versehentlich Kinox.To popup Fenster mit Ja bestätigt

sniper30 · 04.03.2017, 21:12

Hallo Forum Team

Leider habe ich bei Kinox.to, bei einem Popup Fenster mit Ja geantwortet und seither kommen immer Popup Fenster wenn ich auf Play, bei einem Film, drücke.
Dieses Problem hatte ich vorher nie, da ich ja Adblock und Ghostery habe, jedoch seit diesem einem Klick bekomme ich dieses Problem nicht mehr weg.

Ich habe auch gesehen, dass einige solche ähnlichen Probleme haben und das dies nur mittels Anleitung durch euch möglich ist zu entfernen.

Leider weis ich mir hierzu keinen Rat mehr und möchte nichts auf eigene Faust unternehmen.

Auch sehe ich seit diesem Klick, bei Youtube, wieder Werbung vor den Videos, es stört und es war vorher nicht, durch Adblock

Könntet Ihr mir diesbezüglich Helfen und mir einen Tipp geben, wie ich dieses Problem wieder weg bekomme?

Grüße

Sniper30

M-K-D-B · 05.03.2017, 10:11

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Eines Vorneweg:
Es sollte dir klar sein, dass dubiose Seiten wie kinox.to & Co mit Schadsoftware "versehen" sind. Ich habe dies selbst bei Verwandten miterlebt und durfte deren Rechner mehrmals bereinigen.
Mit dem Besuchen dieser Seiten setzt du dich bewusst einem Sicherheitsrisiko aus.
Ich empfehle dir, solche Seite zu meiden!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

sniper30 · 05.03.2017, 19:07

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (Administrator) auf MARKUSSCHMIDT (05-03-2017 18:54:11)
Gestartet von C:\Users\Markus Schmidt\Downloads
Geladene Profile: Markus Schmidt (Verfügbare Profile: Markus Schmidt)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(IPVanish) C:\Program Files\IPVanish\IPVanish.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT ACR] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2012-04-13] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [BingSvc] => C:\Users\Markus Schmidt\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-02] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {3fc4fd0e-01f2-11e5-bb6b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {5b075502-0204-11e5-aa78-60a44cb5eb50} - K:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2015-06-01]
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2015-06-01]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{3E6C80CD-E6AE-4596-897C-DDE713C28E4C}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{805896A9-C380-4A9A-8AF6-4D21E1DA3720}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{D538F023-BD1C-42A4-A4D7-BDD94817A54E}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.at/
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701 [2017-03-05]
FF user.js: detected! => C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\user.js [2016-09-29]
FF Homepage: Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701 -> hxxp://www.google.at/
FF Extension: (AdBlocker Ultimate) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\adblockultimate@adblockultimate.net.xpi [2017-03-04]
FF Extension: (Ghostery) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\firefox@ghostery.com.xpi [2017-02-19]
FF Extension: (Malware Search) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi [2017-03-04]
FF Extension: (Adblock Plus) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-05-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-07-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR StartupUrls: Default -> "hxxps://www.google.at/","hxxp://google.at/"
CHR DefaultSearchURL: Default -> hxxps://www.google.at/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default [2017-03-05]
CHR Extension: (No-Script Suite Lite) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2017-02-03]
CHR Extension: (Google Docs) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-05-29]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-27]
CHR Extension: (Ghostery) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-04]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-226601024-652546334-2670691330-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-13] (Portrait Displays, Inc.)
S3 EPLAN Client Service; C:\Program Files\EPLAN\Common\EClientService.exe [776104 2016-01-22] (EPLAN Software & Service GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-05-24] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Datei ist nicht signiert]
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-06-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-13] (Portrait Displays, Inc.)
R3 tapipvanish; C:\Windows\System32\DRIVERS\tapipvanish.sys [34520 2016-09-22] (The OpenVPN Project)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2016-07-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2016-07-10] (Acronis International GmbH)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2016-07-10] (Acronis International GmbH)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
S3 clwvd7; system32\DRIVERS\clwvd7.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-05 18:53 - 2017-03-05 18:53 - 00000000 ____D C:\Users\Markus Schmidt\Downloads\FRST-OlderVersion
2017-03-04 21:17 - 2017-03-05 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-04 20:49 - 2017-03-04 20:49 - 22851472 _____ (Malwarebytes ) C:\Users\Markus Schmidt\Downloads\mbam-setup-2.2.1.1043.exe
2017-03-04 20:40 - 2017-03-04 20:40 - 00044247 _____ C:\Users\Markus Schmidt\Downloads\Addition.txt
2017-03-04 20:39 - 2017-03-05 18:54 - 00000000 ____D C:\FRST
2017-03-04 20:39 - 2017-03-05 18:53 - 02423808 _____ (Farbar) C:\Users\Markus Schmidt\Downloads\FRST64.exe
2017-03-04 20:35 - 2017-03-04 20:35 - 00000637 _____ C:\Users\Markus
2017-03-04 20:33 - 2017-03-04 20:33 - 07097928 _____ (VS Revo Group ) C:\Users\Markus Schmidt\Downloads\revo202setup.exe
2017-03-04 20:33 - 2017-03-04 20:33 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-28 19:25 - 2017-02-28 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-26 13:58 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\.android
2017-02-26 13:57 - 2017-03-04 20:35 - 00000000 ____D C:\Program Files (x86)\Nox
2017-02-26 13:57 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\vmlogs
2017-02-26 13:57 - 2017-02-26 13:57 - 00000045 _____ C:\Users\Markus Schmidt\nuuid.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000041 _____ C:\Users\Markus Schmidt\inst.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000000 ____D C:\Users\Markus Schmidt\Nox_share
2017-02-26 13:49 - 2017-03-04 20:35 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\Nox
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-09 09:33 - 2017-02-09 09:33 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-09 09:33 - 2017-02-09 09:33 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 19:37 - 2017-02-07 19:37 - 00000000 ____D C:\Program Files (x86)\GUM32D4.tmp
2017-02-07 19:36 - 2017-02-07 19:36 - 00000000 ____D C:\Program Files (x86)\GUMC8AC.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-05 18:27 - 2015-05-24 10:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-05 18:24 - 2015-08-15 17:05 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-05 18:03 - 2015-05-24 14:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-05 07:09 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-05 07:09 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-05 07:07 - 2011-04-12 08:43 - 00674610 _____ C:\Windows\system32\perfh007.dat
2017-03-05 07:07 - 2011-04-12 08:43 - 00139750 _____ C:\Windows\system32\perfc007.dat
2017-03-05 07:07 - 2009-07-14 06:13 - 01556210 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-05 07:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-05 07:04 - 2017-01-21 12:48 - 00061440 _____ C:\Windows\SysWOW64\servers.sqlite
2017-03-05 07:03 - 2015-08-15 17:05 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-05 07:03 - 2015-05-24 12:26 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2017-03-05 07:02 - 2015-05-24 11:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-05 07:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 00:08 - 2015-05-24 14:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-05 00:07 - 2017-01-20 17:32 - 00000000 ____D C:\Program Files\IPVanish
2017-03-04 22:14 - 2015-09-10 08:51 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\vlc
2017-03-04 20:35 - 2015-05-24 09:56 - 00000000 ____D C:\Users\Markus Schmidt
2017-03-04 18:56 - 2015-05-27 22:55 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed Unity
2017-02-28 19:25 - 2015-08-15 17:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-26 13:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2017-02-22 19:00 - 2015-05-24 12:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-14 22:03 - 2015-05-24 14:29 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 22:03 - 2015-05-24 14:29 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 22:03 - 2015-05-24 14:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 22:03 - 2015-05-24 14:29 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-14 22:03 - 2015-05-24 12:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-11 23:41 - 2016-07-20 18:57 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\TradeMaster
2017-02-11 23:36 - 2016-02-19 19:27 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\GoPro
2017-02-10 20:12 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-09 20:22 - 2016-11-22 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 20:26 - 2016-12-31 15:41 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed III
2017-02-07 19:37 - 2015-05-24 12:14 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-07 19:37 - 2015-05-24 12:14 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-07 19:33 - 2015-08-15 17:29 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2017-02-07 18:09 - 2015-05-24 12:14 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 18:09 - 2015-05-24 12:14 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk

Einige Dateien in TEMP:
====================
2016-07-10 12:52 - 2016-07-10 12:52 - 0610808 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BingSvc.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BSvcProcessor.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BSvcUpdater.exe
2015-06-25 20:19 - 2015-06-25 20:19 - 0467968 _____ (Realtek Semiconductor Corp.) C:\Users\Markus Schmidt\AppData\Local\Temp\COMAP.EXE
2015-12-12 14:23 - 2015-12-12 14:23 - 0071168 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4hqcsi.dll
2016-12-30 17:39 - 2016-12-30 20:14 - 0004608 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\i4jdel0.exe
2017-01-03 09:24 - 2017-01-03 09:24 - 0737856 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u111-windows-au.exe
2015-09-19 07:23 - 2015-09-19 07:23 - 0585824 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u60-windows-au.exe
2016-01-02 16:09 - 2016-01-02 16:09 - 0585824 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-01 07:27 - 2016-05-01 07:27 - 0739904 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u91-windows-au.exe
2015-05-29 21:42 - 2014-03-24 23:55 - 0099096 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\LMkRstPt.exe
2015-05-24 15:21 - 2015-05-12 03:36 - 0702192 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVisionIePlugin.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0793016 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0582384 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreaming.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0643976 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreaming64.dll
2015-05-24 15:21 - 2015-05-12 03:35 - 0619976 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
2015-05-24 15:21 - 2015-05-12 03:35 - 0694672 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
2013-06-21 04:16 - 2015-05-12 03:34 - 1168800 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvSCPAPI.dll
2015-05-24 15:21 - 2015-05-12 03:34 - 0410768 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvSCPAPISvr.exe
2015-05-24 15:05 - 2015-05-12 03:34 - 0789648 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvStInst.exe
2015-05-25 08:01 - 2015-05-25 08:35 - 924352784 _____ (Ubisoft) C:\Users\Markus Schmidt\AppData\Local\Temp\ubiAE39.tmp.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (05-03-2017 18:54:26)
Gestartet von C:\Users\Markus Schmidt\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-05-24 08:56:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-226601024-652546334-2670691330-500 - Administrator - Disabled)
Gast (S-1-5-21-226601024-652546334-2670691330-501 - Limited - Disabled)
Markus Schmidt (S-1-5-21-226601024-652546334-2670691330-1000 - Administrator - Enabled) => C:\Users\Markus Schmidt

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.37.007 - Portrait Displays, Inc.)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Alcatel PC Suite V7.0.58 (HKLM-x32\...\{93DB-0E9758B0D131_PCS_Alcatel_Union}_is1) (Version:  - Singularity Software Co., Ltd.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.2.4 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.4.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS PCE-AC68 WLAN Card Utilities/Driver (HKLM-x32\...\{39BD9681-D3B1-435C-A0C1-F87C68513401}) (Version: 2.0.8.8 - ASUS)
ASUS Product Register Program (HKLM-x32\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.022 - ASUSTek Computer Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
Brother P-touch Address Book 1.1 (HKLM-x32\...\{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.2200 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{AE95F9E3-5333-4CA9-BAAE-481F5AEDACBF}) (Version: 1.0.0050 - Brother Industries, Ltd.)
Brother QL-Series-N Software User's Guide (HKLM-x32\...\{FDAFD1DE-16D6-4169-94DA-2777038D3CA3}) (Version: 2.00.0000 - Brother Industries, Ltd.)
Canon SELPHY CP1200 (HKLM\...\Canon SELPHY CP1200) (Version: 1.1.0.1 - Canon INC.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVDVideoSoftFS version 6.5.1.514 (HKLM-x32\...\DVDVideoSoftFS_is1) (Version: 6.5.1.514 - DVDVideoSoft Ltd.)
EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.12.54500 - EPLAN Software & Service GmbH & Co. KG)
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version:  - Ubisoft)
FXOrder2GoRE (HKLM-x32\...\FXOrder2GoRE) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoPro (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.9.2733 - GoPro, Inc.) Hidden
GoPro TRADER (HKLM-x32\...\{30F9430B-7E39-4EB6-9FA8-B8CC16FF644A}_is1) (Version:  - Trading Search)
HP LaserJet 100 color MFP M175 (HKLM-x32\...\{965D0289-10E1-45ec-B11F-A60AC9AE8D4D}) (Version:  - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM175DSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI (HKLM-x32\...\{19542156-285B-458C-994D-2A21889001DF}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppLaserJetService (x32 Version: 002.015.00602 - Hewlett-Packard) Hidden
hppM175LaserJetService (x32 Version: 001.014.00480 - Hewlett-Packard) Hidden
InstanceFinder (x32 Version: 1.00.0001 - HP) Hidden
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.0.400 - Intel Corporation)
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Langenscheidt Vokabeltrainer 7.0 Englisch (HKLM-x32\...\{9C0A3479-7F61-427B-8A8C-A884759037BA}) (Version: 7.0.134 - Langenscheidt)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Firefox 43.0.1 (x86 de) (HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.7.1.6246 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}) (Version: 1.1.1 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SDK (x32 Version: 2.32.010 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
ToolboxProxy (x32 Version: 1.00.0001 - HP) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vokabeltrainer-Update 7.0.135 (HKLM-x32\...\{4C00A7C7-7223-4875-B1A7-B4350F452CDC}) (Version: 7.0.135 - Langenscheidt)
WD Drive Utilities (HKLM-x32\...\{C093AD5D-29E9-4777-AAAC-28C02FCC2A51}) (Version: 1.0.4.11 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{DEE2025E-D6C0-47E2-8657-AA57857FEEDA}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{FECF90E3-FDEA-4A87-8A06-2683388C69C4}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07792D2B-E32B-4E6C-93FD-AF6FE0F0684C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {19C59A2B-81A5-4A3A-B2AA-D6278D112F11} - System32\Tasks\PCEAC68WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe [2014-06-06] (ASUS)
Task: {1FDF1968-8D80-4DED-8E22-43BA1E9B536B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {25DCE529-6D5E-4537-940D-6B9983392F60} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {2DEB5B4F-1332-41D8-ABE3-A63BD62BCEA7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-06-21] (ASUSTek Computer Inc.)
Task: {3AC54D61-EF75-4380-A99C-0222C5FE17B4} - System32\Tasks\{636A74D8-476D-4592-B31F-78C1EBC8B198} => pcalua.exe -a C:\Users\MARKUS~1\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {3F840717-93D6-4733-BD29-216F4647C29E} - System32\Tasks\ASUS\i-Setup113021 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {54B8FDEB-51B0-4874-82F0-205BF004E2D7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6BA80107-62BF-47DE-BBE1-5DADF17EFC9A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {716050D6-F734-46E2-9CDA-13D81D7AC70B} - System32\Tasks\IPVanish => C:\Program Files\IPVanish\ElevateProcess.exe [2017-01-03] (IPVanish)
Task: {7A9DA35A-A0C0-4854-B492-C2A0629EC4B9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87920876-477B-42CB-A81A-681932DFA5F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {8C28B97C-2827-4716-9614-CB757E2A6842} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {92CD4531-51E4-4F2B-BDCA-C702713490B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ADE930F1-6A4C-4EA1-B3D9-B48B0844C0E2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D9A7A627-CB6D-4145-AB08-94A17283E460} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {DEBF80BC-AC6E-4C26-848B-329DD4BFCE94} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {E6B02DF2-CC55-4880-8C2C-3B5220E551CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {EDA6324C-820A-4CB3-AD36-CB29CD9B0F27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {FD932891-3F9E-4D1E-9AF7-31F4B55749EC} - System32\Tasks\{28780413-7A1B-4425-B171-AF7D44902511} => pcalua.exe -a "C:\Program Files (x86)\Vuze\uninstall.exe" -d "C:\Program Files (x86)\Vuze"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-24 11:51 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-24 10:21 - 2012-10-29 08:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-01 09:26 - 2013-10-01 09:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2015-06-01 16:25 - 2006-12-11 01:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-05-11 23:39 - 2016-05-11 23:39 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2015-05-24 11:59 - 2010-05-13 15:34 - 00674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2015-05-24 11:59 - 2010-05-13 15:34 - 00711792 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2016-05-11 23:39 - 2016-05-11 23:39 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2015-05-24 10:21 - 2017-03-05 07:02 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2015-05-24 10:21 - 2012-05-07 17:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
2015-05-24 12:42 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00028024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-11-22 12:06 - 2013-11-22 12:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-01-20 17:32 - 2017-03-05 07:04 - 00130048 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\b0494a1f-4bd3-4QlMWbVEg9J4ekRhBMTeLQ==\FriendlyFilterPlatform.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-08-12 17:38 - 2016-08-12 17:38 - 00042720 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00060640 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
2016-08-12 17:38 - 2016-08-12 17:38 - 00126688 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
2016-08-12 17:38 - 2016-08-12 17:38 - 00023264 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00045792 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00026848 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00023776 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00444128 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00287968 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00018144 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00021216 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00045792 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00018656 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00371424 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00025312 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00021216 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00019680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00043744 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00025824 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00190688 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\unicodedata.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00023264 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll
2016-08-12 17:38 - 2016-08-12 17:38 - 00059104 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pyexpat.pyd
2016-08-12 17:38 - 2016-08-12 17:38 - 00019680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\IECDriver.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Schmidt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.2.17.60 - 62.2.24.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8AD92D94-5BF7-4DAF-82DC-5777AE7D5D78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{84854429-6DAD-4264-AD50-040B37E5F829}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B15F8F13-1A7E-44D9-AB61-CA75704AA0AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A83183F-C4B4-40E7-AF1F-8004A21FDA43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EAD08BE8-F459-43A7-85D9-A39BA725BCF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F088416-D426-4D0C-8EAC-E5749891B4F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E55101E9-C749-44F0-854A-EE71B112A43E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77D76F46-E062-4F73-8FC3-80C621C9E43D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56F6DEFF-1AF5-4477-B47C-24B667E7846B}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{802FAAE3-EEC9-4305-BEA4-75B4D1BEF218}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{4B90AB3A-7F4B-4289-97A1-F903F04A826F}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{B8E17665-535C-44DC-BEBF-B615314D3D02}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{ECF8CA4A-66AB-4CEA-AE8A-6816D8FC843E}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{86EA3541-E772-4265-B6E2-0563EE24A22A}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{461041E3-1583-4D73-8221-09278B328F20}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{C5EE4F18-2C83-4E96-86AF-F1B5B56DB228}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{1E621266-481B-4337-93C7-91D6B57EA37B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{BFC87050-9D77-4ECE-90B0-CCA9F935933C}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{BC7D4657-ABA6-4E43-9C0E-8BC7DECFA906}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{9842D759-3D94-4BF8-AAD5-00C8B47EC5D6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{5D1A7787-BD33-4A2C-A526-AE27C2877DBB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{A2020023-D495-48D8-A4E4-08AC7D0C2D7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{4B9C5506-CE87-49E9-B8F1-1EC28D4B18CE}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{3D237064-1094-4627-8306-E8F794F1E2E9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{4C322D51-4184-4618-AC46-41F97888C387}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{71C7A78B-2A11-4EAF-950E-0082B1D62FE1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{B35F3F3D-34C2-4443-9C70-2EDB9CC24BCB}] => (Allow) C:\Program Files\Assassin's Creed Unity\ACU.exe
FirewallRules: [{FE159E13-C7D3-4722-A9B1-6B0015005BD9}] => (Allow) C:\Program Files\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EF386CFD-5DF3-4C1D-B72B-085449A524B1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{81427DF2-6204-4CDC-ACFC-D52D8596F80B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{877800FC-D012-4373-89B9-23D394D76203}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{D7F1E232-E33F-473F-AB88-5169B7CC653E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [TCP Query User{298F0E2F-DBE7-4526-81C3-B5F54ABFCE58}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{511464AF-B948-4909-8ECF-0872D3867DB1}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{5F3B976D-832E-472C-8708-0F2F527653D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{539FFF49-4951-4181-90CC-621F1F792650}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{EC597779-25A8-49B4-A236-585B18B1BDAD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{7E29D9F3-C116-42D4-8E6F-A4BA6E18C2E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D81637FD-2B91-4C94-B828-13A59D07904C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{D1DFDFE1-155F-4514-A362-4E9692168B64}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{DFE27022-3867-4475-A56B-45AA3065E192}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe
FirewallRules: [{77CDD1E9-9914-404E-A4DA-44B2017EE3C8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{E9D633D1-315D-4FED-9198-8AEE8253D420}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{2C4C1DB3-90F7-441B-9ACF-0AB4894B55BA}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{3B41101D-890D-4404-ACB0-214E34477DE0}] => (Allow) H:\Spiele Download\Assassin's Creed III\AC3SP.exe
FirewallRules: [{0F2C211A-71E7-45D7-904A-E34756C05ABA}] => (Allow) H:\Spiele Download\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F3597492-A7E4-4B48-B61D-62ED64846319}] => (Allow) H:\Spiele Download\Assassin's Creed III\AC3MP.exe
FirewallRules: [{EDCE4D1F-478F-4A23-8E32-22B198700015}] => (Allow) H:\Spiele Download\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C339C44D-35AD-4318-8164-626F9081F6DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FBB00DC-36FC-490A-9172-A54756D96993}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C9C650ED-266B-49BB-A89D-77574A628603}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6C9C4BA4-AAFE-40A8-8223-21CEAD1D20D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7F7BDF9-1FAB-4C9A-9E25-146637902DF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA4363F8-309C-48BA-8748-31BF9B15FE17}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{F75912F6-C0D1-4E23-AAE8-B0F1D5BA47C2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

04-02-2017 18:56:46 Geplanter Prüfpunkt
12-02-2017 11:05:52 Geplanter Prüfpunkt
20-02-2017 20:51:29 Geplanter Prüfpunkt
28-02-2017 19:17:14 Geplanter Prüfpunkt
04-03-2017 20:35:16 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:35:24 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:51:03 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.1.1043

