46F33E81328190F3B034C9760606FB0 ] \Device\Harddisk0\DR0\Partition4
18:43:27.0659 0x1814  \Device\Harddisk0\DR0\Partition4 - ok
18:43:27.0668 0x1814  [ C9193F7F59970C819CE30494EAD29ED1 ] \Device\Harddisk1\DR1\Partition1
18:43:27.0669 0x1814  \Device\Harddisk1\DR1\Partition1 - ok
18:43:27.0705 0x1814  [ 09C0A12AD29BBF55E178895690150245 ] \Device\Harddisk1\DR1\Partition2
18:43:27.0740 0x1814  \Device\Harddisk1\DR1\Partition2 - ok
18:43:27.0741 0x1814  ================ Scan generic autorun ======================
18:43:27.0752 0x1814  [ 6D313AE4BF906ABBE71ED8E92F9D6486, B410B61012EA8EB82567CD8CD8AE3FF13C61BD2B40A2183F68C5F0580D92E150 ] C:\Windows\system32\igfxtray.exe
18:43:27.0765 0x1814  IgfxTray - ok
18:43:27.0784 0x1814  [ AB66120CD799992CAED8120885264FB6, 8E1EA6384448146582E68537EE325CA2369A98AC6C6BF595354AB977968F78E7 ] C:\Windows\system32\hkcmd.exe
18:43:27.0803 0x1814  HotKeysCmds - ok
18:43:27.0823 0x1814  [ 9038D21EBFAFA34FA9196FB8151D0EC3, 9FB4BE2D88FC5D6CDE521EBF09A521E91852D39DF3CC0F324364DD17B762A469 ] C:\Windows\system32\igfxpers.exe
18:43:27.0844 0x1814  Persistence - ok
18:43:28.0099 0x1814  [ 0011163AC036C71E03883DD10C626F81, CD1F55C6BC20817F69E76A2B2AB4BA30D175821A3A4EA5A34E285182584518B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:43:28.0297 0x1814  RtHDVCpl - ok
18:43:28.0333 0x1814  [ 59F8DA04498B80D58FD8638370C5C84F, 522F347F1F1B3991FDC60FF3CE8F8ABB2EDFE65C569D18EF5ACB690FD1BADC82 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:43:28.0360 0x1814  RtHDVBg_Dolby - ok
18:43:28.0362 0x1814  SynTPEnh - ok
18:43:28.0461 0x1814  [ 3229D96F72F95E49E1AAA617925D90EE, 0734A7AA1AF05FB2E110956DB77C6180D07897398133837C5E28CB6E10C5F320 ] D:\Program Files\Eraser\Eraser.exe
18:43:28.0484 0x1814  Eraser - ok
18:43:28.0510 0x1814  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
18:43:28.0520 0x1814  XboxStat - ok
18:43:28.0544 0x1814  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:43:28.0557 0x1814  Adobe ARM - ok
18:43:28.0560 0x1814  [ D223F40FE9DBBE7CD3205C16F2E286FF, 2A1B4A8D9ABAFCCEA9FA1325D7524F9DFC70586D745C5F9E2EDF74B2792D51EB ] C:\Program Files (x86)\Steganos Safe 11\SteganosHotKeyService.exe
18:43:28.0566 0x1814  SAFE2009 HotKeys - ok
18:43:28.0649 0x1814  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:43:28.0732 0x1814  BrStsMon00 - ok
18:43:28.0775 0x1814  [ B899B4608BB72DB2FCC11D350A36D2C6, 7804CA2F8C72936B47D2490A5D36DA45C706ABD2FF247ED7ABC6544EE1BDF09D ] D:\Program Files (x86)\PDF24\pdf24.exe
18:43:28.0784 0x1814  PDFPrint - ok
18:43:28.0802 0x1814  [ 4FDE9C396D0BDDBF518771A8C128C0B6, 17891BC3AED13332E9455CB623A52792907D3EE7EAB6E19DBD1128B2060E2D00 ] C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
18:43:28.0822 0x1814  Tilt - ok
18:43:28.0872 0x1814  [ CE504D7CA55FCA8012E5E9CA5E2A78B4, 02004AC5162176622DD49A57DA04F4C1A38AED9D1E08D7592C1251A2CA4824A7 ] D:\Program Files (x86)\StarMoney Business 7\app\oflagent.exe
18:43:28.0889 0x1814  SMB7StarMoneyRunEntry - ok