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2017 07:03:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 07:02:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (03/05/2017 07:02:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (03/05/2017 07:02:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (03/04/2017 08:56:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/04/2017 08:54:46 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (03/04/2017 08:54:46 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (03/04/2017 08:54:46 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (03/04/2017 08:35:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {deea1f85-c2ac-42f5-8a6a-00f60445f68b}

Error: (03/04/2017 04:04:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (03/05/2017 06:54:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 06:54:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 19:00:54.925
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 19:00:54.924
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

sniper30 · 05.03.2017, 19:14

Code:

ATTFilter

S rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
18:59:40.0126 0x8844  ============================================================
18:59:40.0126 0x8844  Current date / time: 2017/03/05 18:59:40.0126
18:59:40.0126 0x8844  SystemInfo:
18:59:40.0126 0x8844  
18:59:40.0126 0x8844  OS Version: 6.1.7601 ServicePack: 1.0
18:59:40.0126 0x8844  Product type: Workstation
18:59:40.0126 0x8844  ComputerName: MARKUSSCHMIDT
18:59:40.0126 0x8844  UserName: Markus Schmidt
18:59:40.0126 0x8844  Windows directory: C:\Windows
18:59:40.0126 0x8844  System windows directory: C:\Windows
18:59:40.0126 0x8844  Running under WOW64
18:59:40.0126 0x8844  Processor architecture: Intel x64
18:59:40.0126 0x8844  Number of processors: 4
18:59:40.0126 0x8844  Page size: 0x1000
18:59:40.0126 0x8844  Boot type: Normal boot
18:59:40.0126 0x8844  CodeIntegrityOptions = 0x00000001
18:59:40.0126 0x8844  ============================================================
18:59:40.0305 0x8844  KLMD registered as C:\Windows\system32\drivers\48258625.sys
18:59:40.0305 0x8844  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.19160, osProperties = 0x1
18:59:40.0476 0x8844  System UUID: {EBA1488C-4106-2D5E-6102-E0FC9CDDFDF8}
18:59:40.0775 0x8844  Drive \Device\Harddisk0\DR0 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:59:40.0790 0x8844  Drive \Device\Harddisk2\DR2 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:59:40.0837 0x8844  ============================================================
18:59:40.0837 0x8844  \Device\Harddisk0\DR0:
18:59:40.0837 0x8844  MBR partitions:
18:59:40.0837 0x8844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:59:40.0837 0x8844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x25918000
18:59:40.0837 0x8844  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2594A800, BlocksNum 0x124F7800
18:59:40.0837 0x8844  \Device\Harddisk2\DR2:
18:59:40.0837 0x8844  MBR partitions:
18:59:40.0837 0x8844  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
18:59:40.0837 0x8844  ============================================================
18:59:40.0837 0x8844  C: <-> \Device\Harddisk0\DR0\Partition2
18:59:40.0868 0x8844  G: <-> \Device\Harddisk2\DR2\Partition1
18:59:40.0868 0x8844  H: <-> \Device\Harddisk0\DR0\Partition3
18:59:40.0868 0x8844  ============================================================
18:59:40.0868 0x8844  Initialize success
18:59:40.0868 0x8844  ============================================================
18:59:43.0358 0x7260  ============================================================
18:59:43.0358 0x7260  Scan started
18:59:43.0358 0x7260  Mode: Manual; 
18:59:43.0358 0x7260  ============================================================
18:59:43.0358 0x7260  KSN ping started
18:59:46.0051 0x7260  KSN ping finished: true
18:59:48.0720 0x7260  ================ Scan system memory ========================
18:59:48.0720 0x7260  System memory - ok
18:59:48.0720 0x7260  ================ Scan services =============================
18:59:48.0736 0x7260  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:59:48.0736 0x7260  1394ohci - ok
18:59:48.0751 0x7260  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:59:48.0767 0x7260  ACPI - ok
18:59:48.0767 0x7260  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:59:48.0767 0x7260  AcpiPmi - ok
18:59:48.0783 0x7260  [ 8325369F44A16CE4261CE268818A1F53, FE0B51D6976D5A39146469E046C8AEE7504A4AE9C948CE861371379D100D20CC ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
18:59:48.0798 0x7260  AcrSch2Svc - ok
18:59:48.0798 0x7260  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:59:48.0814 0x7260  AdobeARMservice - ok
18:59:48.0814 0x7260  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:59:48.0829 0x7260  AdobeFlashPlayerUpdateSvc - ok
18:59:48.0829 0x7260  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:59:48.0845 0x7260  adp94xx - ok
18:59:48.0845 0x7260  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:59:48.0845 0x7260  adpahci - ok
18:59:48.0861 0x7260  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:59:48.0861 0x7260  adpu320 - ok
18:59:48.0861 0x7260  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:59:48.0861 0x7260  AeLookupSvc - ok
18:59:48.0876 0x7260  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
18:59:48.0876 0x7260  afcdp - ok
18:59:48.0923 0x7260  [ 3415F896A8AC52C50328676A7569F579, 1EF55C4A2605A47CFFE2C4A6EF0A96736674C9947D061528EF39079C855B319D ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
18:59:48.0985 0x7260  afcdpsrv - ok
18:59:48.0985 0x7260  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:59:49.0001 0x7260  AFD - ok
18:59:49.0001 0x7260  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:59:49.0001 0x7260  agp440 - ok
18:59:49.0001 0x7260  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:59:49.0001 0x7260  ALG - ok
18:59:49.0017 0x7260  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:59:49.0017 0x7260  aliide - ok
18:59:49.0017 0x7260  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:59:49.0017 0x7260  amdide - ok
18:59:49.0017 0x7260  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:59:49.0017 0x7260  AmdK8 - ok
18:59:49.0017 0x7260  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:59:49.0017 0x7260  AmdPPM - ok
18:59:49.0017 0x7260  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:59:49.0032 0x7260  amdsata - ok
18:59:49.0032 0x7260  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:59:49.0032 0x7260  amdsbs - ok
18:59:49.0032 0x7260  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:59:49.0032 0x7260  amdxata - ok
18:59:49.0032 0x7260  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
18:59:49.0048 0x7260  AppID - ok
18:59:49.0048 0x7260  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:59:49.0048 0x7260  AppIDSvc - ok
18:59:49.0048 0x7260  [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo         C:\Windows\System32\appinfo.dll
18:59:49.0048 0x7260  Appinfo - ok
18:59:49.0048 0x7260  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:59:49.0048 0x7260  AppMgmt - ok
18:59:49.0063 0x7260  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:59:49.0063 0x7260  arc - ok
18:59:49.0063 0x7260  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:59:49.0063 0x7260  arcsas - ok
18:59:49.0079 0x7260  [ 1A7A2CAC3B5AFABD6636B25DFE33CBAD, 0677FD0A6548E93320EF45B7EBD96F2FEA406790C68AA1F41623A1BFF8A1282E ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
18:59:49.0095 0x7260  asComSvc - ok
18:59:49.0095 0x7260  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
18:59:49.0095 0x7260  ASGT - ok
18:59:49.0095 0x7260  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
18:59:49.0095 0x7260  AsIO - ok
18:59:49.0110 0x7260  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:59:49.0110 0x7260  aspnet_state - ok
18:59:49.0110 0x7260  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:49.0110 0x7260  AsyncMac - ok
18:59:49.0110 0x7260  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:59:49.0110 0x7260  atapi - ok
18:59:49.0126 0x7260  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:59:49.0141 0x7260  AudioEndpointBuilder - ok
18:59:49.0141 0x7260  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:59:49.0157 0x7260  AudioSrv - ok
18:59:49.0157 0x7260  [ 09F0E4D1F66C40AB770AD1540758C59E, 78591F6B94B5A5B9A6D434AC54A0BD5D606099A6FE48B25D17B2E01942CAEAE3 ] AVP16.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
18:59:49.0173 0x7260  AVP16.0.1 - ok
18:59:49.0173 0x7260  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:59:49.0173 0x7260  AxInstSV - ok
18:59:49.0188 0x7260  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:59:49.0188 0x7260  b06bdrv - ok
18:59:49.0188 0x7260  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:49.0204 0x7260  b57nd60a - ok
18:59:49.0204 0x7260  BCM42RLY - ok
18:59:49.0313 0x7260  [ 6A28AFEB1409E07DE96E805FA1C5723C, 58CB9EAFC414AC486338F9869926CCE51F36158246FFCE7F54BC22729839B38D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:59:49.0407 0x7260  BCM43XX - ok
18:59:49.0422 0x7260  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:59:49.0422 0x7260  BDESVC - ok
18:59:49.0422 0x7260  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:59:49.0422 0x7260  Beep - ok
18:59:49.0438 0x7260  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:59:49.0453 0x7260  BFE - ok
18:59:49.0469 0x7260  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:59:49.0469 0x7260  BITS - ok
18:59:49.0485 0x7260  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:49.0485 0x7260  blbdrive - ok
18:59:49.0485 0x7260  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:59:49.0485 0x7260  Bonjour Service - ok
18:59:49.0485 0x7260  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:59:49.0485 0x7260  bowser - ok
18:59:49.0500 0x7260  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:59:49.0500 0x7260  BrFiltLo - ok
18:59:49.0500 0x7260  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:59:49.0500 0x7260  BrFiltUp - ok
18:59:49.0500 0x7260  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:59:49.0500 0x7260  Browser - ok
18:59:49.0516 0x7260  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:59:49.0516 0x7260  Brserid - ok
18:59:49.0516 0x7260  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:49.0516 0x7260  BrSerWdm - ok
18:59:49.0516 0x7260  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:49.0516 0x7260  BrUsbMdm - ok
18:59:49.0516 0x7260  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:49.0516 0x7260  BrUsbSer - ok
18:59:49.0531 0x7260  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:59:49.0531 0x7260  BTHMODEM - ok
18:59:49.0531 0x7260  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:59:49.0531 0x7260  bthserv - ok
18:59:49.0531 0x7260  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:59:49.0531 0x7260  cdfs - ok
18:59:49.0547 0x7260  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:59:49.0547 0x7260  cdrom - ok
18:59:49.0547 0x7260  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:59:49.0547 0x7260  CertPropSvc - ok
18:59:49.0547 0x7260  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:59:49.0547 0x7260  circlass - ok
18:59:49.0563 0x7260  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:59:49.0563 0x7260  CLFS - ok
18:59:49.0563 0x7260  CLMirrorDriver - ok
18:59:49.0563 0x7260  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:49.0563 0x7260  clr_optimization_v2.0.50727_32 - ok
18:59:49.0578 0x7260  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:49.0578 0x7260  clr_optimization_v2.0.50727_64 - ok
18:59:49.0578 0x7260  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:49.0594 0x7260  clr_optimization_v4.0.30319_32 - ok
18:59:49.0594 0x7260  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:49.0594 0x7260  clr_optimization_v4.0.30319_64 - ok
18:59:49.0594 0x7260  CLVirtualBus01 - ok
18:59:49.0594 0x7260  clwvd7 - ok
18:59:49.0594 0x7260  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:59:49.0594 0x7260  CmBatt - ok
18:59:49.0609 0x7260  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:59:49.0609 0x7260  cmdide - ok
18:59:49.0609 0x7260  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
18:59:49.0609 0x7260  cm_km - ok
18:59:49.0625 0x7260  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:59:49.0625 0x7260  CNG - ok
18:59:49.0641 0x7260  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:59:49.0641 0x7260  Compbatt - ok
18:59:49.0641 0x7260  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:59:49.0641 0x7260  CompositeBus - ok
18:59:49.0641 0x7260  COMSysApp - ok
18:59:49.0641 0x7260  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:59:49.0641 0x7260  crcdisk - ok
18:59:49.0641 0x7260  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:59:49.0656 0x7260  CryptSvc - ok
18:59:49.0656 0x7260  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:59:49.0672 0x7260  CSC - ok
18:59:49.0672 0x7260  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:59:49.0687 0x7260  CscService - ok
18:59:49.0687 0x7260  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:59:49.0703 0x7260  dbupdate - ok
18:59:49.0703 0x7260  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:59:49.0703 0x7260  dbupdatem - ok
18:59:49.0703 0x7260  dbx - ok
18:59:49.0703 0x7260  [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
18:59:49.0703 0x7260  DbxSvc - ok
18:59:49.0719 0x7260  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:59:49.0719 0x7260  DcomLaunch - ok
18:59:49.0734 0x7260  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:59:49.0734 0x7260  defragsvc - ok
18:59:49.0734 0x7260  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:59:49.0734 0x7260  DfsC - ok
18:59:49.0750 0x7260  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:59:49.0750 0x7260  dg_ssudbus - ok
18:59:49.0750 0x7260  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:59:49.0750 0x7260  Dhcp - ok
18:59:49.0781 0x7260  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:59:49.0797 0x7260  DiagTrack - ok
18:59:49.0797 0x7260  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:59:49.0797 0x7260  discache - ok
18:59:49.0812 0x7260  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
18:59:49.0812 0x7260  Disk - ok
18:59:49.0812 0x7260  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:59:49.0812 0x7260  dmvsc - ok
18:59:49.0812 0x7260  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:59:49.0812 0x7260  Dnscache - ok
18:59:49.0828 0x7260  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:59:49.0828 0x7260  dot3svc - ok
18:59:49.0828 0x7260  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:59:49.0828 0x7260  DPS - ok
18:59:49.0843 0x7260  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:59:49.0843 0x7260  drmkaud - ok
18:59:49.0843 0x7260  [ 716FCDFED2640B480B747CCFD2684C47, A020D6931A7DF062E2D09AE947345625621CB25A69C632D1861789C4B2CFC0A2 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
18:59:49.0843 0x7260  DTSRVC - ok
18:59:49.0859 0x7260  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:59:49.0875 0x7260  DXGKrnl - ok
18:59:49.0875 0x7260  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:59:49.0875 0x7260  EapHost - ok
18:59:49.0921 0x7260  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:59:49.0968 0x7260  ebdrv - ok
18:59:49.0968 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
18:59:49.0968 0x7260  EFS - ok
18:59:49.0984 0x7260  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:59:49.0999 0x7260  ehRecvr - ok
18:59:49.0999 0x7260  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:59:49.0999 0x7260  ehSched - ok
18:59:50.0015 0x7260  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:59:50.0015 0x7260  elxstor - ok
18:59:50.0031 0x7260  [ 2A319FF164B97EE281777957F63E0E05, D89E99B75DA57085D29FC962429E975DEED9CBE3BAF3BBCDCFE89274383B7CCE ] EPLAN Client Service C:\Program Files\EPLAN\Common\EClientService.exe
18:59:50.0046 0x7260  EPLAN Client Service - ok
18:59:50.0046 0x7260  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:59:50.0046 0x7260  ErrDev - ok
18:59:50.0062 0x7260  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:59:50.0062 0x7260  EventSystem - ok
18:59:50.0062 0x7260  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:59:50.0062 0x7260  exfat - ok
18:59:50.0077 0x7260  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:59:50.0077 0x7260  fastfat - ok
18:59:50.0093 0x7260  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:59:50.0093 0x7260  Fax - ok
18:59:50.0093 0x7260  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:59:50.0109 0x7260  fdc - ok
18:59:50.0109 0x7260  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:59:50.0109 0x7260  fdPHost - ok
18:59:50.0109 0x7260  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:59:50.0109 0x7260  FDResPub - ok
18:59:50.0109 0x7260  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:59:50.0109 0x7260  FileInfo - ok
18:59:50.0109 0x7260  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:59:50.0109 0x7260  Filetrace - ok
18:59:50.0124 0x7260  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:59:50.0140 0x7260  FLEXnet Licensing Service - ok
18:59:50.0140 0x7260  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:59:50.0140 0x7260  flpydisk - ok
18:59:50.0140 0x7260  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:59:50.0155 0x7260  FltMgr - ok
18:59:50.0155 0x7260  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
18:59:50.0155 0x7260  fltsrv - ok
18:59:50.0171 0x7260  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:59:50.0187 0x7260  FontCache - ok
18:59:50.0187 0x7260  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:50.0187 0x7260  FontCache3.0.0.0 - ok
18:59:50.0202 0x7260  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:59:50.0202 0x7260  FsDepends - ok
18:59:50.0202 0x7260  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:59:50.0202 0x7260  Fs_Rec - ok
18:59:50.0202 0x7260  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:59:50.0202 0x7260  fvevol - ok
18:59:50.0218 0x7260  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:59:50.0218 0x7260  gagp30kx - ok
18:59:50.0233 0x7260  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:59:50.0249 0x7260  GfExperienceService - ok
18:59:50.0249 0x7260  [ BDA6549A7E5255396A5CB41CE2905668, 1877F31F184AFACF24A92C4956307E40C745F36ACD8488F2DCBA0FAE2B0484AD ] GoProDeviceDetectionService C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
18:59:50.0249 0x7260  GoProDeviceDetectionService - ok
18:59:50.0265 0x7260  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:59:50.0280 0x7260  gpsvc - ok
18:59:50.0280 0x7260  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:50.0280 0x7260  gupdate - ok
18:59:50.0280 0x7260  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:59:50.0280 0x7260  gupdatem - ok
18:59:50.0296 0x7260  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:59:50.0296 0x7260  hcw85cir - ok
18:59:50.0296 0x7260  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:59:50.0296 0x7260  HdAudAddService - ok
18:59:50.0311 0x7260  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:59:50.0311 0x7260  HDAudBus - ok
18:59:50.0311 0x7260  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:59:50.0311 0x7260  HidBatt - ok
18:59:50.0311 0x7260  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:59:50.0311 0x7260  HidBth - ok
18:59:50.0311 0x7260  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:59:50.0327 0x7260  HidIr - ok
18:59:50.0327 0x7260  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:59:50.0327 0x7260  hidserv - ok
18:59:50.0327 0x7260  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:59:50.0327 0x7260  HidUsb - ok
18:59:50.0327 0x7260  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:59:50.0327 0x7260  hkmsvc - ok
18:59:50.0343 0x7260  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:59:50.0343 0x7260  HomeGroupListener - ok
18:59:50.0343 0x7260  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:59:50.0343 0x7260  HomeGroupProvider - ok
18:59:50.0343 0x7260  [ F5F4818A15AF6128A2BADD1B1F102413, E566CA6097502EE411756CD5BE6504B229BB5EAF78E0DA7C485B75E5BE9B0773 ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
18:59:50.0343 0x7260  HP DS Service - ok
18:59:50.0358 0x7260  [ 3BF3B2F977115DD06475983790032BA7, 47C374EF12C01C7E2A881CD78C874B09F1563F96028289AFF7DB40E3C4BE9CFC ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
18:59:50.0358 0x7260  HP LaserJet Service - ok
18:59:50.0358 0x7260  [ E325F85012E793CEE74B73C4F22AE311, B427ACF55E9FFCC6275B1EA2A6120E8D7B5B589CBBE0D114BB1376CB988B8FFC ] HPFXBULKLEDM    C:\Windows\system32\drivers\hppdbulkio.sys
18:59:50.0358 0x7260  HPFXBULKLEDM - ok
18:59:50.0358 0x7260  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:59:50.0358 0x7260  HpSAMD - ok
18:59:50.0374 0x7260  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:59:50.0389 0x7260  HTTP - ok
18:59:50.0389 0x7260  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:59:50.0389 0x7260  hwpolicy - ok
18:59:50.0389 0x7260  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:59:50.0389 0x7260  i8042prt - ok
18:59:50.0405 0x7260  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:59:50.0405 0x7260  iaStorV - ok
18:59:50.0421 0x7260  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:50.0436 0x7260  idsvc - ok
18:59:50.0436 0x7260  IEEtwCollectorService - ok
18:59:50.0436 0x7260  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:59:50.0436 0x7260  iirsp - ok
18:59:50.0452 0x7260  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:59:50.0467 0x7260  IKEEXT - ok
18:59:50.0530 0x7260  [ E4FD2A81EF844C01E3BA6FBED1644A23, 022419EDDA4694536FD677EB3C6BA79A0B318982F0F7644918FD828D1FF64758 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:59:50.0577 0x7260  IntcAzAudAddService - ok
18:59:50.0592 0x7260  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:59:50.0592 0x7260  intelide - ok
18:59:50.0592 0x7260  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:59:50.0592 0x7260  intelppm - ok
18:59:50.0592 0x7260  IOMap - ok
18:59:50.0592 0x7260  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:59:50.0592 0x7260  IPBusEnum - ok
18:59:50.0608 0x7260  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:50.0608 0x7260  IpFilterDriver - ok
18:59:50.0608 0x7260  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:59:50.0623 0x7260  iphlpsvc - ok
18:59:50.0623 0x7260  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:59:50.0623 0x7260  IPMIDRV - ok
18:59:50.0623 0x7260  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:59:50.0623 0x7260  IPNAT - ok
18:59:50.0639 0x7260  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:59:50.0639 0x7260  IRENUM - ok
18:59:50.0639 0x7260  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:59:50.0639 0x7260  isapnp - ok
18:59:50.0639 0x7260  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:59:50.0639 0x7260  iScsiPrt - ok
18:59:50.0655 0x7260  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
18:59:50.0655 0x7260  iumsvc - ok
18:59:50.0655 0x7260  [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:59:50.0655 0x7260  iusb3hcs - ok
18:59:50.0670 0x7260  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:59:50.0670 0x7260  iusb3hub - ok
18:59:50.0686 0x7260  [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:59:50.0701 0x7260  iusb3xhc - ok
18:59:50.0701 0x7260  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:50.0701 0x7260  kbdclass - ok
18:59:50.0701 0x7260  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:59:50.0701 0x7260  kbdhid - ok
18:59:50.0701 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
18:59:50.0701 0x7260  KeyIso - ok
18:59:50.0717 0x7260  [ 62EBD4202B505ACADE2FBC56CC73E0A2, 2FCA80096B7DB5B42E76F527D9ABCF29AF7D52FC60BED6DD4C11C1BACA0D63F1 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
18:59:50.0717 0x7260  kl1 - ok
18:59:50.0717 0x7260  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
18:59:50.0717 0x7260  klbackupdisk - ok
18:59:50.0733 0x7260  [ D3BEF82D7A5A1560F667D5FCC0E90387, 35473F72346DBAA02EB98319B4AD587550B996607B8B714D356D04A4B28E2F09 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
18:59:50.0733 0x7260  klbackupflt - ok
18:59:50.0733 0x7260  [ B12242478186B62B2E214288B7DB3612, D3381C6B95A27D75348DC51411BABE144A4C333E1441077C4BF13A3BFBB4CA06 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
18:59:50.0733 0x7260  kldisk - ok
18:59:50.0733 0x7260  [ 3025DB68C9BFFF3EA67986C91340EC12, 74E61837A0EEA5F56104F0FFC7B8FEFB7BFB7A22D7F0903C4A7AEAE1E1532920 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
18:59:50.0748 0x7260  klflt - ok
18:59:50.0748 0x7260  [ 53E82813D132491C84AA7A4B0CA2707A, 94F0E5819593A7D2BF7D8FC9A6B0A11363788A50D0B9E8A7F3E3B941BCFD7709 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
18:59:50.0748 0x7260  klhk - ok
18:59:50.0764 0x7260  [ D90C2622A2D717704C0AA33134BAA07E, 5DE2FCBE4043DD79F472C99FED8A8189A0AD231F9DB7453F1781775CE67CBF47 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
18:59:50.0779 0x7260  KLIF - ok
18:59:50.0779 0x7260  [ E540E1C90970FAFEBCCCE3EEC3B8673F, BA2229A237A5088D3FBAA567069C56CDE7EBB4B37D5FB24F691BFF6FE1B0BD69 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
18:59:50.0779 0x7260  KLIM6 - ok
18:59:50.0795 0x7260  [ 0D5E3D54FDFE598CF570312310C0D8E5, B1DAF9B19531D4C9CB7584D90341C429E3A3793B9A6FEDCC5CF8B70508240FE7 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
18:59:50.0795 0x7260  klkbdflt - ok
18:59:50.0795 0x7260  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
18:59:50.0795 0x7260  klmouflt - ok
18:59:50.0795 0x7260  [ 26E1917517E613D07F2A122CEEBB8161, A03C4F9FA37DBB48AB00330A4F0ACC7841D425DAE7E374508AD53BC010C0F746 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
18:59:50.0795 0x7260  klpd - ok
18:59:50.0795 0x7260  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
18:59:50.0795 0x7260  kltdi - ok
18:59:50.0811 0x7260  [ B48F79A7B58EB9A5E4894A96453C6957, B05176A40DA7321409866D77DA03A36B44DA386C45C6AF149B14F65C2B9C8A6B ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
18:59:50.0811 0x7260  klvssbrigde64 - ok
18:59:50.0811 0x7260  [ 7FAE98B11E1218C707A28F993CFE271C, 7BD94243B7004C8A719733A03BB1320FCDF9F53FB7240058F7006C1DFE9E59B0 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
18:59:50.0811 0x7260  Klwtp - ok
18:59:50.0811 0x7260  [ 58CD685752080EDAEB4EEC7E6428546D, 59E280A025A91BCEC029D21B4DCC6342F354B9D6592C0EE14217BF5B32FB259B ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
18:59:50.0826 0x7260  kneps - ok
18:59:50.0826 0x7260  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:59:50.0826 0x7260  KSecDD - ok
18:59:50.0826 0x7260  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:59:50.0826 0x7260  KSecPkg - ok
18:59:50.0842 0x7260  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:59:50.0842 0x7260  ksthunk - ok
18:59:50.0842 0x7260  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:59:50.0842 0x7260  KtmRm - ok
18:59:50.0857 0x7260  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:59:50.0857 0x7260  LanmanServer - ok
18:59:50.0857 0x7260  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:59:50.0857 0x7260  LanmanWorkstation - ok
18:59:50.0873 0x7260  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:59:50.0873 0x7260  LBTServ - ok
18:59:50.0889 0x7260  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
18:59:50.0889 0x7260  LEqdUsb - ok
18:59:50.0889 0x7260  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
18:59:50.0889 0x7260  LHidEqd - ok
18:59:50.0889 0x7260  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:59:50.0889 0x7260  LHidFilt - ok
18:59:50.0889 0x7260  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:59:50.0889 0x7260  lltdio - ok
18:59:50.0904 0x7260  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:59:50.0904 0x7260  lltdsvc - ok
18:59:50.0904 0x7260  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:59:50.0904 0x7260  lmhosts - ok
18:59:50.0904 0x7260  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:59:50.0904 0x7260  LMouFilt - ok
18:59:50.0920 0x7260  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:59:50.0920 0x7260  LSI_FC - ok
18:59:50.0920 0x7260  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:59:50.0920 0x7260  LSI_SAS - ok
18:59:50.0920 0x7260  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:59:50.0920 0x7260  LSI_SAS2 - ok
18:59:50.0935 0x7260  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:59:50.0935 0x7260  LSI_SCSI - ok
18:59:50.0935 0x7260  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:59:50.0935 0x7260  luafv - ok
18:59:50.0935 0x7260  MBAMSwissArmy - ok
18:59:50.0935 0x7260  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:59:50.0951 0x7260  Mcx2Svc - ok
18:59:50.0951 0x7260  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:59:50.0951 0x7260  megasas - ok
18:59:50.0951 0x7260  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:59:50.0951 0x7260  MegaSR - ok
18:59:50.0967 0x7260  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:59:50.0967 0x7260  MEIx64 - ok
18:59:50.0967 0x7260  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:59:50.0967 0x7260  Microsoft Office Groove Audit Service - ok
18:59:50.0967 0x7260  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:59:50.0967 0x7260  MMCSS - ok
18:59:50.0967 0x7260  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:59:50.0982 0x7260  Modem - ok
18:59:50.0982 0x7260  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:59:50.0982 0x7260  monitor - ok
18:59:50.0982 0x7260  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:59:50.0982 0x7260  mouclass - ok
18:59:50.0982 0x7260  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:59:50.0982 0x7260  mouhid - ok
18:59:50.0982 0x7260  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:59:50.0982 0x7260  mountmgr - ok
18:59:50.0998 0x7260  [ 17C3D8D5E65AE57B5E94B969433C0F99, 389F235A540CE1D55903F86C9045CAFC95B93E8EF0C3369D048D67B1106DE6E5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:59:50.0998 0x7260  MozillaMaintenance - ok
18:59:50.0998 0x7260  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:59:50.0998 0x7260  mpio - ok
18:59:50.0998 0x7260  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:59:50.0998 0x7260  mpsdrv - ok
18:59:51.0013 0x7260  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:59:51.0029 0x7260  MpsSvc - ok
18:59:51.0029 0x7260  Mrvleap - ok
18:59:51.0029 0x7260  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:59:51.0045 0x7260  MRxDAV - ok
18:59:51.0045 0x7260  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:51.0045 0x7260  mrxsmb - ok
18:59:51.0045 0x7260  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:51.0060 0x7260  mrxsmb10 - ok
18:59:51.0060 0x7260  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:51.0060 0x7260  mrxsmb20 - ok
18:59:51.0060 0x7260  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:59:51.0060 0x7260  msahci - ok
18:59:51.0076 0x7260  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:59:51.0076 0x7260  msdsm - ok
18:59:51.0076 0x7260  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:59:51.0076 0x7260  MSDTC - ok
18:59:51.0076 0x7260  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:59:51.0076 0x7260  Msfs - ok
18:59:51.0091 0x7260  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:59:51.0091 0x7260  mshidkmdf - ok
18:59:51.0091 0x7260  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:59:51.0091 0x7260  msisadrv - ok
18:59:51.0091 0x7260  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:59:51.0091 0x7260  MSiSCSI - ok
18:59:51.0091 0x7260  msiserver - ok
18:59:51.0091 0x7260  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:59:51.0091 0x7260  MSKSSRV - ok
18:59:51.0107 0x7260  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:51.0107 0x7260  MSPCLOCK - ok
18:59:51.0107 0x7260  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:59:51.0107 0x7260  MSPQM - ok
18:59:51.0107 0x7260  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:59:51.0123 0x7260  MsRPC - ok
18:59:51.0123 0x7260  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:59:51.0123 0x7260  mssmbios - ok
18:59:51.0123 0x7260  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:59:51.0123 0x7260  MSTEE - ok
18:59:51.0123 0x7260  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:59:51.0123 0x7260  MTConfig - ok
18:59:51.0123 0x7260  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:59:51.0123 0x7260  Mup - ok
18:59:51.0138 0x7260  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:59:51.0138 0x7260  napagent - ok
18:59:51.0154 0x7260  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:59:51.0154 0x7260  NativeWifiP - ok
18:59:51.0169 0x7260  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:59:51.0185 0x7260  NDIS - ok
18:59:51.0185 0x7260  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:51.0185 0x7260  NdisCap - ok
18:59:51.0185 0x7260  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:51.0185 0x7260  NdisTapi - ok
18:59:51.0185 0x7260  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:51.0185 0x7260  Ndisuio - ok
18:59:51.0201 0x7260  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:51.0201 0x7260  NdisWan - ok
18:59:51.0201 0x7260  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:59:51.0201 0x7260  NDProxy - ok
18:59:51.0201 0x7260  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:59:51.0201 0x7260  Net Driver HPZ12 - ok
18:59:51.0216 0x7260  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:59:51.0216 0x7260  NetBIOS - ok
18:59:51.0216 0x7260  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:59:51.0216 0x7260  NetBT - ok
18:59:51.0216 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
18:59:51.0216 0x7260  Netlogon - ok
18:59:51.0232 0x7260  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:59:51.0232 0x7260  Netman - ok
18:59:51.0232 0x7260  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:51.0247 0x7260  NetMsmqActivator - ok
18:59:51.0247 0x7260  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:51.0247 0x7260  NetPipeActivator - ok
18:59:51.0263 0x7260  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:59:51.0263 0x7260  netprofm - ok
18:59:51.0263 0x7260  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:51.0263 0x7260  NetTcpActivator - ok
18:59:51.0279 0x7260  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:59:51.0279 0x7260  NetTcpPortSharing - ok
18:59:51.0279 0x7260  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:59:51.0279 0x7260  nfrd960 - ok
18:59:51.0279 0x7260  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:59:51.0294 0x7260  NlaSvc - ok
18:59:51.0294 0x7260  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:59:51.0294 0x7260  Npfs - ok
18:59:51.0294 0x7260  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:59:51.0294 0x7260  nsi - ok
18:59:51.0294 0x7260  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:59:51.0294 0x7260  nsiproxy - ok
18:59:51.0325 0x7260  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:59:51.0341 0x7260  Ntfs - ok
18:59:51.0357 0x7260  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:59:51.0357 0x7260  Null - ok
18:59:51.0357 0x7260  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:59:51.0357 0x7260  NVHDA - ok
18:59:51.0497 0x7260  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:59:51.0622 0x7260  nvlddmkm - ok
18:59:51.0669 0x7260  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:59:51.0684 0x7260  NvNetworkService - ok
18:59:51.0700 0x7260  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:59:51.0700 0x7260  nvraid - ok
18:59:51.0700 0x7260  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:59:51.0700 0x7260  nvstor - ok
18:59:51.0700 0x7260  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:59:51.0700 0x7260  NvStreamKms - ok
18:59:51.0700 0x7260  NvStreamSvc - ok
18:59:51.0715 0x7260  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:59:51.0731 0x7260  nvsvc - ok
18:59:51.0747 0x7260  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:59:51.0747 0x7260  nvvad_WaveExtensible - ok
18:59:51.0747 0x7260  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:59:51.0747 0x7260  nv_agp - ok
18:59:51.0762 0x7260  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:59:51.0762 0x7260  odserv - ok
18:59:51.0762 0x7260  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:59:51.0762 0x7260  ohci1394 - ok
18:59:51.0762 0x7260  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:51.0778 0x7260  ose - ok
18:59:51.0778 0x7260  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:59:51.0778 0x7260  p2pimsvc - ok
18:59:51.0793 0x7260  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:59:51.0793 0x7260  p2psvc - ok
18:59:51.0809 0x7260  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:59:51.0809 0x7260  Parport - ok
18:59:51.0809 0x7260  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:59:51.0809 0x7260  partmgr - ok
18:59:51.0809 0x7260  [ 5EACB8A19CAD7057806FBBF9550165E1, 63B9AE044F9205E395B9573BE32EC8A9695A16E4DF1BF3E7F7F5FFD336A7029E ] PcaSp60         C:\Windows\system32\DRIVERS\PcaSp60.sys
18:59:51.0809 0x7260  PcaSp60 - ok
18:59:51.0825 0x7260  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:59:51.0825 0x7260  PcaSvc - ok
18:59:51.0825 0x7260  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:59:51.0825 0x7260  pci - ok
18:59:51.0825 0x7260  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:59:51.0825 0x7260  pciide - ok
18:59:51.0840 0x7260  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:59:51.0840 0x7260  pcmcia - ok
18:59:51.0840 0x7260  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:59:51.0840 0x7260  pcw - ok
18:59:51.0871 0x7260  [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
18:59:51.0903 0x7260  PDF Architect 3 - ok
18:59:51.0918 0x7260  [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
18:59:51.0934 0x7260  PDF Architect 3 CrashHandler - ok
18:59:51.0949 0x7260  [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
18:59:51.0949 0x7260  PDF Architect 3 Creator - ok
18:59:51.0965 0x7260  [ E70DA663558CFABE378A412C7748347D, F98D13AD7C889A4273A88B02A296B33503C52EB44A7338EE022FF580F1D15393 ] PdiPorts        C:\Windows\system32\DRIVERS\PdiPorts.sys
18:59:51.0965 0x7260  PdiPorts - ok
18:59:51.0965 0x7260  [ CD7C3234BBE062AB5A9127D831298491, 918FA09972694DF31357D28B24C2FAA8E5A56C1F319F386B484981C386CD63E2 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
18:59:51.0965 0x7260  PdiService - ok
18:59:51.0981 0x7260  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:59:51.0981 0x7260  PEAUTH - ok
18:59:52.0012 0x7260  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:59:52.0027 0x7260  PeerDistSvc - ok
18:59:52.0027 0x7260  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:59:52.0043 0x7260  PerfHost - ok
18:59:52.0059 0x7260  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:59:52.0074 0x7260  pla - ok
18:59:52.0090 0x7260  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:59:52.0090 0x7260  PlugPlay - ok
18:59:52.0090 0x7260  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:59:52.0105 0x7260  Pml Driver HPZ12 - ok
18:59:52.0105 0x7260  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:59:52.0105 0x7260  PNRPAutoReg - ok
18:59:52.0105 0x7260  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:59:52.0105 0x7260  PNRPsvc - ok
18:59:52.0121 0x7260  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:59:52.0137 0x7260  PolicyAgent - ok
18:59:52.0137 0x7260  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:59:52.0137 0x7260  Power - ok
18:59:52.0137 0x7260  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:59:52.0137 0x7260  PptpMiniport - ok
18:59:52.0152 0x7260  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:59:52.0152 0x7260  Processor - ok
18:59:52.0152 0x7260  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:59:52.0152 0x7260  ProfSvc - ok
18:59:52.0152 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:59:52.0152 0x7260  ProtectedStorage - ok
18:59:52.0168 0x7260  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:59:52.0168 0x7260  Psched - ok
18:59:52.0183 0x7260  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:59:52.0215 0x7260  ql2300 - ok
18:59:52.0215 0x7260  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:59:52.0215 0x7260  ql40xx - ok
18:59:52.0215 0x7260  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:59:52.0230 0x7260  QWAVE - ok
18:59:52.0230 0x7260  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:59:52.0230 0x7260  QWAVEdrv - ok
18:59:52.0230 0x7260  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:59:52.0230 0x7260  RasAcd - ok
18:59:52.0230 0x7260  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:52.0230 0x7260  RasAgileVpn - ok
18:59:52.0246 0x7260  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:59:52.0246 0x7260  RasAuto - ok
18:59:52.0246 0x7260  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:52.0246 0x7260  Rasl2tp - ok
18:59:52.0246 0x7260  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:59:52.0261 0x7260  RasMan - ok
18:59:52.0261 0x7260  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:52.0261 0x7260  RasPppoe - ok
18:59:52.0261 0x7260  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:59:52.0261 0x7260  RasSstp - ok
18:59:52.0277 0x7260  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:59:52.0277 0x7260  rdbss - ok
18:59:52.0277 0x7260  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:52.0277 0x7260  rdpbus - ok
18:59:52.0277 0x7260  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:52.0293 0x7260  RDPCDD - ok
18:59:52.0293 0x7260  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:59:52.0293 0x7260  RDPDR - ok
18:59:52.0293 0x7260  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:59:52.0293 0x7260  RDPENCDD - ok
18:59:52.0293 0x7260  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:59:52.0293 0x7260  RDPREFMP - ok
18:59:52.0308 0x7260  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:59:52.0308 0x7260  RdpVideoMiniport - ok
18:59:52.0308 0x7260  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:59:52.0308 0x7260  RDPWD - ok
18:59:52.0308 0x7260  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:59:52.0324 0x7260  rdyboost - ok
18:59:52.0324 0x7260  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:59:52.0324 0x7260  RemoteAccess - ok
18:59:52.0324 0x7260  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:59:52.0324 0x7260  RemoteRegistry - ok
18:59:52.0339 0x7260  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:59:52.0339 0x7260  RpcEptMapper - ok
18:59:52.0339 0x7260  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:59:52.0339 0x7260  RpcLocator - ok
18:59:52.0355 0x7260  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
18:59:52.0355 0x7260  RpcSs - ok
18:59:52.0355 0x7260  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:59:52.0355 0x7260  rspndr - ok
18:59:52.0371 0x7260  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:52.0386 0x7260  RTL8167 - ok
18:59:52.0386 0x7260  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:59:52.0386 0x7260  s3cap - ok
18:59:52.0386 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
18:59:52.0386 0x7260  SamSs - ok
18:59:52.0386 0x7260  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:59:52.0402 0x7260  sbp2port - ok
18:59:52.0402 0x7260  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:59:52.0402 0x7260  SCardSvr - ok
18:59:52.0402 0x7260  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:59:52.0402 0x7260  scfilter - ok
18:59:52.0417 0x7260  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:59:52.0433 0x7260  Schedule - ok
18:59:52.0449 0x7260  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:59:52.0449 0x7260  SCPolicySvc - ok
18:59:52.0449 0x7260  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:59:52.0449 0x7260  SDRSVC - ok
18:59:52.0449 0x7260  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:59:52.0449 0x7260  secdrv - ok
18:59:52.0449 0x7260  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:59:52.0464 0x7260  seclogon - ok
18:59:52.0464 0x7260  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:59:52.0464 0x7260  SENS - ok
18:59:52.0464 0x7260  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:59:52.0464 0x7260  SensrSvc - ok
18:59:52.0464 0x7260  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:59:52.0464 0x7260  Serenum - ok
18:59:52.0464 0x7260  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:59:52.0480 0x7260  Serial - ok
18:59:52.0480 0x7260  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:59:52.0480 0x7260  sermouse - ok
18:59:52.0480 0x7260  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:59:52.0480 0x7260  SessionEnv - ok
18:59:52.0480 0x7260  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:59:52.0480 0x7260  sffdisk - ok
18:59:52.0495 0x7260  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:59:52.0495 0x7260  sffp_mmc - ok
18:59:52.0495 0x7260  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:59:52.0495 0x7260  sffp_sd - ok
18:59:52.0495 0x7260  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:59:52.0495 0x7260  sfloppy - ok
18:59:52.0495 0x7260  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:59:52.0511 0x7260  SharedAccess - ok
18:59:52.0511 0x7260  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:59:52.0527 0x7260  ShellHWDetection - ok
18:59:52.0529 0x7260  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:59:52.0529 0x7260  SiSRaid2 - ok
18:59:52.0529 0x7260  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:59:52.0529 0x7260  SiSRaid4 - ok
18:59:52.0529 0x7260  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:59:52.0544 0x7260  SkypeUpdate - ok
18:59:52.0544 0x7260  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:59:52.0544 0x7260  Smb - ok
18:59:52.0544 0x7260  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
18:59:52.0560 0x7260  snapman - ok
18:59:52.0560 0x7260  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:59:52.0560 0x7260  SNMPTRAP - ok
18:59:52.0560 0x7260  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:59:52.0560 0x7260  spldr - ok
18:59:52.0575 0x7260  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:59:52.0575 0x7260  Spooler - ok
18:59:52.0622 0x7260  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:59:52.0669 0x7260  sppsvc - ok
18:59:52.0685 0x7260  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:59:52.0685 0x7260  sppuinotify - ok
18:59:52.0685 0x7260  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:59:52.0700 0x7260  srv - ok
18:59:52.0700 0x7260  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:59:52.0716 0x7260  srv2 - ok
18:59:52.0716 0x7260  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:59:52.0716 0x7260  srvnet - ok
18:59:52.0731 0x7260  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:59:52.0731 0x7260  SSDPSRV - ok
18:59:52.0731 0x7260  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:59:52.0731 0x7260  SstpSvc - ok
18:59:52.0731 0x7260  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:59:52.0747 0x7260  ssudmdm - ok
18:59:52.0763 0x7260  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
18:59:52.0763 0x7260  ss_conn_service - ok
18:59:52.0778 0x7260  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:59:52.0778 0x7260  Stereo Service - ok
18:59:52.0778 0x7260  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:59:52.0778 0x7260  stexstor - ok
18:59:52.0794 0x7260  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:59:52.0809 0x7260  stisvc - ok
18:59:52.0809 0x7260  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:59:52.0809 0x7260  storflt - ok
18:59:52.0809 0x7260  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
18:59:52.0809 0x7260  StorSvc - ok
18:59:52.0809 0x7260  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:59:52.0809 0x7260  storvsc - ok
18:59:52.0809 0x7260  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:59:52.0809 0x7260  swenum - ok
18:59:52.0825 0x7260  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:59:52.0825 0x7260  swprv - ok
18:59:52.0934 0x7260  [ A6F60D621EE073CF785C24489CE0F9CD, 2A65274AAC78EFBF65E51A75A17B90C14D93675A5FE1305AAFBDDB5D1B083CEB ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
18:59:53.0028 0x7260  syncagentsrv - ok
18:59:53.0059 0x7260  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:59:53.0075 0x7260  SysMain - ok
18:59:53.0075 0x7260  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:59:53.0090 0x7260  TabletInputService - ok
18:59:53.0090 0x7260  [ 3E2DA88C79614DAAF5DFDD6827210BCF, DE7F4BF810DCC01E303E2AA18DB6DDB2931B2FCEC9B6722991B36D08843D9C8F ] tapipvanish     C:\Windows\system32\DRIVERS\tapipvanish.sys
18:59:53.0090 0x7260  tapipvanish - ok
18:59:53.0090 0x7260  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:59:53.0106 0x7260  TapiSrv - ok
18:59:53.0121 0x7260  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:59:53.0153 0x7260  Tcpip - ok
18:59:53.0184 0x7260  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:59:53.0199 0x7260  TCPIP6 - ok
18:59:53.0199 0x7260  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:59:53.0215 0x7260  tcpipreg - ok
18:59:53.0215 0x7260  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:59:53.0215 0x7260  TDPIPE - ok
18:59:53.0231 0x7260  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
18:59:53.0246 0x7260  tdrpman - ok
18:59:53.0262 0x7260  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:59:53.0262 0x7260  TDTCP - ok
18:59:53.0262 0x7260  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:59:53.0262 0x7260  tdx - ok
18:59:53.0262 0x7260  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:59:53.0262 0x7260  TermDD - ok
18:59:53.0277 0x7260  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:59:53.0293 0x7260  TermService - ok
18:59:53.0293 0x7260  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:59:53.0293 0x7260  Themes - ok
18:59:53.0293 0x7260  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:59:53.0293 0x7260  THREADORDER - ok
18:59:53.0309 0x7260  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
18:59:53.0324 0x7260  tib - ok
18:59:53.0340 0x7260  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
18:59:53.0340 0x7260  tib_mounter - ok
18:59:53.0340 0x7260  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:59:53.0340 0x7260  TrkWks - ok
18:59:53.0355 0x7260  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:59:53.0355 0x7260  TrustedInstaller - ok
18:59:53.0355 0x7260  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:53.0355 0x7260  tssecsrv - ok
18:59:53.0355 0x7260  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:59:53.0355 0x7260  TsUsbFlt - ok
18:59:53.0355 0x7260  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:59:53.0355 0x7260  TsUsbGD - ok
18:59:53.0371 0x7260  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:59:53.0371 0x7260  tunnel - ok
18:59:53.0371 0x7260  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\Windows\system32\DRIVERS\t_mouse.sys
18:59:53.0371 0x7260  t_mouse.sys - ok
18:59:53.0371 0x7260  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:59:53.0371 0x7260  uagp35 - ok
18:59:53.0387 0x7260  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:59:53.0387 0x7260  udfs - ok
18:59:53.0387 0x7260  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:59:53.0387 0x7260  UI0Detect - ok
18:59:53.0387 0x7260  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:59:53.0402 0x7260  uliagpkx - ok
18:59:53.0402 0x7260  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:59:53.0402 0x7260  umbus - ok
18:59:53.0402 0x7260  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:59:53.0402 0x7260  UmPass - ok
18:59:53.0402 0x7260  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:59:53.0402 0x7260  UmRdpService - ok
18:59:53.0418 0x7260  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:59:53.0418 0x7260  upnphost - ok
18:59:53.0433 0x7260  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:53.0433 0x7260  usbccgp - ok
18:59:53.0433 0x7260  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:59:53.0433 0x7260  usbcir - ok
18:59:53.0433 0x7260  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:59:53.0433 0x7260  usbehci - ok
18:59:53.0449 0x7260  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:59:53.0449 0x7260  usbhub - ok
18:59:53.0449 0x7260  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:59:53.0449 0x7260  usbohci - ok
18:59:53.0449 0x7260  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:59:53.0449 0x7260  usbprint - ok
18:59:53.0465 0x7260  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:59:53.0465 0x7260  usbscan - ok
18:59:53.0465 0x7260  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
18:59:53.0465 0x7260  usbser - ok
18:59:53.0465 0x7260  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:53.0465 0x7260  USBSTOR - ok
18:59:53.0465 0x7260  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:59:53.0465 0x7260  usbuhci - ok
18:59:53.0465 0x7260  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:59:53.0480 0x7260  usb_rndisx - ok
18:59:53.0480 0x7260  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:59:53.0480 0x7260  UxSms - ok
18:59:53.0480 0x7260  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:59:53.0480 0x7260  VaultSvc - ok
18:59:53.0480 0x7260  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:59:53.0480 0x7260  vdrvroot - ok
18:59:53.0496 0x7260  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:59:53.0496 0x7260  vds - ok
18:59:53.0496 0x7260  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:53.0511 0x7260  vga - ok
18:59:53.0511 0x7260  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:59:53.0511 0x7260  VgaSave - ok
18:59:53.0511 0x7260  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:59:53.0511 0x7260  vhdmp - ok
18:59:53.0511 0x7260  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:59:53.0511 0x7260  viaide - ok
18:59:53.0527 0x7260  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
18:59:53.0527 0x7260  vididr - ok
18:59:53.0527 0x7260  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
18:59:53.0527 0x7260  vidsflt - ok
18:59:53.0543 0x7260  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:59:53.0543 0x7260  vmbus - ok
18:59:53.0543 0x7260  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:59:53.0543 0x7260  VMBusHID - ok
18:59:53.0543 0x7260  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:59:53.0543 0x7260  volmgr - ok
18:59:53.0558 0x7260  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:59:53.0558 0x7260  volmgrx - ok
18:59:53.0558 0x7260  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:59:53.0574 0x7260  volsnap - ok
18:59:53.0574 0x7260  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:59:53.0574 0x7260  vsmraid - ok
18:59:53.0605 0x7260  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:59:53.0621 0x7260  VSS - ok
18:59:53.0621 0x7260  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:53.0621 0x7260  vwifibus - ok
18:59:53.0636 0x7260  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:53.0636 0x7260  vwififlt - ok
18:59:53.0636 0x7260  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:59:53.0652 0x7260  W32Time - ok
18:59:53.0652 0x7260  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:59:53.0652 0x7260  WacomPen - ok
18:59:53.0652 0x7260  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:59:53.0652 0x7260  WANARP - ok
18:59:53.0652 0x7260  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:59:53.0652 0x7260  Wanarpv6 - ok
18:59:53.0683 0x7260  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:53.0699 0x7260  WatAdminSvc - ok
18:59:53.0714 0x7260  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:59:53.0745 0x7260  wbengine - ok
18:59:53.0745 0x7260  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:59:53.0745 0x7260  WbioSrvc - ok
18:59:53.0761 0x7260  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:59:53.0761 0x7260  wcncsvc - ok
18:59:53.0761 0x7260  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:59:53.0761 0x7260  WcsPlugInService - ok
18:59:53.0761 0x7260  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:59:53.0761 0x7260  Wd - ok
18:59:53.0792 0x7260  [ B8003E1C12E6ABCC8B1E6F448C99FB8F, A0FECC2A1B4414FF86EA0A23C341E84E0711542B4E43B7FAB85C3609442B0589 ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:59:53.0792 0x7260  WDBackup - ok
18:59:53.0808 0x7260  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:59:53.0808 0x7260  WDC_SAM - ok
18:59:53.0808 0x7260  [ DF166352F6E356BFA33A66DD37A96AA7, 3993C22810A490281F74BF26210C9A868BF8E99A0CB090BA8E0250A5D2BC1EB2 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:59:53.0808 0x7260  WDDriveService - ok
18:59:53.0823 0x7260  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:59:53.0839 0x7260  Wdf01000 - ok
18:59:53.0839 0x7260  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:59:53.0839 0x7260  WdiServiceHost - ok
18:59:53.0839 0x7260  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:59:53.0855 0x7260  WdiSystemHost - ok
18:59:53.0855 0x7260  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:59:53.0855 0x7260  WebClient - ok
18:59:53.0870 0x7260  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:59:53.0870 0x7260  Wecsvc - ok
18:59:53.0870 0x7260  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:59:53.0870 0x7260  wercplsupport - ok
18:59:53.0870 0x7260  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:59:53.0870 0x7260  WerSvc - ok
18:59:53.0886 0x7260  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:53.0886 0x7260  WfpLwf - ok
18:59:53.0886 0x7260  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:59:53.0886 0x7260  WIMMount - ok
18:59:53.0886 0x7260  WinDefend - ok
18:59:53.0886 0x7260  WinHttpAutoProxySvc - ok
18:59:53.0901 0x7260  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:59:53.0901 0x7260  Winmgmt - ok
18:59:53.0933 0x7260  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:59:53.0948 0x7260  WinRM - ok
18:59:53.0964 0x7260  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:53.0964 0x7260  WinUsb - ok
18:59:53.0979 0x7260  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:59:53.0995 0x7260  Wlansvc - ok
18:59:53.0995 0x7260  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:59:53.0995 0x7260  WmiAcpi - ok
18:59:53.0995 0x7260  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:59:53.0995 0x7260  wmiApSrv - ok
18:59:53.0995 0x7260  WMPNetworkSvc - ok
18:59:54.0011 0x7260  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:59:54.0011 0x7260  WPCSvc - ok
18:59:54.0011 0x7260  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:59:54.0011 0x7260  WPDBusEnum - ok
18:59:54.0011 0x7260  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:59:54.0011 0x7260  ws2ifsl - ok
18:59:54.0011 0x7260  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:59:54.0026 0x7260  wscsvc - ok
18:59:54.0026 0x7260  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:59:54.0026 0x7260  WSDPrintDevice - ok
18:59:54.0057 0x7260  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:59:54.0089 0x7260  wuauserv - ok
18:59:54.0104 0x7260  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:59:54.0104 0x7260  WudfPf - ok
18:59:54.0104 0x7260  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:54.0104 0x7260  WUDFRd - ok
18:59:54.0120 0x7260  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:59:54.0120 0x7260  wudfsvc - ok
18:59:54.0120 0x7260  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:59:54.0120 0x7260  WwanSvc - ok
18:59:54.0135 0x7260  ================ Scan global ===============================
18:59:54.0135 0x7260  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:59:54.0135 0x7260  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:59:54.0151 0x7260  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
18:59:54.0151 0x7260  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:59:54.0151 0x7260  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:59:54.0167 0x7260  [ Global ] - ok
18:59:54.0167 0x7260  ================ Scan MBR ==================================
18:59:54.0167 0x7260  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:59:54.0198 0x7260  \Device\Harddisk0\DR0 - ok
18:59:54.0213 0x7260  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
18:59:54.0291 0x7260  \Device\Harddisk2\DR2 - ok
18:59:54.0291 0x7260  ================ Scan VBR ==================================
18:59:54.0291 0x7260  [ E51C5506206249A7FE5D967BED15B7D2 ] \Device\Harddisk0\DR0\Partition1
18:59:54.0291 0x7260  \Device\Harddisk0\DR0\Partition1 - ok
18:59:54.0291 0x7260  [ C23824FBBED55DFFA636EBEC2B2A745A ] \Device\Harddisk0\DR0\Partition2
18:59:54.0291 0x7260  \Device\Harddisk0\DR0\Partition2 - ok
18:59:54.0291 0x7260  [ 2A9C4D752244105BD31675C831D28D38 ] \Device\Harddisk0\DR0\Partition3
18:59:54.0291 0x7260  \Device\Harddisk0\DR0\Partition3 - ok
18:59:54.0307 0x7260  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk2\DR2\Partition1
18:59:54.0323 0x7260  \Device\Harddisk2\DR2\Partition1 - ok
18:59:54.0323 0x7260  ================ Scan generic autorun ======================
18:59:54.0416 0x7260  [ DB333A5F69B00A6B550901A5C854929F, 7CAB6D0D20CDE3AE41B06826C9045CC3E3438AB94BB3D9D5C0E50EEF3C41101F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:59:54.0510 0x7260  RTHDVCPL - ok
18:59:54.0557 0x7260  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:59:54.0588 0x7260  NvBackend - ok
18:59:54.0588 0x7260  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:59:54.0588 0x7260  ShadowPlay - ok
18:59:54.0619 0x7260  [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
18:59:54.0650 0x7260  itype - ok
18:59:54.0650 0x7260  [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
18:59:54.0650 0x7260  MouseDriver - ok
18:59:54.0699 0x7260  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
18:59:54.0730 0x7260  EvtMgr6 - ok
18:59:54.0746 0x7260  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:59:54.0746 0x7260  Logitech Download Assistant - ok
18:59:54.0746 0x7260  [ 62C16443C5997CD83DC382720F07C255, 89EFBCFADA01B431F4CC19AB2EFC5E56288A17BC9FB15A1209A0CBFE44B8D022 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
18:59:54.0761 0x7260  Acronis Scheduler2 Service - ok
18:59:54.0777 0x7260  [ BA973512967321769A17B5193703C229, 227DF8C8B6297271EE860B6813C7897B5EA7979B0279A9A0E8EA46689FFEF76B ] C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
18:59:54.0793 0x7260  GoPro Tray App - ok
18:59:54.0793 0x7260  [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:59:54.0808 0x7260  USB3MON - ok
18:59:54.0808 0x7260  [ D287CE6BB173D1DA77DBB17CC8BA3284, 9BDBD6EBE24A24A8686374B7855856F261118F0BECE684461C46A42F482B09EB ] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe
18:59:54.0808 0x7260  PivotSoftware - ok
18:59:54.0808 0x7260  [ 3E3CA4C25019AF2D05645E6294B94E8B, F82ACEA4689222A9BB2364B53DB007366850B9D49286D204172F6B6CB06BBE80 ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
18:59:54.0808 0x7260  DT ACR - ok
18:59:54.0808 0x7260  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
18:59:54.0808 0x7260  GrooveMonitor - ok
18:59:54.0839 0x7260  [ F16C54B6BD5A1E71DD5D0894F14EC632, 963667110CFFAECA624A69BD133947A0B7E5C9E4DC784D73C810ADEBD9BBDDFF ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
18:59:54.0855 0x7260  WD Drive Unlocker - ok
18:59:54.0933 0x7260  [ 44F7F1C8873201DE4F68389DD478A425, 04A0E29E697BD58719DF8EE3C904B336B1A5FDB21B867E7CF2C6F9BAE8AD0113 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
18:59:55.0011 0x7260  WD Quick View - ok
18:59:55.0011 0x7260  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
18:59:55.0011 0x7260  HP Software Update - ok
18:59:55.0042 0x7260  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:59:55.0058 0x7260  Sidebar - ok
18:59:55.0073 0x7260  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:59:55.0073 0x7260  mctadmin - ok
18:59:55.0089 0x7260  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:59:55.0105 0x7260  Sidebar - ok
18:59:55.0105 0x7260  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:59:55.0105 0x7260  mctadmin - ok
18:59:55.0120 0x7260  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:59:55.0151 0x7260  Sidebar - ok
18:59:55.0167 0x7260  [ 1A1A7B2542A67C7A7D166920C8C3D075, 5EC58EFB03367613685956D7F78BE2C8C3A8334B9247E19FABC4790239D330A6 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
18:59:55.0183 0x7260  KiesPDLR.exe - ok
18:59:55.0183 0x7260  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Markus Schmidt\AppData\Local\Microsoft\BingSvc\BingSvc.exe
18:59:55.0183 0x7260  BingSvc - ok