18:43:28.0907 0x1814  [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
18:43:28.0923 0x1814  PDFHook - ok
18:43:28.0928 0x1814  [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
18:43:28.0934 0x1814  PDF5 Registry Controller - ok
18:43:28.0940 0x1814  [ 19705D22D65994EF81CBEDD2A39EE406, A037A246B4F2CEBE05247A5D07E87987E158052181CD6CCBDBB84AE103331402 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
18:43:28.0949 0x1814  ControlCenter4 - ok
18:43:29.0093 0x1814  [ CE99AA11D0274BE5BDEF3991508852E9, C129B50010508603C6F2CDB4442ACA4E7FC6CD44DBDB6153D5E1D37E1BC32036 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:43:29.0210 0x1814  AvastUI.exe - ok
18:43:29.0228 0x1814  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:43:29.0244 0x1814  SunJavaUpdateSched - ok
18:43:29.0261 0x1814  [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIYE.EXE
18:43:29.0271 0x1814  EPLTarget\P0000000000000000 - ok
18:43:29.0282 0x1814  [ 6F94A57D1F05A1A68C33D49B6751C8C6, D37ADB69E8FB2209F6DBD9A55E67800AAED35973DE0830878C6177BDCC073676 ] C:\Windows\System32\StikyNot.exe
18:43:29.0292 0x1814  RESTART_STICKY_NOTES - ok
18:43:29.0297 0x1814  EPSONAB2883 (Epson Stylus Office B42WD) - ok
18:43:29.0412 0x1814  [ 20616E7A9E9A1D231FD232FC3ACAE46D, 017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ] C:\Users\R\AppData\Local\Amazon Music\Amazon Music Helper.exe
18:43:29.0521 0x1814  Amazon Music - ok
18:43:29.0528 0x1814  GoogleDriveSync - ok
18:43:29.0530 0x1814  ISUSPM - ok
18:43:29.0844 0x1814  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] D:\Program Files (x86)\Steam\steam.exe
18:43:29.0913 0x1814  Steam - ok
18:43:29.0935 0x1814  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
18:43:29.0936 0x1814  AV detected via SS2: Avast Antivirus, C:\Program Files\avast software\avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
18:43:29.0937 0x1814  FW detected via SS2: Avast Antivirus, C:\Program Files\avast software\avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41010 ( enabled )
18:43:29.0938 0x1814  ============================================================
18:43:29.0938 0x1814  Scan finished
18:43:29.0938 0x1814  ============================================================
18:43:29.0944 0x1e20  Detected object count: 0
18:43:29.0944 0x1e20  Actual detected object count: 0

Thread · 09.12.2016, 19:20

Hallo Matthias,

nur zur Info: Wir haben heute im Team ein anderes Vorgehen beschlossen. Das beinhaltet u.a. auch das komplette platt machen des Rechners, direkt mit neuer Platte. Musst dir also keine Mühe weiter machen. Trotzdem vielen Dank.

M-K-D-B · 09.12.2016, 20:28

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

09.12.2016, 20:28	#7
M-K-D-B /// TB-Ausbilder	Win 8.1: Goldeneye - Überprüfen ob er wirklich entfernt ist Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Win 8.1: Goldeneye - Überprüfen ob er wirklich entfernt ist

Plagegeister aller Art und deren Bekämpfung: Win 8.1: Goldeneye - Überprüfen ob er wirklich entfernt ist