sniper30 · 05.03.2017, 19:14

Code:

ATTFilter

18:59:55.0183 0x7260  Waiting for KSN requests completion. In queue: 242
18:59:56.0197 0x7260  Waiting for KSN requests completion. In queue: 242
18:59:57.0211 0x7260  Waiting for KSN requests completion. In queue: 242
18:59:58.0225 0x7260  Waiting for KSN requests completion. In queue: 242
18:59:59.0254 0x7260  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\wmiav.exe ( 16.0.1.445 ), 0x41000 ( enabled : updated )
18:59:59.0270 0x7260  Win FW state via NFP2: enabled ( trusted )
19:00:02.0031 0x7260  ============================================================
19:00:02.0031 0x7260  Scan finished
19:00:02.0031 0x7260  ============================================================
19:00:02.0047 0x8b3c  Detected object count: 0
19:00:02.0047 0x8b3c  Actual detected object count: 0
19:08:14.0113 0x8a78  ============================================================
19:08:14.0113 0x8a78  Scan started
19:08:14.0113 0x8a78  Mode: Manual; 
19:08:14.0113 0x8a78  ============================================================
19:08:14.0113 0x8a78  KSN ping started
19:08:27.0811 0x8a78  KSN ping finished: true
19:08:31.0135 0x8a78  ================ Scan system memory ========================
19:08:31.0135 0x8a78  Scan was interrupted by user!
19:08:31.0135 0x8a78  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\wmiav.exe ( 16.0.1.445 ), 0x41000 ( enabled : updated )
19:08:31.0135 0x8a78  Win FW state via NFP2: enabled ( trusted )
19:08:33.0974 0x8a78  ============================================================
19:08:33.0974 0x8a78  Scan finished
19:08:33.0974 0x8a78  ============================================================
19:08:33.0974 0x9378  Detected object count: 0
19:08:33.0974 0x9378  Actual detected object count: 0
19:08:46.0681 0x8804  ============================================================
19:08:46.0681 0x8804  Scan started
19:08:46.0681 0x8804  Mode: Manual; SigCheck; TDLFS; 
19:08:46.0681 0x8804  ============================================================
19:08:46.0681 0x8804  KSN ping started
19:08:49.0398 0x8804  KSN ping finished: true
19:08:51.0751 0x8804  ================ Scan system memory ========================
19:08:51.0751 0x8804  System memory - ok
19:08:51.0751 0x8804  ================ Scan services =============================
19:08:51.0797 0x8804  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:08:51.0829 0x8804  1394ohci - ok
19:08:51.0844 0x8804  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:08:51.0844 0x8804  ACPI - ok
19:08:51.0860 0x8804  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:08:51.0860 0x8804  AcpiPmi - ok
19:08:51.0891 0x8804  [ 8325369F44A16CE4261CE268818A1F53, FE0B51D6976D5A39146469E046C8AEE7504A4AE9C948CE861371379D100D20CC ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
19:08:51.0907 0x8804  AcrSch2Svc - ok
19:08:51.0907 0x8804  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:08:51.0922 0x8804  AdobeARMservice - ok
19:08:51.0938 0x8804  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:08:51.0938 0x8804  AdobeFlashPlayerUpdateSvc - ok
19:08:51.0953 0x8804  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:08:51.0969 0x8804  adp94xx - ok
19:08:51.0969 0x8804  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:08:51.0985 0x8804  adpahci - ok
19:08:51.0985 0x8804  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:08:52.0000 0x8804  adpu320 - ok
19:08:52.0000 0x8804  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:08:52.0000 0x8804  AeLookupSvc - ok
19:08:52.0016 0x8804  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
19:08:52.0031 0x8804  afcdp - ok
19:08:52.0078 0x8804  [ 3415F896A8AC52C50328676A7569F579, 1EF55C4A2605A47CFFE2C4A6EF0A96736674C9947D061528EF39079C855B319D ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
19:08:52.0141 0x8804  afcdpsrv - ok
19:08:52.0156 0x8804  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
19:08:52.0172 0x8804  AFD - ok
19:08:52.0172 0x8804  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:08:52.0187 0x8804  agp440 - ok
19:08:52.0187 0x8804  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:08:52.0203 0x8804  ALG - ok
19:08:52.0203 0x8804  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:08:52.0203 0x8804  aliide - ok
19:08:52.0203 0x8804  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:08:52.0219 0x8804  amdide - ok
19:08:52.0219 0x8804  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:08:52.0219 0x8804  AmdK8 - ok
19:08:52.0219 0x8804  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:08:52.0234 0x8804  AmdPPM - ok
19:08:52.0234 0x8804  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:08:52.0234 0x8804  amdsata - ok
19:08:52.0250 0x8804  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:08:52.0250 0x8804  amdsbs - ok
19:08:52.0250 0x8804  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:08:52.0265 0x8804  amdxata - ok
19:08:52.0265 0x8804  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
19:08:52.0265 0x8804  AppID - ok
19:08:52.0281 0x8804  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:08:52.0281 0x8804  AppIDSvc - ok
19:08:52.0281 0x8804  [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo         C:\Windows\System32\appinfo.dll
19:08:52.0297 0x8804  Appinfo - ok
19:08:52.0297 0x8804  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:08:52.0312 0x8804  AppMgmt - ok
19:08:52.0312 0x8804  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:08:52.0312 0x8804  arc - ok
19:08:52.0312 0x8804  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:08:52.0328 0x8804  arcsas - ok
19:08:52.0343 0x8804  [ 1A7A2CAC3B5AFABD6636B25DFE33CBAD, 0677FD0A6548E93320EF45B7EBD96F2FEA406790C68AA1F41623A1BFF8A1282E ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
19:08:52.0359 0x8804  asComSvc - ok
19:08:52.0359 0x8804  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
19:08:52.0375 0x8804  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
19:08:52.0375 0x8804  Detect skipped due to KSN trusted
19:08:52.0375 0x8804  ASGT - ok
19:08:52.0375 0x8804  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
19:08:52.0375 0x8804  AsIO - ok
19:08:52.0390 0x8804  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:08:52.0390 0x8804  aspnet_state - ok
19:08:52.0390 0x8804  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:52.0421 0x8804  AsyncMac - ok
19:08:52.0421 0x8804  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:08:52.0437 0x8804  atapi - ok
19:08:52.0437 0x8804  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:08:52.0468 0x8804  AudioEndpointBuilder - ok
19:08:52.0468 0x8804  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:08:52.0484 0x8804  AudioSrv - ok
19:08:52.0499 0x8804  [ 09F0E4D1F66C40AB770AD1540758C59E, 78591F6B94B5A5B9A6D434AC54A0BD5D606099A6FE48B25D17B2E01942CAEAE3 ] AVP16.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
19:08:52.0499 0x8804  AVP16.0.1 - ok
19:08:52.0515 0x8804  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:08:52.0531 0x8804  AxInstSV - ok
19:08:52.0531 0x8804  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:08:52.0546 0x8804  b06bdrv - ok
19:08:52.0546 0x8804  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:08:52.0562 0x8804  b57nd60a - ok
19:08:52.0562 0x8804  BCM42RLY - ok
19:08:52.0687 0x8804  [ 6A28AFEB1409E07DE96E805FA1C5723C, 58CB9EAFC414AC486338F9869926CCE51F36158246FFCE7F54BC22729839B38D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
19:08:52.0811 0x8804  BCM43XX - ok
19:08:52.0811 0x8804  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:08:52.0827 0x8804  BDESVC - ok
19:08:52.0827 0x8804  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:08:52.0843 0x8804  Beep - ok
19:08:52.0858 0x8804  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:08:52.0874 0x8804  BFE - ok
19:08:52.0889 0x8804  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:08:52.0936 0x8804  BITS - ok
19:08:52.0936 0x8804  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:52.0952 0x8804  blbdrive - ok
19:08:52.0952 0x8804  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:08:52.0952 0x8804  Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
19:08:52.0952 0x8804  Detect skipped due to KSN trusted
19:08:52.0952 0x8804  Bonjour Service - ok
19:08:52.0967 0x8804  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:08:52.0967 0x8804  bowser - ok
19:08:52.0967 0x8804  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:08:52.0983 0x8804  BrFiltLo - ok
19:08:52.0983 0x8804  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:08:52.0983 0x8804  BrFiltUp - ok
19:08:52.0983 0x8804  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:08:52.0999 0x8804  Browser - ok
19:08:52.0999 0x8804  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:08:53.0014 0x8804  Brserid - ok
19:08:53.0014 0x8804  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:53.0030 0x8804  BrSerWdm - ok
19:08:53.0030 0x8804  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:53.0045 0x8804  BrUsbMdm - ok
19:08:53.0045 0x8804  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:53.0045 0x8804  BrUsbSer - ok
19:08:53.0045 0x8804  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:08:53.0061 0x8804  BTHMODEM - ok
19:08:53.0061 0x8804  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:08:53.0077 0x8804  bthserv - ok
19:08:53.0092 0x8804  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:08:53.0108 0x8804  cdfs - ok
19:08:53.0108 0x8804  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:08:53.0123 0x8804  cdrom - ok
19:08:53.0123 0x8804  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:08:53.0139 0x8804  CertPropSvc - ok
19:08:53.0139 0x8804  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:08:53.0155 0x8804  circlass - ok
19:08:53.0155 0x8804  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:08:53.0170 0x8804  CLFS - ok
19:08:53.0170 0x8804  CLMirrorDriver - ok
19:08:53.0170 0x8804  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:53.0186 0x8804  clr_optimization_v2.0.50727_32 - ok
19:08:53.0186 0x8804  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:08:53.0186 0x8804  clr_optimization_v2.0.50727_64 - ok
19:08:53.0201 0x8804  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:08:53.0201 0x8804  clr_optimization_v4.0.30319_32 - ok
19:08:53.0217 0x8804  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:08:53.0217 0x8804  clr_optimization_v4.0.30319_64 - ok
19:08:53.0217 0x8804  CLVirtualBus01 - ok
19:08:53.0217 0x8804  clwvd7 - ok
19:08:53.0233 0x8804  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:08:53.0233 0x8804  CmBatt - ok
19:08:53.0233 0x8804  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:08:53.0233 0x8804  cmdide - ok
19:08:53.0248 0x8804  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
19:08:53.0264 0x8804  cm_km - ok
19:08:53.0264 0x8804  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:08:53.0279 0x8804  CNG - ok
19:08:53.0295 0x8804  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:08:53.0295 0x8804  Compbatt - ok
19:08:53.0295 0x8804  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:08:53.0311 0x8804  CompositeBus - ok
19:08:53.0311 0x8804  COMSysApp - ok
19:08:53.0311 0x8804  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:08:53.0311 0x8804  crcdisk - ok
19:08:53.0311 0x8804  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:08:53.0326 0x8804  CryptSvc - ok
19:08:53.0342 0x8804  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:08:53.0357 0x8804  CSC - ok
19:08:53.0357 0x8804  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:08:53.0373 0x8804  CscService - ok
19:08:53.0389 0x8804  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:08:53.0389 0x8804  dbupdate - ok
19:08:53.0404 0x8804  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:08:53.0404 0x8804  dbupdatem - ok
19:08:53.0404 0x8804  dbx - ok
19:08:53.0404 0x8804  [ 5B7A202DECF962A6C9A2E759551BF05E, 6BA11F7728C0A13EA4B6EF478584AE0117BA5909346FF6FE20308674F34701D7 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
19:08:53.0420 0x8804  DbxSvc - ok
19:08:53.0420 0x8804  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:08:53.0435 0x8804  DcomLaunch - ok
19:08:53.0451 0x8804  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:08:53.0467 0x8804  defragsvc - ok
19:08:53.0467 0x8804  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:08:53.0498 0x8804  DfsC - ok
19:08:53.0498 0x8804  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:08:53.0498 0x8804  dg_ssudbus - ok
19:08:53.0513 0x8804  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:08:53.0513 0x8804  Dhcp - ok
19:08:53.0545 0x8804  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:08:53.0576 0x8804  DiagTrack - ok
19:08:53.0576 0x8804  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:08:53.0591 0x8804  discache - ok
19:08:53.0591 0x8804  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
19:08:53.0607 0x8804  Disk - ok
19:08:53.0607 0x8804  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:08:53.0607 0x8804  dmvsc - ok
19:08:53.0623 0x8804  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:08:53.0623 0x8804  Dnscache - ok
19:08:53.0638 0x8804  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:08:53.0654 0x8804  dot3svc - ok
19:08:53.0654 0x8804  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:08:53.0685 0x8804  DPS - ok
19:08:53.0685 0x8804  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:08:53.0685 0x8804  drmkaud - ok
19:08:53.0701 0x8804  [ 716FCDFED2640B480B747CCFD2684C47, A020D6931A7DF062E2D09AE947345625621CB25A69C632D1861789C4B2CFC0A2 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
19:08:53.0701 0x8804  DTSRVC - ok
19:08:53.0716 0x8804  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:08:53.0732 0x8804  DXGKrnl - ok
19:08:53.0747 0x8804  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:08:53.0763 0x8804  EapHost - ok
19:08:53.0816 0x8804  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:08:53.0873 0x8804  ebdrv - ok
19:08:53.0878 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] EFS             C:\Windows\System32\lsass.exe
19:08:53.0885 0x8804  EFS - ok
19:08:53.0898 0x8804  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:08:53.0917 0x8804  ehRecvr - ok
19:08:53.0917 0x8804  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:08:53.0917 0x8804  ehSched - ok
19:08:53.0933 0x8804  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:08:53.0949 0x8804  elxstor - ok
19:08:53.0964 0x8804  [ 2A319FF164B97EE281777957F63E0E05, D89E99B75DA57085D29FC962429E975DEED9CBE3BAF3BBCDCFE89274383B7CCE ] EPLAN Client Service C:\Program Files\EPLAN\Common\EClientService.exe
19:08:53.0980 0x8804  EPLAN Client Service - ok
19:08:53.0980 0x8804  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:08:53.0980 0x8804  ErrDev - ok
19:08:53.0995 0x8804  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:08:54.0027 0x8804  EventSystem - ok
19:08:54.0027 0x8804  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:08:54.0042 0x8804  exfat - ok
19:08:54.0042 0x8804  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:08:54.0073 0x8804  fastfat - ok
19:08:54.0089 0x8804  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:08:54.0105 0x8804  Fax - ok
19:08:54.0105 0x8804  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:08:54.0105 0x8804  fdc - ok
19:08:54.0105 0x8804  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:08:54.0136 0x8804  fdPHost - ok
19:08:54.0136 0x8804  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:08:54.0151 0x8804  FDResPub - ok
19:08:54.0151 0x8804  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:08:54.0167 0x8804  FileInfo - ok
19:08:54.0167 0x8804  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:08:54.0183 0x8804  Filetrace - ok
19:08:54.0198 0x8804  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:08:54.0214 0x8804  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
19:08:54.0214 0x8804  Detect skipped due to KSN trusted
19:08:54.0214 0x8804  FLEXnet Licensing Service - ok
19:08:54.0214 0x8804  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:08:54.0214 0x8804  flpydisk - ok
19:08:54.0230 0x8804  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:08:54.0240 0x8804  FltMgr - ok
19:08:54.0244 0x8804  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
19:08:54.0251 0x8804  fltsrv - ok
19:08:54.0276 0x8804  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
19:08:54.0302 0x8804  FontCache - ok
19:08:54.0306 0x8804  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:54.0312 0x8804  FontCache3.0.0.0 - ok
19:08:54.0314 0x8804  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:08:54.0321 0x8804  FsDepends - ok
19:08:54.0323 0x8804  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:08:54.0329 0x8804  Fs_Rec - ok
19:08:54.0333 0x8804  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:08:54.0344 0x8804  fvevol - ok
19:08:54.0347 0x8804  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:08:54.0353 0x8804  gagp30kx - ok
19:08:54.0372 0x8804  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:08:54.0395 0x8804  GfExperienceService - ok
19:08:54.0405 0x8804  [ BDA6549A7E5255396A5CB41CE2905668, 1877F31F184AFACF24A92C4956307E40C745F36ACD8488F2DCBA0FAE2B0484AD ] GoProDeviceDetectionService C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
19:08:54.0411 0x8804  GoProDeviceDetectionService - ok
19:08:54.0425 0x8804  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:08:54.0455 0x8804  gpsvc - ok
19:08:54.0460 0x8804  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:54.0467 0x8804  gupdate - ok
19:08:54.0473 0x8804  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:54.0479 0x8804  gupdatem - ok
19:08:54.0481 0x8804  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:08:54.0488 0x8804  hcw85cir - ok
19:08:54.0495 0x8804  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:08:54.0507 0x8804  HdAudAddService - ok
19:08:54.0511 0x8804  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:08:54.0516 0x8804  HDAudBus - ok
19:08:54.0516 0x8804  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:08:54.0516 0x8804  HidBatt - ok
19:08:54.0532 0x8804  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:08:54.0532 0x8804  HidBth - ok
19:08:54.0532 0x8804  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:08:54.0548 0x8804  HidIr - ok
19:08:54.0548 0x8804  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:08:54.0565 0x8804  hidserv - ok
19:08:54.0565 0x8804  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:08:54.0581 0x8804  HidUsb - ok
19:08:54.0581 0x8804  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:08:54.0596 0x8804  hkmsvc - ok
19:08:54.0596 0x8804  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:08:54.0612 0x8804  HomeGroupListener - ok
19:08:54.0612 0x8804  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:08:54.0628 0x8804  HomeGroupProvider - ok
19:08:54.0628 0x8804  [ F5F4818A15AF6128A2BADD1B1F102413, E566CA6097502EE411756CD5BE6504B229BB5EAF78E0DA7C485B75E5BE9B0773 ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
19:08:54.0628 0x8804  HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
19:08:54.0628 0x8804  Detect skipped due to KSN trusted
19:08:54.0628 0x8804  HP DS Service - ok
19:08:54.0628 0x8804  [ 3BF3B2F977115DD06475983790032BA7, 47C374EF12C01C7E2A881CD78C874B09F1563F96028289AFF7DB40E3C4BE9CFC ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
19:08:54.0643 0x8804  HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
19:08:54.0643 0x8804  Detect skipped due to KSN trusted
19:08:54.0643 0x8804  HP LaserJet Service - ok
19:08:54.0643 0x8804  [ E325F85012E793CEE74B73C4F22AE311, B427ACF55E9FFCC6275B1EA2A6120E8D7B5B589CBBE0D114BB1376CB988B8FFC ] HPFXBULKLEDM    C:\Windows\system32\drivers\hppdbulkio.sys
19:08:54.0643 0x8804  HPFXBULKLEDM - ok
19:08:54.0643 0x8804  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:08:54.0659 0x8804  HpSAMD - ok
19:08:54.0659 0x8804  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:08:54.0690 0x8804  HTTP - ok
19:08:54.0690 0x8804  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:08:54.0690 0x8804  hwpolicy - ok
19:08:54.0690 0x8804  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:08:54.0706 0x8804  i8042prt - ok
19:08:54.0706 0x8804  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:08:54.0721 0x8804  iaStorV - ok
19:08:54.0737 0x8804  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:54.0752 0x8804  idsvc - ok
19:08:54.0752 0x8804  IEEtwCollectorService - ok
19:08:54.0752 0x8804  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:08:54.0768 0x8804  iirsp - ok
19:08:54.0768 0x8804  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:08:54.0799 0x8804  IKEEXT - ok
19:08:54.0862 0x8804  [ E4FD2A81EF844C01E3BA6FBED1644A23, 022419EDDA4694536FD677EB3C6BA79A0B318982F0F7644918FD828D1FF64758 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:08:54.0924 0x8804  IntcAzAudAddService - ok
19:08:54.0924 0x8804  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:08:54.0940 0x8804  intelide - ok
19:08:54.0940 0x8804  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:08:54.0940 0x8804  intelppm - ok
19:08:54.0955 0x8804  IOMap - ok
19:08:54.0955 0x8804  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:08:54.0971 0x8804  IPBusEnum - ok
19:08:54.0971 0x8804  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:54.0986 0x8804  IpFilterDriver - ok
19:08:55.0002 0x8804  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:08:55.0018 0x8804  iphlpsvc - ok
19:08:55.0018 0x8804  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:08:55.0033 0x8804  IPMIDRV - ok
19:08:55.0033 0x8804  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:08:55.0049 0x8804  IPNAT - ok
19:08:55.0049 0x8804  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:08:55.0064 0x8804  IRENUM - ok
19:08:55.0064 0x8804  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:08:55.0064 0x8804  isapnp - ok
19:08:55.0080 0x8804  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:08:55.0080 0x8804  iScsiPrt - ok
19:08:55.0096 0x8804  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
19:08:55.0096 0x8804  iumsvc - ok
19:08:55.0096 0x8804  [ 897B93573F07C9CB1140516DAC44BC7E, C80665FEA4913DDC72F2140EC92CD4FA5D693BD8D0E4029A99DB96D63172E3D1 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:08:55.0111 0x8804  iusb3hcs - ok
19:08:55.0111 0x8804  [ 2D15CEDF619796002E8640F73A4BF920, FCC0137CB5AE32266A550EE46106B80F431F0B55342599951B9D032F8EA10649 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
19:08:55.0127 0x8804  iusb3hub - ok
19:08:55.0142 0x8804  [ F1E93FE111924D0BC853155AADF8048B, 2DFD5B3D042286A0FD5E482C81FAE339E4F05C0A6DFF43061D8502C4551125F7 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:08:55.0158 0x8804  iusb3xhc - ok
19:08:55.0158 0x8804  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:55.0158 0x8804  kbdclass - ok
19:08:55.0174 0x8804  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:08:55.0174 0x8804  kbdhid - ok
19:08:55.0174 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] KeyIso          C:\Windows\system32\lsass.exe
19:08:55.0189 0x8804  KeyIso - ok
19:08:55.0189 0x8804  [ 62EBD4202B505ACADE2FBC56CC73E0A2, 2FCA80096B7DB5B42E76F527D9ABCF29AF7D52FC60BED6DD4C11C1BACA0D63F1 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
19:08:55.0205 0x8804  kl1 - ok
19:08:55.0205 0x8804  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:08:55.0220 0x8804  klbackupdisk - ok
19:08:55.0220 0x8804  [ D3BEF82D7A5A1560F667D5FCC0E90387, 35473F72346DBAA02EB98319B4AD587550B996607B8B714D356D04A4B28E2F09 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
19:08:55.0220 0x8804  klbackupflt - ok
19:08:55.0236 0x8804  [ B12242478186B62B2E214288B7DB3612, D3381C6B95A27D75348DC51411BABE144A4C333E1441077C4BF13A3BFBB4CA06 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
19:08:55.0236 0x8804  kldisk - ok
19:08:55.0236 0x8804  [ 3025DB68C9BFFF3EA67986C91340EC12, 74E61837A0EEA5F56104F0FFC7B8FEFB7BFB7A22D7F0903C4A7AEAE1E1532920 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
19:08:55.0252 0x8804  klflt - ok
19:08:55.0267 0x8804  [ 53E82813D132491C84AA7A4B0CA2707A, 94F0E5819593A7D2BF7D8FC9A6B0A11363788A50D0B9E8A7F3E3B941BCFD7709 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
19:08:55.0267 0x8804  klhk - ok
19:08:55.0283 0x8804  [ D90C2622A2D717704C0AA33134BAA07E, 5DE2FCBE4043DD79F472C99FED8A8189A0AD231F9DB7453F1781775CE67CBF47 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:08:55.0314 0x8804  KLIF - ok
19:08:55.0314 0x8804  [ E540E1C90970FAFEBCCCE3EEC3B8673F, BA2229A237A5088D3FBAA567069C56CDE7EBB4B37D5FB24F691BFF6FE1B0BD69 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
19:08:55.0314 0x8804  KLIM6 - ok
19:08:55.0330 0x8804  [ 0D5E3D54FDFE598CF570312310C0D8E5, B1DAF9B19531D4C9CB7584D90341C429E3A3793B9A6FEDCC5CF8B70508240FE7 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:08:55.0330 0x8804  klkbdflt - ok
19:08:55.0330 0x8804  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:08:55.0345 0x8804  klmouflt - ok
19:08:55.0345 0x8804  [ 26E1917517E613D07F2A122CEEBB8161, A03C4F9FA37DBB48AB00330A4F0ACC7841D425DAE7E374508AD53BC010C0F746 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:08:55.0345 0x8804  klpd - ok
19:08:55.0345 0x8804  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
19:08:55.0362 0x8804  kltdi - ok
19:08:55.0362 0x8804  [ B48F79A7B58EB9A5E4894A96453C6957, B05176A40DA7321409866D77DA03A36B44DA386C45C6AF149B14F65C2B9C8A6B ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
19:08:55.0377 0x8804  klvssbrigde64 - ok
19:08:55.0377 0x8804  [ 7FAE98B11E1218C707A28F993CFE271C, 7BD94243B7004C8A719733A03BB1320FCDF9F53FB7240058F7006C1DFE9E59B0 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
19:08:55.0377 0x8804  Klwtp - ok
19:08:55.0393 0x8804  [ 58CD685752080EDAEB4EEC7E6428546D, 59E280A025A91BCEC029D21B4DCC6342F354B9D6592C0EE14217BF5B32FB259B ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
19:08:55.0393 0x8804  kneps - ok
19:08:55.0393 0x8804  [ 211A379BAAB812A7B437319BD85B2435, 4C8B82817B735BEFC0C8E2A42C7EF547D1C179561D3C97B3067B5EA3408F9E4D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:08:55.0409 0x8804  KSecDD - ok
19:08:55.0409 0x8804  [ CC1B3B52F33CBC1CE60867DA4E23537C, A373DBCE6A53B77F59D9C83E243E5C1A2B4C38571CA28198229730D612561978 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:08:55.0424 0x8804  KSecPkg - ok
19:08:55.0424 0x8804  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:08:55.0440 0x8804  ksthunk - ok
19:08:55.0440 0x8804  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:08:55.0471 0x8804  KtmRm - ok
19:08:55.0471 0x8804  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:08:55.0502 0x8804  LanmanServer - ok
19:08:55.0502 0x8804  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:08:55.0518 0x8804  LanmanWorkstation - ok
19:08:55.0533 0x8804  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
19:08:55.0533 0x8804  LBTServ - ok
19:08:55.0549 0x8804  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
19:08:55.0549 0x8804  LEqdUsb - ok
19:08:55.0549 0x8804  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
19:08:55.0549 0x8804  LHidEqd - ok
19:08:55.0549 0x8804  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:08:55.0565 0x8804  LHidFilt - ok
19:08:55.0565 0x8804  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:08:55.0580 0x8804  lltdio - ok
19:08:55.0596 0x8804  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:08:55.0611 0x8804  lltdsvc - ok
19:08:55.0611 0x8804  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:08:55.0627 0x8804  lmhosts - ok
19:08:55.0643 0x8804  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:08:55.0643 0x8804  LMouFilt - ok
19:08:55.0643 0x8804  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:08:55.0658 0x8804  LSI_FC - ok
19:08:55.0658 0x8804  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:08:55.0658 0x8804  LSI_SAS - ok
19:08:55.0658 0x8804  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:08:55.0674 0x8804  LSI_SAS2 - ok
19:08:55.0674 0x8804  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:08:55.0674 0x8804  LSI_SCSI - ok
19:08:55.0689 0x8804  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:08:55.0705 0x8804  luafv - ok
19:08:55.0705 0x8804  MBAMSwissArmy - ok
19:08:55.0705 0x8804  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:08:55.0721 0x8804  Mcx2Svc - ok
19:08:55.0721 0x8804  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:08:55.0721 0x8804  megasas - ok
19:08:55.0736 0x8804  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:08:55.0736 0x8804  MegaSR - ok
19:08:55.0752 0x8804  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:08:55.0752 0x8804  MEIx64 - ok
19:08:55.0752 0x8804  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:08:55.0767 0x8804  Microsoft Office Groove Audit Service - ok
19:08:55.0767 0x8804  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:08:55.0783 0x8804  MMCSS - ok
19:08:55.0783 0x8804  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:08:55.0799 0x8804  Modem - ok
19:08:55.0799 0x8804  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:08:55.0814 0x8804  monitor - ok
19:08:55.0814 0x8804  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:08:55.0830 0x8804  mouclass - ok
19:08:55.0830 0x8804  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:08:55.0830 0x8804  mouhid - ok
19:08:55.0830 0x8804  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:08:55.0845 0x8804  mountmgr - ok
19:08:55.0845 0x8804  [ 17C3D8D5E65AE57B5E94B969433C0F99, 389F235A540CE1D55903F86C9045CAFC95B93E8EF0C3369D048D67B1106DE6E5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:08:55.0845 0x8804  MozillaMaintenance - ok
19:08:55.0861 0x8804  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:08:55.0861 0x8804  mpio - ok
19:08:55.0861 0x8804  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:08:55.0892 0x8804  mpsdrv - ok
19:08:55.0892 0x8804  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:08:55.0923 0x8804  MpsSvc - ok
19:08:55.0939 0x8804  Mrvleap - ok
19:08:55.0939 0x8804  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:08:55.0939 0x8804  MRxDAV - ok
19:08:55.0955 0x8804  [ 07F8F6B0CAEC7ADD30EBD94940A315D7, 288429A146B74E88D93C5BC19D878A42AC6F411EE31D9A6D36A2A2FFCF7B9436 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:55.0955 0x8804  mrxsmb - ok
19:08:55.0970 0x8804  [ 8856E45D23BFF4D977BF06D0543BCD96, 0066C061A3516A16C2477590859865E46E522A290CCE17C3EC1B69F81E466E9E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:55.0970 0x8804  mrxsmb10 - ok
19:08:55.0986 0x8804  [ 8D383CED28332B5F3894658857472F47, CB3872543D08C6432CF884C11A5897637A6FC7E9AC40F424444BAAA49C9FC32A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:55.0986 0x8804  mrxsmb20 - ok
19:08:55.0986 0x8804  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:08:56.0001 0x8804  msahci - ok
19:08:56.0001 0x8804  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:08:56.0001 0x8804  msdsm - ok
19:08:56.0017 0x8804  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:08:56.0026 0x8804  MSDTC - ok
19:08:56.0029 0x8804  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:08:56.0047 0x8804  Msfs - ok
19:08:56.0049 0x8804  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:08:56.0068 0x8804  mshidkmdf - ok
19:08:56.0070 0x8804  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:08:56.0075 0x8804  msisadrv - ok
19:08:56.0079 0x8804  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:08:56.0101 0x8804  MSiSCSI - ok
19:08:56.0103 0x8804  msiserver - ok
19:08:56.0104 0x8804  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:08:56.0123 0x8804  MSKSSRV - ok
19:08:56.0125 0x8804  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:56.0144 0x8804  MSPCLOCK - ok
19:08:56.0146 0x8804  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:08:56.0150 0x8804  MSPQM - ok
19:08:56.0166 0x8804  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:08:56.0181 0x8804  MsRPC - ok
19:08:56.0181 0x8804  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:08:56.0181 0x8804  mssmbios - ok
19:08:56.0181 0x8804  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:08:56.0212 0x8804  MSTEE - ok
19:08:56.0212 0x8804  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:08:56.0212 0x8804  MTConfig - ok
19:08:56.0212 0x8804  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:08:56.0228 0x8804  Mup - ok
19:08:56.0228 0x8804  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:08:56.0259 0x8804  napagent - ok
19:08:56.0259 0x8804  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:08:56.0275 0x8804  NativeWifiP - ok
19:08:56.0290 0x8804  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:08:56.0322 0x8804  NDIS - ok
19:08:56.0322 0x8804  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:56.0337 0x8804  NdisCap - ok
19:08:56.0337 0x8804  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:56.0353 0x8804  NdisTapi - ok
19:08:56.0368 0x8804  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:56.0384 0x8804  Ndisuio - ok
19:08:56.0384 0x8804  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:56.0400 0x8804  NdisWan - ok
19:08:56.0415 0x8804  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:08:56.0431 0x8804  NDProxy - ok
19:08:56.0431 0x8804  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:08:56.0431 0x8804  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:08:56.0431 0x8804  Detect skipped due to KSN trusted
19:08:56.0431 0x8804  Net Driver HPZ12 - ok
19:08:56.0431 0x8804  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:08:56.0462 0x8804  NetBIOS - ok
19:08:56.0462 0x8804  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:08:56.0478 0x8804  NetBT - ok
19:08:56.0493 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] Netlogon        C:\Windows\system32\lsass.exe
19:08:56.0493 0x8804  Netlogon - ok
19:08:56.0493 0x8804  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:08:56.0524 0x8804  Netman - ok
19:08:56.0524 0x8804  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:56.0540 0x8804  NetMsmqActivator - ok
19:08:56.0540 0x8804  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:56.0540 0x8804  NetPipeActivator - ok
19:08:56.0556 0x8804  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:08:56.0587 0x8804  netprofm - ok
19:08:56.0587 0x8804  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:56.0587 0x8804  NetTcpActivator - ok
19:08:56.0602 0x8804  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:56.0602 0x8804  NetTcpPortSharing - ok
19:08:56.0602 0x8804  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:08:56.0618 0x8804  nfrd960 - ok
19:08:56.0618 0x8804  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:08:56.0634 0x8804  NlaSvc - ok
19:08:56.0634 0x8804  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:08:56.0649 0x8804  Npfs - ok
19:08:56.0649 0x8804  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:08:56.0680 0x8804  nsi - ok
19:08:56.0680 0x8804  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:08:56.0696 0x8804  nsiproxy - ok
19:08:56.0727 0x8804  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:08:56.0758 0x8804  Ntfs - ok
19:08:56.0758 0x8804  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:08:56.0774 0x8804  Null - ok
19:08:56.0774 0x8804  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:08:56.0790 0x8804  NVHDA - ok
19:08:56.0931 0x8804  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:08:57.0087 0x8804  nvlddmkm - ok
19:08:57.0118 0x8804  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:08:57.0165 0x8804  NvNetworkService - ok
19:08:57.0165 0x8804  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:08:57.0165 0x8804  nvraid - ok
19:08:57.0181 0x8804  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:08:57.0181 0x8804  nvstor - ok
19:08:57.0181 0x8804  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:08:57.0196 0x8804  NvStreamKms - ok
19:08:57.0196 0x8804  NvStreamSvc - ok
19:08:57.0212 0x8804  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:08:57.0227 0x8804  nvsvc - ok
19:08:57.0227 0x8804  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:08:57.0243 0x8804  nvvad_WaveExtensible - ok
19:08:57.0243 0x8804  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:08:57.0243 0x8804  nv_agp - ok
19:08:57.0259 0x8804  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:08:57.0274 0x8804  odserv - ok
19:08:57.0274 0x8804  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:08:57.0274 0x8804  ohci1394 - ok
19:08:57.0274 0x8804  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:08:57.0290 0x8804  ose - ok
19:08:57.0290 0x8804  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:08:57.0305 0x8804  p2pimsvc - ok
19:08:57.0321 0x8804  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:08:57.0321 0x8804  p2psvc - ok
19:08:57.0337 0x8804  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:08:57.0337 0x8804  Parport - ok
19:08:57.0337 0x8804  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:08:57.0352 0x8804  partmgr - ok
19:08:57.0352 0x8804  [ 5EACB8A19CAD7057806FBBF9550165E1, 63B9AE044F9205E395B9573BE32EC8A9695A16E4DF1BF3E7F7F5FFD336A7029E ] PcaSp60         C:\Windows\system32\DRIVERS\PcaSp60.sys
19:08:57.0352 0x8804  PcaSp60 - ok
19:08:57.0368 0x8804  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:08:57.0368 0x8804  PcaSvc - ok
19:08:57.0368 0x8804  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:08:57.0383 0x8804  pci - ok
19:08:57.0383 0x8804  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:08:57.0383 0x8804  pciide - ok
19:08:57.0399 0x8804  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:08:57.0399 0x8804  pcmcia - ok
19:08:57.0399 0x8804  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:08:57.0415 0x8804  pcw - ok
19:08:57.0446 0x8804  [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
19:08:57.0477 0x8804  PDF Architect 3 - ok
19:08:57.0508 0x8804  [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
19:08:57.0524 0x8804  PDF Architect 3 CrashHandler - ok
19:08:57.0539 0x8804  [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
19:08:57.0555 0x8804  PDF Architect 3 Creator - ok
19:08:57.0555 0x8804  [ E70DA663558CFABE378A412C7748347D, F98D13AD7C889A4273A88B02A296B33503C52EB44A7338EE022FF580F1D15393 ] PdiPorts        C:\Windows\system32\DRIVERS\PdiPorts.sys
19:08:57.0555 0x8804  PdiPorts - ok
19:08:57.0555 0x8804  [ CD7C3234BBE062AB5A9127D831298491, 918FA09972694DF31357D28B24C2FAA8E5A56C1F319F386B484981C386CD63E2 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
19:08:57.0571 0x8804  PdiService - ok
19:08:57.0586 0x8804  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:08:57.0602 0x8804  PEAUTH - ok
19:08:57.0617 0x8804  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:08:57.0649 0x8804  PeerDistSvc - ok
19:08:57.0649 0x8804  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:08:57.0664 0x8804  PerfHost - ok
19:08:57.0680 0x8804  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:08:57.0727 0x8804  pla - ok
19:08:57.0727 0x8804  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:08:57.0742 0x8804  PlugPlay - ok
19:08:57.0742 0x8804  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:08:57.0758 0x8804  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:08:57.0758 0x8804  Detect skipped due to KSN trusted
19:08:57.0758 0x8804  Pml Driver HPZ12 - ok
19:08:57.0758 0x8804  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:08:57.0758 0x8804  PNRPAutoReg - ok
19:08:57.0773 0x8804  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:08:57.0773 0x8804  PNRPsvc - ok
19:08:57.0789 0x8804  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:08:57.0820 0x8804  PolicyAgent - ok
19:08:57.0820 0x8804  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:08:57.0836 0x8804  Power - ok
19:08:57.0851 0x8804  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:08:57.0867 0x8804  PptpMiniport - ok
19:08:57.0867 0x8804  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:08:57.0867 0x8804  Processor - ok
19:08:57.0883 0x8804  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:08:57.0883 0x8804  ProfSvc - ok
19:08:57.0883 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:08:57.0898 0x8804  ProtectedStorage - ok
19:08:57.0898 0x8804  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:08:57.0914 0x8804  Psched - ok
19:08:57.0945 0x8804  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:08:57.0976 0x8804  ql2300 - ok
19:08:57.0992 0x8804  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:08:57.0992 0x8804  ql40xx - ok
19:08:57.0992 0x8804  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:08:58.0007 0x8804  QWAVE - ok
19:08:58.0007 0x8804  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:08:58.0023 0x8804  QWAVEdrv - ok
19:08:58.0023 0x8804  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:08:58.0039 0x8804  RasAcd - ok
19:08:58.0039 0x8804  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:08:58.0070 0x8804  RasAgileVpn - ok
19:08:58.0070 0x8804  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:08:58.0085 0x8804  RasAuto - ok
19:08:58.0085 0x8804  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:58.0117 0x8804  Rasl2tp - ok
19:08:58.0117 0x8804  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:08:58.0132 0x8804  RasMan - ok
19:08:58.0148 0x8804  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:58.0163 0x8804  RasPppoe - ok
19:08:58.0163 0x8804  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:08:58.0179 0x8804  RasSstp - ok
19:08:58.0195 0x8804  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:08:58.0210 0x8804  rdbss - ok
19:08:58.0210 0x8804  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:08:58.0226 0x8804  rdpbus - ok
19:08:58.0226 0x8804  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:58.0241 0x8804  RDPCDD - ok
19:08:58.0257 0x8804  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:08:58.0257 0x8804  RDPDR - ok
19:08:58.0257 0x8804  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:08:58.0273 0x8804  RDPENCDD - ok
19:08:58.0288 0x8804  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:08:58.0304 0x8804  RDPREFMP - ok
19:08:58.0304 0x8804  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:08:58.0304 0x8804  RdpVideoMiniport - ok
19:08:58.0319 0x8804  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:08:58.0319 0x8804  RDPWD - ok
19:08:58.0335 0x8804  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:08:58.0335 0x8804  rdyboost - ok
19:08:58.0335 0x8804  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:08:58.0366 0x8804  RemoteAccess - ok
19:08:58.0366 0x8804  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:08:58.0382 0x8804  RemoteRegistry - ok
19:08:58.0382 0x8804  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:08:58.0413 0x8804  RpcEptMapper - ok
19:08:58.0413 0x8804  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:08:58.0413 0x8804  RpcLocator - ok
19:08:58.0429 0x8804  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
19:08:58.0444 0x8804  RpcSs - ok
19:08:58.0444 0x8804  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:08:58.0460 0x8804  rspndr - ok
19:08:58.0475 0x8804  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:08:58.0491 0x8804  RTL8167 - ok
19:08:58.0491 0x8804  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:08:58.0507 0x8804  s3cap - ok
19:08:58.0507 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] SamSs           C:\Windows\system32\lsass.exe
19:08:58.0507 0x8804  SamSs - ok
19:08:58.0507 0x8804  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:08:58.0522 0x8804  sbp2port - ok
19:08:58.0522 0x8804  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:08:58.0553 0x8804  SCardSvr - ok
19:08:58.0553 0x8804  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:08:58.0569 0x8804  scfilter - ok
19:08:58.0585 0x8804  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:08:58.0600 0x8804  Schedule - ok
19:08:58.0616 0x8804  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:08:58.0631 0x8804  SCPolicySvc - ok
19:08:58.0631 0x8804  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:08:58.0647 0x8804  SDRSVC - ok
19:08:58.0647 0x8804  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:08:58.0663 0x8804  secdrv - ok
19:08:58.0663 0x8804  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
19:08:58.0663 0x8804  seclogon - ok
19:08:58.0663 0x8804  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:08:58.0694 0x8804  SENS - ok
19:08:58.0694 0x8804  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:08:58.0694 0x8804  SensrSvc - ok
19:08:58.0694 0x8804  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:08:58.0709 0x8804  Serenum - ok
19:08:58.0709 0x8804  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:08:58.0709 0x8804  Serial - ok
19:08:58.0725 0x8804  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:08:58.0725 0x8804  sermouse - ok
19:08:58.0725 0x8804  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:08:58.0756 0x8804  SessionEnv - ok
19:08:58.0756 0x8804  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:08:58.0756 0x8804  sffdisk - ok
19:08:58.0756 0x8804  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:08:58.0772 0x8804  sffp_mmc - ok
19:08:58.0772 0x8804  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:08:58.0772 0x8804  sffp_sd - ok
19:08:58.0787 0x8804  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:08:58.0787 0x8804  sfloppy - ok
19:08:58.0787 0x8804  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:08:58.0819 0x8804  SharedAccess - ok
19:08:58.0834 0x8804  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:08:58.0850 0x8804  ShellHWDetection - ok
19:08:58.0850 0x8804  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:08:58.0865 0x8804  SiSRaid2 - ok
19:08:58.0865 0x8804  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:08:58.0865 0x8804  SiSRaid4 - ok
19:08:58.0881 0x8804  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:08:58.0897 0x8804  SkypeUpdate - ok
19:08:58.0897 0x8804  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:08:58.0912 0x8804  Smb - ok
19:08:58.0912 0x8804  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
19:08:58.0928 0x8804  snapman - ok
19:08:58.0928 0x8804  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:08:58.0943 0x8804  SNMPTRAP - ok
19:08:58.0943 0x8804  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:08:58.0943 0x8804  spldr - ok
19:08:58.0959 0x8804  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:08:58.0975 0x8804  Spooler - ok
19:08:59.0021 0x8804  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:08:59.0099 0x8804  sppsvc - ok
19:08:59.0099 0x8804  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:08:59.0115 0x8804  sppuinotify - ok
19:08:59.0131 0x8804  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:08:59.0146 0x8804  srv - ok
19:08:59.0146 0x8804  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:08:59.0162 0x8804  srv2 - ok
19:08:59.0162 0x8804  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:08:59.0177 0x8804  srvnet - ok
19:08:59.0177 0x8804  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:08:59.0193 0x8804  SSDPSRV - ok
19:08:59.0209 0x8804  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:08:59.0224 0x8804  SstpSvc - ok
19:08:59.0224 0x8804  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:08:59.0240 0x8804  ssudmdm - ok
19:08:59.0255 0x8804  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
19:08:59.0255 0x8804  ss_conn_service - ok
19:08:59.0287 0x8804  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:08:59.0302 0x8804  Stereo Service - ok
19:08:59.0302 0x8804  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:08:59.0302 0x8804  stexstor - ok
19:08:59.0318 0x8804  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:08:59.0333 0x8804  stisvc - ok
19:08:59.0333 0x8804  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:08:59.0349 0x8804  storflt - ok
19:08:59.0349 0x8804  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
19:08:59.0349 0x8804  StorSvc - ok
19:08:59.0349 0x8804  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:08:59.0365 0x8804  storvsc - ok
19:08:59.0365 0x8804  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:08:59.0365 0x8804  swenum - ok
19:08:59.0380 0x8804  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:08:59.0396 0x8804  swprv - ok
19:08:59.0505 0x8804  [ A6F60D621EE073CF785C24489CE0F9CD, 2A65274AAC78EFBF65E51A75A17B90C14D93675A5FE1305AAFBDDB5D1B083CEB ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
19:08:59.0614 0x8804  syncagentsrv - ok
19:08:59.0645 0x8804  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
19:08:59.0677 0x8804  SysMain - ok
19:08:59.0692 0x8804  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:59.0692 0x8804  TabletInputService - ok
19:08:59.0708 0x8804  [ 3E2DA88C79614DAAF5DFDD6827210BCF, DE7F4BF810DCC01E303E2AA18DB6DDB2931B2FCEC9B6722991B36D08843D9C8F ] tapipvanish     C:\Windows\system32\DRIVERS\tapipvanish.sys
19:08:59.0708 0x8804  tapipvanish - ok
19:08:59.0708 0x8804  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:08:59.0739 0x8804  TapiSrv - ok
19:08:59.0770 0x8804  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:08:59.0801 0x8804  Tcpip - ok
19:08:59.0833 0x8804  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:08:59.0864 0x8804  TCPIP6 - ok
19:08:59.0864 0x8804  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:08:59.0879 0x8804  tcpipreg - ok
19:08:59.0879 0x8804  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:08:59.0879 0x8804  TDPIPE - ok
19:08:59.0911 0x8804  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
19:08:59.0926 0x8804  tdrpman - ok
19:08:59.0942 0x8804  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:08:59.0942 0x8804  TDTCP - ok
19:08:59.0942 0x8804  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:08:59.0957 0x8804  tdx - ok
19:08:59.0957 0x8804  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:08:59.0973 0x8804  TermDD - ok
19:08:59.0973 0x8804  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:08:59.0989 0x8804  TermService - ok
19:09:00.0004 0x8804  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:09:00.0004 0x8804  Themes - ok
19:09:00.0004 0x8804  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:09:00.0035 0x8804  THREADORDER - ok
19:09:00.0051 0x8804  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
19:09:00.0067 0x8804  tib - ok
19:09:00.0082 0x8804  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
19:09:00.0082 0x8804  tib_mounter - ok
19:09:00.0082 0x8804  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:09:00.0113 0x8804  TrkWks - ok
19:09:00.0113 0x8804  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:09:00.0129 0x8804  TrustedInstaller - ok
19:09:00.0129 0x8804  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:09:00.0145 0x8804  tssecsrv - ok
19:09:00.0145 0x8804  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:09:00.0145 0x8804  TsUsbFlt - ok
19:09:00.0160 0x8804  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:09:00.0160 0x8804  TsUsbGD - ok
19:09:00.0160 0x8804  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:09:00.0176 0x8804  tunnel - ok
19:09:00.0191 0x8804  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\Windows\system32\DRIVERS\t_mouse.sys
19:09:00.0191 0x8804  t_mouse.sys - ok
19:09:00.0191 0x8804  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:09:00.0191 0x8804  uagp35 - ok
19:09:00.0207 0x8804  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:09:00.0223 0x8804  udfs - ok
19:09:00.0238 0x8804  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:09:00.0238 0x8804  UI0Detect - ok
19:09:00.0238 0x8804  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:09:00.0254 0x8804  uliagpkx - ok
19:09:00.0254 0x8804  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:09:00.0254 0x8804  umbus - ok
19:09:00.0254 0x8804  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:09:00.0269 0x8804  UmPass - ok
19:09:00.0269 0x8804  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:09:00.0285 0x8804  UmRdpService - ok
19:09:00.0285 0x8804  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:09:00.0316 0x8804  upnphost - ok
19:09:00.0316 0x8804  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:09:00.0332 0x8804  usbccgp - ok
19:09:00.0332 0x8804  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:09:00.0332 0x8804  usbcir - ok
19:09:00.0332 0x8804  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:09:00.0347 0x8804  usbehci - ok
19:09:00.0347 0x8804  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:09:00.0363 0x8804  usbhub - ok
19:09:00.0363 0x8804  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:09:00.0379 0x8804  usbohci - ok
19:09:00.0379 0x8804  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:09:00.0379 0x8804  usbprint - ok
19:09:00.0379 0x8804  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
19:09:00.0394 0x8804  usbscan - ok
19:09:00.0394 0x8804  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
19:09:00.0394 0x8804  usbser - ok
19:09:00.0410 0x8804  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:09:00.0410 0x8804  USBSTOR - ok
19:09:00.0410 0x8804  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:09:00.0425 0x8804  usbuhci - ok
19:09:00.0425 0x8804  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
19:09:00.0425 0x8804  usb_rndisx - ok
19:09:00.0425 0x8804  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:09:00.0457 0x8804  UxSms - ok
19:09:00.0457 0x8804  [ 7FB33A9A2E6B6D5CA9318668B95CA69C, 5B5CDF8BF4F2C2ADBAD2A92C554C369C6A428B7DE4FEF74FE9198058C3B864A3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:09:00.0457 0x8804  VaultSvc - ok
19:09:00.0457 0x8804  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:09:00.0472 0x8804  vdrvroot - ok
19:09:00.0472 0x8804  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:09:00.0503 0x8804  vds - ok
19:09:00.0503 0x8804  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:09:00.0519 0x8804  vga - ok
19:09:00.0519 0x8804  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:09:00.0535 0x8804  VgaSave - ok
19:09:00.0535 0x8804  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:09:00.0550 0x8804  vhdmp - ok
19:09:00.0550 0x8804  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:09:00.0550 0x8804  viaide - ok
19:09:00.0566 0x8804  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
19:09:00.0566 0x8804  vididr - ok
19:09:00.0566 0x8804  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
19:09:00.0581 0x8804  vidsflt - ok
19:09:00.0581 0x8804  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:09:00.0581 0x8804  vmbus - ok
19:09:00.0597 0x8804  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:09:00.0597 0x8804  VMBusHID - ok
19:09:00.0597 0x8804  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:09:00.0613 0x8804  volmgr - ok
19:09:00.0613 0x8804  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:09:00.0628 0x8804  volmgrx - ok
19:09:00.0628 0x8804  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:09:00.0644 0x8804  volsnap - ok
19:09:00.0644 0x8804  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:09:00.0659 0x8804  vsmraid - ok
19:09:00.0691 0x8804  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:09:00.0722 0x8804  VSS - ok
19:09:00.0737 0x8804  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:09:00.0737 0x8804  vwifibus - ok
19:09:00.0737 0x8804  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:09:00.0753 0x8804  vwififlt - ok
19:09:00.0753 0x8804  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:09:00.0784 0x8804  W32Time - ok
19:09:00.0784 0x8804  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:09:00.0800 0x8804  WacomPen - ok
19:09:00.0800 0x8804  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:09:00.0815 0x8804  WANARP - ok
19:09:00.0815 0x8804  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:09:00.0831 0x8804  Wanarpv6 - ok
19:09:00.0847 0x8804  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:09:00.0878 0x8804  WatAdminSvc - ok
19:09:00.0909 0x8804  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:09:00.0940 0x8804  wbengine - ok
19:09:00.0940 0x8804  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:09:00.0956 0x8804  WbioSrvc - ok
19:09:00.0956 0x8804  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:09:00.0971 0x8804  wcncsvc - ok
19:09:00.0971 0x8804  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:09:00.0987 0x8804  WcsPlugInService - ok
19:09:00.0987 0x8804  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:09:00.0987 0x8804  Wd - ok
19:09:01.0018 0x8804  [ B8003E1C12E6ABCC8B1E6F448C99FB8F, A0FECC2A1B4414FF86EA0A23C341E84E0711542B4E43B7FAB85C3609442B0589 ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
19:09:01.0034 0x8804  WDBackup - ok
19:09:01.0034 0x8804  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
19:09:01.0049 0x8804  WDC_SAM - ok
19:09:01.0049 0x8804  [ DF166352F6E356BFA33A66DD37A96AA7, 3993C22810A490281F74BF26210C9A868BF8E99A0CB090BA8E0250A5D2BC1EB2 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
19:09:01.0065 0x8804  WDDriveService - ok
19:09:01.0065 0x8804  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:09:01.0096 0x8804  Wdf01000 - ok
19:09:01.0096 0x8804  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:09:01.0096 0x8804  WdiServiceHost - ok
19:09:01.0112 0x8804  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:09:01.0112 0x8804  WdiSystemHost - ok
19:09:01.0112 0x8804  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
19:09:01.0127 0x8804  WebClient - ok
19:09:01.0127 0x8804  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:09:01.0159 0x8804  Wecsvc - ok
19:09:01.0159 0x8804  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:09:01.0174 0x8804  wercplsupport - ok
19:09:01.0174 0x8804  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:09:01.0205 0x8804  WerSvc - ok
19:09:01.0205 0x8804  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:09:01.0221 0x8804  WfpLwf - ok
19:09:01.0221 0x8804  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:09:01.0237 0x8804  WIMMount - ok
19:09:01.0237 0x8804  WinDefend - ok
19:09:01.0237 0x8804  WinHttpAutoProxySvc - ok
19:09:01.0237 0x8804  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:09:01.0268 0x8804  Winmgmt - ok
19:09:01.0299 0x8804  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:09:01.0330 0x8804  WinRM - ok
19:09:01.0346 0x8804  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:09:01.0346 0x8804  WinUsb - ok
19:09:01.0361 0x8804  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:09:01.0377 0x8804  Wlansvc - ok
19:09:01.0393 0x8804  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:09:01.0393 0x8804  WmiAcpi - ok
19:09:01.0393 0x8804  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:09:01.0408 0x8804  wmiApSrv - ok
19:09:01.0408 0x8804  WMPNetworkSvc - ok
19:09:01.0408 0x8804  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:09:01.0424 0x8804  WPCSvc - ok
19:09:01.0424 0x8804  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:09:01.0439 0x8804  WPDBusEnum - ok
19:09:01.0439 0x8804  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:09:01.0455 0x8804  ws2ifsl - ok
19:09:01.0455 0x8804  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:09:01.0471 0x8804  wscsvc - ok
19:09:01.0471 0x8804  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:09:01.0471 0x8804  WSDPrintDevice - ok
19:09:01.0517 0x8804  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:09:01.0564 0x8804  wuauserv - ok
19:09:01.0564 0x8804  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:09:01.0580 0x8804  WudfPf - ok
19:09:01.0580 0x8804  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:09:01.0595 0x8804  WUDFRd - ok
19:09:01.0595 0x8804  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:09:01.0595 0x8804  wudfsvc - ok
19:09:01.0611 0x8804  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:09:01.0627 0x8804  WwanSvc - ok
19:09:01.0627 0x8804  ================ Scan global ===============================
19:09:01.0627 0x8804  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:09:01.0627 0x8804  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
19:09:01.0642 0x8804  [ DE4812AB2E6926D0FF2423F3B774585A, 77604B47F2A91F77DDF778D8D362A0145636ED060596760ED55D76DD12E04B79 ] C:\Windows\system32\winsrv.dll
19:09:01.0642 0x8804  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:09:01.0658 0x8804  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:09:01.0658 0x8804  [ Global ] - ok
19:09:01.0658 0x8804  ================ Scan MBR ==================================
19:09:01.0658 0x8804  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:09:01.0689 0x8804  \Device\Harddisk0\DR0 - ok
19:09:01.0751 0x8804  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
19:09:01.0847 0x8804  \Device\Harddisk2\DR2 - ok
19:09:01.0847 0x8804  ================ Scan VBR ==================================
19:09:01.0847 0x8804  [ E51C5506206249A7FE5D967BED15B7D2 ] \Device\Harddisk0\DR0\Partition1
19:09:01.0847 0x8804  \Device\Harddisk0\DR0\Partition1 - ok
19:09:01.0847 0x8804  [ C23824FBBED55DFFA636EBEC2B2A745A ] \Device\Harddisk0\DR0\Partition2
19:09:01.0847 0x8804  \Device\Harddisk0\DR0\Partition2 - ok
19:09:01.0863 0x8804  [ 2A9C4D752244105BD31675C831D28D38 ] \Device\Harddisk0\DR0\Partition3
19:09:01.0863 0x8804  \Device\Harddisk0\DR0\Partition3 - ok
19:09:01.0863 0x8804  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk2\DR2\Partition1
19:09:01.0863 0x8804  \Device\Harddisk2\DR2\Partition1 - ok
19:09:01.0863 0x8804  ================ Scan generic autorun ======================
19:09:01.0987 0x8804  [ DB333A5F69B00A6B550901A5C854929F, 7CAB6D0D20CDE3AE41B06826C9045CC3E3438AB94BB3D9D5C0E50EEF3C41101F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:09:02.0097 0x8804  RTHDVCPL - ok
19:09:02.0143 0x8804  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:09:02.0190 0x8804  NvBackend - ok
19:09:02.0190 0x8804  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:09:02.0190 0x8804  ShadowPlay - ok
19:09:02.0221 0x8804  [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
19:09:02.0253 0x8804  itype - ok
19:09:02.0268 0x8804  [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
19:09:02.0268 0x8804  MouseDriver - ok
19:09:02.0315 0x8804  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
19:09:02.0362 0x8804  EvtMgr6 - ok
19:09:02.0377 0x8804  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:09:02.0377 0x8804  Logitech Download Assistant - ok
19:09:02.0393 0x8804  [ 62C16443C5997CD83DC382720F07C255, 89EFBCFADA01B431F4CC19AB2EFC5E56288A17BC9FB15A1209A0CBFE44B8D022 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
19:09:02.0393 0x8804  Acronis Scheduler2 Service - ok
19:09:02.0424 0x8804  [ BA973512967321769A17B5193703C229, 227DF8C8B6297271EE860B6813C7897B5EA7979B0279A9A0E8EA46689FFEF76B ] C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
19:09:02.0455 0x8804  GoPro Tray App - ok
19:09:02.0455 0x8804  [ 0436F64FD296BE331B3BB0CE446548BF, 53A8F8E58F451A7B030AE61E30DBB9BDFD5342046674177941A838B66D80FD70 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:09:02.0471 0x8804  USB3MON - ok
19:09:02.0471 0x8804  [ D287CE6BB173D1DA77DBB17CC8BA3284, 9BDBD6EBE24A24A8686374B7855856F261118F0BECE684461C46A42F482B09EB ] C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe
19:09:02.0471 0x8804  PivotSoftware - ok
19:09:02.0471 0x8804  [ 3E3CA4C25019AF2D05645E6294B94E8B, F82ACEA4689222A9BB2364B53DB007366850B9D49286D204172F6B6CB06BBE80 ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
19:09:02.0487 0x8804  DT ACR - ok
19:09:02.0487 0x8804  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
19:09:02.0487 0x8804  GrooveMonitor - ok
19:09:02.0518 0x8804  [ F16C54B6BD5A1E71DD5D0894F14EC632, 963667110CFFAECA624A69BD133947A0B7E5C9E4DC784D73C810ADEBD9BBDDFF ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
19:09:02.0549 0x8804  WD Drive Unlocker - ok
19:09:02.0627 0x8804  [ 44F7F1C8873201DE4F68389DD478A425, 04A0E29E697BD58719DF8EE3C904B336B1A5FDB21B867E7CF2C6F9BAE8AD0113 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
19:09:02.0721 0x8804  WD Quick View - ok
19:09:02.0721 0x8804  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
19:09:02.0736 0x8804  HP Software Update - ok
19:09:02.0752 0x8804  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:09:02.0767 0x8804  Sidebar - ok
19:09:02.0783 0x8804  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:09:02.0783 0x8804  mctadmin - ok
19:09:02.0799 0x8804  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:09:02.0830 0x8804  Sidebar - ok
19:09:02.0830 0x8804  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:09:02.0845 0x8804  mctadmin - ok
19:09:02.0877 0x8804  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
19:09:02.0892 0x8804  Sidebar - ok
19:09:02.0908 0x8804  [ 1A1A7B2542A67C7A7D166920C8C3D075, 5EC58EFB03367613685956D7F78BE2C8C3A8334B9247E19FABC4790239D330A6 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
19:09:02.0939 0x8804  KiesPDLR.exe - ok
19:09:02.0939 0x8804  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Markus Schmidt\AppData\Local\Microsoft\BingSvc\BingSvc.exe
19:09:02.0939 0x8804  BingSvc - ok
19:09:02.0955 0x8804  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\wmiav.exe ( 16.0.1.445 ), 0x41000 ( enabled : updated )
19:09:02.0955 0x8804  Win FW state via NFP2: enabled ( trusted )
19:09:05.0701 0x8804  ============================================================
19:09:05.0701 0x8804  Scan finished
19:09:05.0701 0x8804  ============================================================
19:09:05.0701 0x81fc  Detected object count: 0
19:09:05.0701 0x81fc  Actual detected object count: 0

M-K-D-B · 05.03.2017, 21:19

Servus,

tritt das Problem nur in Google Chrome auf?

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

sniper30 · 05.03.2017, 23:00

Hallo

Bedauerlicherweise trifft das Problem seit neueren auch beim Internet Explorer und bei
Firefox auf!

Code:

ATTFilter

# AdwCleaner v6.044 - Bericht erstellt am 05/03/2017 um 22:41:44
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-02.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Markus Schmidt - MARKUSSCHMIDT
# Gestartet von : H:\Google Downloads\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Program Files (x86)\myfree codec


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Schlüssel gelöscht: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Browser ] *****

[-] [C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: pbjikboenpfhbbejgkoklgkhjpfogcam


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2906 Bytes] - [05/03/2017 22:41:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2983 Bytes] - [05/03/2017 22:41:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3052 Bytes] ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 05.03.17
Scan-Zeit: 22:47
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1434
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: MarkusSchmidt\Markus Schmidt

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 379996
Abgelaufene Zeit: 1 Min., 14 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 5
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\73bc1bfa4fd48c73582778be246d70a2, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\de8b871f4f304de9ca6f52759bef7e33, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\USERS\MARKUS SCHMIDT\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1416], [375557],1.0.1434

Datei: 6
Adware.ChinAd, C:\USERS\MARKUS SCHMIDT\APPDATA\LOCAL\TEMP\DMR\PERFIRPLPQDJXBIS.DAT, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\73bc1bfa4fd48c73582778be246d70a2\aunplayer_beta_setup.exe, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\de8b871f4f304de9ca6f52759bef7e33\directx_Jun2010redist.exe, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\dmr_72.exe, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\kvfpjxiclormwpkz.dat, In Quarantäne, [1416], [375557],1.0.1434
Adware.ChinAd, C:\Users\Markus Schmidt\AppData\Local\Temp\DMR\kxobtgjpqaxmznpz.dat, In Quarantäne, [1416], [375557],1.0.1434

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 7 Professional x64 
Ran by Markus Schmidt (Administrator) on 05.03.2017 at 22:54:45,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 28 

Successfully deleted: C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\user.js (File) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Roaming\pdfforge (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI3B7U7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AX51WCTW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY3MCNVB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GQVNALVH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7OOE9MF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAX3YKGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3OYON4P (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Markus Schmidt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z80RQ5L4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI3B7U7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AX51WCTW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY3MCNVB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GQVNALVH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7OOE9MF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PAX3YKGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3OYON4P (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z80RQ5L4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\REN1DEC.tmp (File) 



Registry: 3 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2DFF3579-5AA7-45B9-9328-1D38EA230861} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.03.2017 at 22:56:13,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (05-03-2017 22:57:59)
Gestartet von C:\Users\Markus Schmidt\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-05-24 08:56:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-226601024-652546334-2670691330-500 - Administrator - Disabled)
Gast (S-1-5-21-226601024-652546334-2670691330-501 - Limited - Disabled)
Markus Schmidt (S-1-5-21-226601024-652546334-2670691330-1000 - Administrator - Enabled) => C:\Users\Markus Schmidt

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.37.007 - Portrait Displays, Inc.)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Alcatel PC Suite V7.0.58 (HKLM-x32\...\{93DB-0E9758B0D131_PCS_Alcatel_Union}_is1) (Version:  - Singularity Software Co., Ltd.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.2.4 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.4.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS PCE-AC68 WLAN Card Utilities/Driver (HKLM-x32\...\{39BD9681-D3B1-435C-A0C1-F87C68513401}) (Version: 2.0.8.8 - ASUS)
ASUS Product Register Program (HKLM-x32\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.022 - ASUSTek Computer Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
Brother P-touch Address Book 1.1 (HKLM-x32\...\{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.2200 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{AE95F9E3-5333-4CA9-BAAE-481F5AEDACBF}) (Version: 1.0.0050 - Brother Industries, Ltd.)
Brother QL-Series-N Software User's Guide (HKLM-x32\...\{FDAFD1DE-16D6-4169-94DA-2777038D3CA3}) (Version: 2.00.0000 - Brother Industries, Ltd.)
Canon SELPHY CP1200 (HKLM\...\Canon SELPHY CP1200) (Version: 1.1.0.1 - Canon INC.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVDVideoSoftFS version 6.5.1.514 (HKLM-x32\...\DVDVideoSoftFS_is1) (Version: 6.5.1.514 - DVDVideoSoft Ltd.)
EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.12.54500 - EPLAN Software & Service GmbH & Co. KG)
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version:  - Ubisoft)
FXOrder2GoRE (HKLM-x32\...\FXOrder2GoRE) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoPro (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.9.2733 - GoPro, Inc.) Hidden
GoPro TRADER (HKLM-x32\...\{30F9430B-7E39-4EB6-9FA8-B8CC16FF644A}_is1) (Version:  - Trading Search)
HP LaserJet 100 color MFP M175 (HKLM-x32\...\{965D0289-10E1-45ec-B11F-A60AC9AE8D4D}) (Version:  - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM175DSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI (HKLM-x32\...\{19542156-285B-458C-994D-2A21889001DF}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppLaserJetService (x32 Version: 002.015.00602 - Hewlett-Packard) Hidden
hppM175LaserJetService (x32 Version: 001.014.00480 - Hewlett-Packard) Hidden
InstanceFinder (x32 Version: 1.00.0001 - HP) Hidden
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.0.400 - Intel Corporation)
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Langenscheidt Vokabeltrainer 7.0 Englisch (HKLM-x32\...\{9C0A3479-7F61-427B-8A8C-A884759037BA}) (Version: 7.0.134 - Langenscheidt)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Firefox 43.0.1 (x86 de) (HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.7.1.6246 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}) (Version: 1.1.1 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SDK (x32 Version: 2.32.010 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
ToolboxProxy (x32 Version: 1.00.0001 - HP) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vokabeltrainer-Update 7.0.135 (HKLM-x32\...\{4C00A7C7-7223-4875-B1A7-B4350F452CDC}) (Version: 7.0.135 - Langenscheidt)
WD Drive Utilities (HKLM-x32\...\{C093AD5D-29E9-4777-AAAC-28C02FCC2A51}) (Version: 1.0.4.11 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{DEE2025E-D6C0-47E2-8657-AA57857FEEDA}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{FECF90E3-FDEA-4A87-8A06-2683388C69C4}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07792D2B-E32B-4E6C-93FD-AF6FE0F0684C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {19C59A2B-81A5-4A3A-B2AA-D6278D112F11} - System32\Tasks\PCEAC68WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe [2014-06-06] (ASUS)
Task: {1FDF1968-8D80-4DED-8E22-43BA1E9B536B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {25DCE529-6D5E-4537-940D-6B9983392F60} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {2DEB5B4F-1332-41D8-ABE3-A63BD62BCEA7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-06-21] (ASUSTek Computer Inc.)
Task: {3AC54D61-EF75-4380-A99C-0222C5FE17B4} - System32\Tasks\{636A74D8-476D-4592-B31F-78C1EBC8B198} => pcalua.exe -a C:\Users\MARKUS~1\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {3F840717-93D6-4733-BD29-216F4647C29E} - System32\Tasks\ASUS\i-Setup113021 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {54B8FDEB-51B0-4874-82F0-205BF004E2D7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6BA80107-62BF-47DE-BBE1-5DADF17EFC9A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {716050D6-F734-46E2-9CDA-13D81D7AC70B} - System32\Tasks\IPVanish => C:\Program Files\IPVanish\ElevateProcess.exe [2017-01-03] (IPVanish)
Task: {7A9DA35A-A0C0-4854-B492-C2A0629EC4B9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87920876-477B-42CB-A81A-681932DFA5F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {8C28B97C-2827-4716-9614-CB757E2A6842} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {92CD4531-51E4-4F2B-BDCA-C702713490B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ADE930F1-6A4C-4EA1-B3D9-B48B0844C0E2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D9A7A627-CB6D-4145-AB08-94A17283E460} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {DEBF80BC-AC6E-4C26-848B-329DD4BFCE94} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {E6B02DF2-CC55-4880-8C2C-3B5220E551CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {EDA6324C-820A-4CB3-AD36-CB29CD9B0F27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {FD932891-3F9E-4D1E-9AF7-31F4B55749EC} - System32\Tasks\{28780413-7A1B-4425-B171-AF7D44902511} => pcalua.exe -a "C:\Program Files (x86)\Vuze\uninstall.exe" -d "C:\Program Files (x86)\Vuze"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-24 10:21 - 2012-10-29 08:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-01 09:26 - 2013-10-01 09:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2016-05-11 23:39 - 2016-05-11 23:39 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2016-05-11 23:39 - 2016-05-11 23:39 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2015-05-24 10:21 - 2017-03-05 22:50 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2015-05-24 10:21 - 2012-05-07 17:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00028024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-11-22 12:06 - 2013-11-22 12:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Schmidt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.2.17.60 - 62.2.24.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2E190156-A7F7-4A3B-8B7D-0DBA80EA06E4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D2F39A9E-BFC9-489B-8CF9-4537D5B34D88}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-02-2017 11:05:52 Geplanter Prüfpunkt
20-02-2017 20:51:29 Geplanter Prüfpunkt
28-02-2017 19:17:14 Geplanter Prüfpunkt
04-03-2017 20:35:16 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:35:24 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:51:03 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.1.1043
05-03-2017 22:54:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2017 10:52:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 10:50:54 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (03/05/2017 10:50:54 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (03/05/2017 10:50:54 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (03/05/2017 10:44:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 10:42:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (03/05/2017 10:42:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (03/05/2017 10:42:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (03/05/2017 07:03:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 07:02:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).


Systemfehler:
=============
Error: (03/05/2017 10:54:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/05/2017 10:54:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/05/2017 10:54:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/05/2017 10:54:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 19:00:54.925
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 19:00:54.924
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8131.87 MB
Verfügbarer physikalischer RAM: 5894.65 MB
Summe virtueller Speicher: 16261.94 MB
Verfügbarer virtueller Speicher: 13741.19 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:300.55 GB) (Free:80.94 GB) NTFS
Drive e: (Assassin's Creed Rogue.iso) (CDROM) (Total:7.72 GB) (Free:0 GB) CDFS
Drive f: (My Passport) (Fixed) (Total:931.48 GB) (Free:285.11 GB) NTFS
Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:203.88 GB) NTFS
Drive h: (Download) (Fixed) (Total:146.48 GB) (Free:45.67 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: DD7670FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 80833F04)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 5CA849B9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (Administrator) auf MARKUSSCHMIDT (05-03-2017 22:57:47)
Gestartet von C:\Users\Markus Schmidt\Downloads
Geladene Profile: Markus Schmidt (Verfügbare Profile: Markus Schmidt)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT ACR] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2012-04-13] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [BingSvc] => C:\Users\Markus Schmidt\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-02] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {3fc4fd0e-01f2-11e5-bb6b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {5b075502-0204-11e5-aa78-60a44cb5eb50} - K:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2015-06-01]
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2015-06-01]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{3E6C80CD-E6AE-4596-897C-DDE713C28E4C}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{805896A9-C380-4A9A-8AF6-4D21E1DA3720}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{D538F023-BD1C-42A4-A4D7-BDD94817A54E}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.at/
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701 [2017-03-05]
FF Homepage: Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701 -> hxxp://www.google.at/
FF Extension: (AdBlocker Ultimate) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\adblockultimate@adblockultimate.net.xpi [2017-03-04]
FF Extension: (Ghostery) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\firefox@ghostery.com.xpi [2017-02-19]
FF Extension: (Malware Search) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi [2017-03-04]
FF Extension: (Adblock Plus) - C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\wtrmliof.default-1475175472701\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-05-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-07-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.at/
CHR StartupUrls: Default -> "hxxps://www.google.at/","hxxp://google.at/"
CHR DefaultSearchURL: Default -> hxxps://www.google.at/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default [2017-03-05]
CHR Extension: (No-Script Suite Lite) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2017-02-03]
CHR Extension: (Google Docs) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-05-29]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-27]
CHR Extension: (Ghostery) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-04]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-13] (Portrait Displays, Inc.)
S3 EPLAN Client Service; C:\Program Files\EPLAN\Common\EClientService.exe [776104 2016-01-22] (EPLAN Software & Service GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-05-24] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Datei ist nicht signiert]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-06-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-13] (Portrait Displays, Inc.)
R3 tapipvanish; C:\Windows\System32\DRIVERS\tapipvanish.sys [34520 2016-09-22] (The OpenVPN Project)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2016-07-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2016-07-10] (Acronis International GmbH)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2016-07-10] (Acronis International GmbH)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
S3 clwvd7; system32\DRIVERS\clwvd7.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-05 22:56 - 2017-03-05 22:56 - 00005409 _____ C:\Users\Markus Schmidt\Desktop\JRT.txt
2017-03-05 22:52 - 2017-03-05 22:52 - 00002832 _____ C:\Users\Markus Schmidt\Desktop\mbam.txt
2017-03-05 22:46 - 2017-03-05 22:50 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-05 22:46 - 2017-03-05 22:46 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-05 22:46 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-05 22:29 - 2017-03-05 22:41 - 00000000 ____D C:\AdwCleaner
2017-03-05 18:59 - 2017-03-05 19:09 - 00463590 _____ C:\TDSSKiller.3.1.0.12_05.03.2017_18.59.35_log.txt
2017-03-05 18:54 - 2017-03-05 22:57 - 00030382 _____ C:\Users\Markus Schmidt\Downloads\FRST.txt
2017-03-05 18:54 - 2017-03-05 18:54 - 00046324 _____ C:\Users\Markus Schmidt\Downloads\Addition.txt
2017-03-05 18:53 - 2017-03-05 18:53 - 00000000 ____D C:\Users\Markus Schmidt\Downloads\FRST-OlderVersion
2017-03-04 21:17 - 2017-03-05 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-04 20:49 - 2017-03-04 20:49 - 22851472 _____ (Malwarebytes ) C:\Users\Markus Schmidt\Downloads\mbam-setup-2.2.1.1043.exe
2017-03-04 20:39 - 2017-03-05 22:57 - 00000000 ____D C:\FRST
2017-03-04 20:39 - 2017-03-05 18:53 - 02423808 _____ (Farbar) C:\Users\Markus Schmidt\Downloads\FRST64.exe
2017-03-04 20:35 - 2017-03-04 20:35 - 00000637 _____ C:\Users\Markus
2017-03-04 20:33 - 2017-03-04 20:33 - 07097928 _____ (VS Revo Group ) C:\Users\Markus Schmidt\Downloads\revo202setup.exe
2017-03-04 20:33 - 2017-03-04 20:33 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-28 19:25 - 2017-02-28 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-26 13:58 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\.android
2017-02-26 13:57 - 2017-03-04 20:35 - 00000000 ____D C:\Program Files (x86)\Nox
2017-02-26 13:57 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\vmlogs
2017-02-26 13:57 - 2017-02-26 13:57 - 00000045 _____ C:\Users\Markus Schmidt\nuuid.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000041 _____ C:\Users\Markus Schmidt\inst.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000000 ____D C:\Users\Markus Schmidt\Nox_share
2017-02-26 13:49 - 2017-03-04 20:35 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\Nox
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-09 09:33 - 2017-02-09 09:33 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-09 09:33 - 2017-02-09 09:33 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 19:37 - 2017-02-07 19:37 - 00000000 ____D C:\Program Files (x86)\GUM32D4.tmp
2017-02-07 19:36 - 2017-02-07 19:36 - 00000000 ____D C:\Program Files (x86)\GUMC8AC.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-05 22:56 - 2011-04-12 08:43 - 00674610 _____ C:\Windows\system32\perfh007.dat
2017-03-05 22:56 - 2011-04-12 08:43 - 00139750 _____ C:\Windows\system32\perfc007.dat
2017-03-05 22:56 - 2009-07-14 06:13 - 01556210 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-05 22:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-05 22:51 - 2017-01-21 12:48 - 00061440 _____ C:\Windows\SysWOW64\servers.sqlite
2017-03-05 22:51 - 2015-05-24 12:26 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2017-03-05 22:50 - 2015-08-15 17:05 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-05 22:50 - 2015-05-24 11:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-05 22:50 - 2015-05-24 10:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-05 22:50 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 22:50 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-05 22:50 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-05 22:24 - 2015-08-15 17:05 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-05 22:03 - 2015-05-24 14:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-05 18:57 - 2015-05-27 22:55 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed Unity
2017-03-05 07:01 - 2015-05-24 14:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-05 00:07 - 2017-01-20 17:32 - 00000000 ____D C:\Program Files\IPVanish
2017-03-04 22:14 - 2015-09-10 08:51 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\vlc
2017-03-04 20:35 - 2015-05-24 09:56 - 00000000 ____D C:\Users\Markus Schmidt
2017-02-28 19:25 - 2015-08-15 17:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-26 13:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2017-02-22 19:00 - 2015-05-24 12:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-14 22:03 - 2015-05-24 14:29 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 22:03 - 2015-05-24 14:29 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 22:03 - 2015-05-24 14:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 22:03 - 2015-05-24 14:29 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-14 22:03 - 2015-05-24 12:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-11 23:41 - 2016-07-20 18:57 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\TradeMaster
2017-02-11 23:36 - 2016-02-19 19:27 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\GoPro
2017-02-10 20:12 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-09 20:22 - 2016-11-22 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 20:26 - 2016-12-31 15:41 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed III
2017-02-07 19:37 - 2015-05-24 12:14 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-07 19:37 - 2015-05-24 12:14 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-07 18:09 - 2015-05-24 12:14 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 18:09 - 2015-05-24 12:14 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk

Einige Dateien in TEMP:
====================
2016-07-10 12:52 - 2016-07-10 12:52 - 0610808 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BingSvc.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BSvcProcessor.exe
2016-04-02 19:30 - 2016-04-02 19:30 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\BSvcUpdater.exe
2015-06-25 20:19 - 2015-06-25 20:19 - 0467968 _____ (Realtek Semiconductor Corp.) C:\Users\Markus Schmidt\AppData\Local\Temp\COMAP.EXE
2015-12-12 14:23 - 2015-12-12 14:23 - 0071168 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4hqcsi.dll
2016-12-30 17:39 - 2016-12-30 20:14 - 0004608 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\i4jdel0.exe
2017-01-03 09:24 - 2017-01-03 09:24 - 0737856 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u111-windows-au.exe
2015-09-19 07:23 - 2015-09-19 07:23 - 0585824 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u60-windows-au.exe
2016-01-02 16:09 - 2016-01-02 16:09 - 0585824 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-01 07:27 - 2016-05-01 07:27 - 0739904 _____ (Oracle Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\jre-8u91-windows-au.exe
2015-05-29 21:42 - 2014-03-24 23:55 - 0099096 _____ () C:\Users\Markus Schmidt\AppData\Local\Temp\LMkRstPt.exe
2015-05-24 15:21 - 2015-05-12 03:36 - 0702192 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVisionIePlugin.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0793016 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0582384 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreaming.dll
2015-05-24 15:21 - 2015-05-12 03:36 - 0643976 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreaming64.dll
2015-05-24 15:21 - 2015-05-12 03:35 - 0619976 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
2015-05-24 15:21 - 2015-05-12 03:35 - 0694672 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
2013-06-21 04:16 - 2015-05-12 03:34 - 1168800 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvSCPAPI.dll
2015-05-24 15:21 - 2015-05-12 03:34 - 0410768 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvSCPAPISvr.exe
2015-05-24 15:05 - 2015-05-12 03:34 - 0789648 _____ (NVIDIA Corporation) C:\Users\Markus Schmidt\AppData\Local\Temp\nvStInst.exe
2015-05-25 08:01 - 2015-05-25 08:35 - 924352784 _____ (Ubisoft) C:\Users\Markus Schmidt\AppData\Local\Temp\ubiAE39.tmp.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-04 16:29

==================== Ende von FRST.txt ============================

M-K-D-B · 06.03.2017, 15:28

Servus,

diese IP (62.2.24.158) zeigt in die Schweiz, du/dein Anbieter komm(s)t von dort?

Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

CHR:::
Setze Google Chrome nach dieser Anleitung zurück.

sniper30 · 06.03.2017, 19:59

Servus

Frage vorweg, was geht aus den Log Daten hervor und was könnte jemand damit Anfangen?
Zudem wurde bereits etwas gefunden was nicht sein sollte und was geschieht mit den Logdaten die ich bis jetzt gepostet habe?

Der Anbieter kommt aus der Schweiz, ja.

Das Zurücksetzten hätte ich schon einmal probiert, hatte nicht wirklich einen Erfolg.

M-K-D-B · 06.03.2017, 20:35

Servus,

Zitat:

Zitat von sniper30

Frage vorweg, was geht aus den Log Daten hervor und was könnte jemand damit Anfangen?

... dass AdwCleaner und MBAM ein wenig unerwünschte Software bzw. Adware entfernt haben
... ich des Weiteren sonst keine Anzeichen einer Infektioin gesehen habe
... niemand etwas mit den Logdateien von dir anfangen könnte (ganz abgesehen davon, dass es niemanden interessiert... außer mich, weil ich dir helfen möchte)

Zitat:

Zitat von sniper30

Zudem wurde bereits etwas gefunden was nicht sein sollte und was geschieht mit den Logdaten die ich bis jetzt gepostet habe?

Was meinst du mit es wurde "etwas gefunden was nicht sein sollte" ?
Was soll mit den Logdateien passieren?

Zitat:

Zitat von sniper30

Das Zurücksetzten hätte ich schon einmal probiert, hatte nicht wirklich einen Erfolg.

Hast du es nochmal gemacht?

Wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

sniper30 · 06.03.2017, 23:07

Gefunden was nicht sein sollte, wie z.B. Malware usw

Kann man sehen welche Software entfernt wurde und gibt es einen Schutz für die Zukunft um das zu verhindern?

Kann es sein das eine Datei oder ähnliches Entfernt wurde was für meinen ASUS Treiber wichtig ist, hätte beim Windows start eine Fehlermeldung erhalten.

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (06-03-2017 21:22:17) Run:1
Gestartet von C:\Users\Markus Schmidt\Downloads
Geladene Profile: Markus Schmidt (Verfügbare Profile: Markus Schmidt)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-226601024-652546334-2670691330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-226601024-652546334-2670691330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75891915 B
Java, Flash, Steam htmlcache => 1528 B
Windows/system/drivers => 94139611 B
Edge => 0 B
Chrome => 174750070 B
Firefox => 12229650 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18765476 B
systemprofile32 => 65960 B
LocalService => 157927242 B
NetworkService => 86070 B
Markus Schmidt => 3730500201 B
UpdatusUser => 0 B

RecycleBin => 2599443 B
EmptyTemp: => 4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:22:24 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c00ab871afc5949b139de3a7c4a616c
# end=init
# utc_time=2017-03-06 08:33:55
# local_time=2017-03-06 09:33:55 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 32625
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6c00ab871afc5949b139de3a7c4a616c
# end=updated
# utc_time=2017-03-06 08:36:28
# local_time=2017-03-06 09:36:28 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6c00ab871afc5949b139de3a7c4a616c
# engine=32625
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-06 09:32:49
# local_time=2017-03-06 10:32:49 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1310 16777213 100 100 4165 53054621 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 925146 240465819 0 0
# scanned=323918
# found=3
# cleaned=3
# scan_time=3381
sh=6FA1B85BCCC6DEC69AC7F1FE5EA5ACAA02C1342F ft=1 fh=9e395246a35305c0 vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\Markus Schmidt\Downloads\DirectX - CHIP-Installer.exe"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="G:\netz & div\FreeYouTubeToMP3Converter31126.exe"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="G:\Neuer Ordner\netz & div\FreeYouTubeToMP3Converter31126.exe"

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : MARKUSSCHMIDT
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : MarkusSchmidt\Markus Schmidt
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-06 22:51:45
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 51s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 3

   Objects scanned . . . : 1.667.157
   Files scanned . . . . : 22.994
   Remnants scanned  . . : 326.502 files / 1.317.661 keys

Suspicious files ____________________________________________________________

   C:\Users\Markus Schmidt\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.423.296 bytes
      Age  . . . . . . . : 2.1 days (2017-03-04 20:39:11)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EB50DCC525D3D509738006F1BC09E5C38D2CBE4DD1C9F3DD53EB8CA3A0C4B117
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Markus Schmidt\Downloads\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 1.2 days (2017-03-05 18:53:30)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D3F6B73F9517C1058A870B3411AF3A7DDA50A94B76ED0A29D0EF7E55601BCA04
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-226601024-652546334-2670691330-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Markus Schmidt\Downloads\FRST64.exe
      Forensic Cluster
          0.0s C:\Users\Markus Schmidt\Downloads\FRST64.exe
          1.2s C:\Users\Markus Schmidt\Downloads\FRST-OlderVersion\

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (Administrator) auf MARKUSSCHMIDT (06-03-2017 22:58:12)
Gestartet von C:\Users\Markus Schmidt\Downloads
Geladene Profile: Markus Schmidt (Verfügbare Profile: Markus Schmidt)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(ASUS) C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT ACR] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121648 2012-04-13] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Run: [BingSvc] => C:\Users\Markus Schmidt\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-02] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {3fc4fd0e-01f2-11e5-bb6b-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\MountPoints2: {5b075502-0204-11e5-aa78-60a44cb5eb50} - K:\Autorun.exe
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk [2015-06-01]
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2015-06-01]
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{3E6C80CD-E6AE-4596-897C-DDE713C28E4C}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{805896A9-C380-4A9A-8AF6-4D21E1DA3720}: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{D538F023-BD1C-42A4-A4D7-BDD94817A54E}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-226601024-652546334-2670691330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.at/
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Markus Schmidt\AppData\Roaming\Mozilla\Firefox\Profiles\ikg0ajgp.default-1488830580066 [2017-03-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-05-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-07-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.at/
CHR StartupUrls: Default -> "hxxps://www.google.at/","hxxp://google.at/"
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default [2017-03-06]
CHR Extension: (No-Script Suite Lite) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2017-02-03]
CHR Extension: (Google Docs) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-05-29]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-27]
CHR Extension: (Ghostery) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR Profile: C:\Users\Markus Schmidt\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-06]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-13] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-13] (Portrait Displays, Inc.)
S3 EPLAN Client Service; C:\Program Files\EPLAN\Common\EClientService.exe [776104 2016-01-22] (EPLAN Software & Service GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-05-24] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] ()
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Datei ist nicht signiert]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236432 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-06-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-13] (Portrait Displays, Inc.)
R3 tapipvanish; C:\Windows\System32\DRIVERS\tapipvanish.sys [34520 2016-09-22] (The OpenVPN Project)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2016-07-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2016-07-10] (Acronis International GmbH)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2016-07-10] (Acronis International GmbH)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
S3 clwvd7; system32\DRIVERS\clwvd7.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-06 22:49 - 2017-03-06 22:50 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-06 21:33 - 2017-03-06 21:33 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-06 21:22 - 2017-03-06 21:22 - 00002374 _____ C:\Users\Markus Schmidt\Downloads\Fixlog.txt
2017-03-05 23:01 - 2017-03-05 23:01 - 00000000 ____D C:\Users\Markus Schmidt\Desktop\Malware
2017-03-05 22:46 - 2017-03-05 22:50 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-05 22:46 - 2017-03-05 22:46 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-05 22:46 - 2017-03-05 22:46 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-05 22:46 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-05 22:29 - 2017-03-05 22:41 - 00000000 ____D C:\AdwCleaner
2017-03-05 18:59 - 2017-03-05 19:09 - 00463590 _____ C:\TDSSKiller.3.1.0.12_05.03.2017_18.59.35_log.txt
2017-03-05 18:54 - 2017-03-06 22:58 - 00032265 _____ C:\Users\Markus Schmidt\Downloads\FRST.txt
2017-03-05 18:54 - 2017-03-05 22:58 - 00036228 _____ C:\Users\Markus Schmidt\Downloads\Addition.txt
2017-03-05 18:53 - 2017-03-05 18:53 - 00000000 ____D C:\Users\Markus Schmidt\Downloads\FRST-OlderVersion
2017-03-04 21:17 - 2017-03-05 00:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-04 20:49 - 2017-03-04 20:49 - 22851472 _____ (Malwarebytes ) C:\Users\Markus Schmidt\Downloads\mbam-setup-2.2.1.1043.exe
2017-03-04 20:39 - 2017-03-06 22:58 - 00000000 ____D C:\FRST
2017-03-04 20:39 - 2017-03-05 18:53 - 02423808 _____ (Farbar) C:\Users\Markus Schmidt\Downloads\FRST64.exe
2017-03-04 20:35 - 2017-03-04 20:35 - 00000637 _____ C:\Users\Markus
2017-03-04 20:33 - 2017-03-04 20:33 - 07097928 _____ (VS Revo Group ) C:\Users\Markus Schmidt\Downloads\revo202setup.exe
2017-03-04 20:33 - 2017-03-04 20:33 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-03-04 20:33 - 2017-03-04 20:33 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-28 19:25 - 2017-02-28 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-26 13:58 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\.android
2017-02-26 13:57 - 2017-03-04 20:35 - 00000000 ____D C:\Program Files (x86)\Nox
2017-02-26 13:57 - 2017-02-26 14:06 - 00000000 ____D C:\Users\Markus Schmidt\vmlogs
2017-02-26 13:57 - 2017-02-26 13:57 - 00000045 _____ C:\Users\Markus Schmidt\nuuid.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000041 _____ C:\Users\Markus Schmidt\inst.ini
2017-02-26 13:57 - 2017-02-26 13:57 - 00000000 ____D C:\Users\Markus Schmidt\Nox_share
2017-02-26 13:49 - 2017-03-04 20:35 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\Nox
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-09 09:33 - 2017-02-09 09:33 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-09 09:33 - 2017-02-09 09:33 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 19:37 - 2017-02-07 19:37 - 00000000 ____D C:\Program Files (x86)\GUM32D4.tmp
2017-02-07 19:36 - 2017-02-07 19:36 - 00000000 ____D C:\Program Files (x86)\GUMC8AC.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-06 22:49 - 2015-05-24 10:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-06 22:36 - 2015-09-10 08:51 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\vlc
2017-03-06 22:24 - 2015-08-15 17:05 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-06 22:03 - 2015-05-24 14:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-06 21:31 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-06 21:31 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-06 21:29 - 2011-04-12 08:43 - 00674610 _____ C:\Windows\system32\perfh007.dat
2017-03-06 21:29 - 2011-04-12 08:43 - 00139750 _____ C:\Windows\system32\perfc007.dat
2017-03-06 21:29 - 2009-07-14 06:13 - 01556210 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-06 21:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-06 21:24 - 2017-01-21 12:48 - 00061440 _____ C:\Windows\SysWOW64\servers.sqlite
2017-03-06 21:23 - 2015-08-15 17:05 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-06 21:23 - 2015-05-24 12:26 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2017-03-06 21:23 - 2015-05-24 11:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 21:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-06 21:03 - 2016-09-29 19:57 - 00000000 ____D C:\Users\Markus Schmidt\Desktop\Alte Firefox-Daten
2017-03-06 18:57 - 2015-05-27 22:55 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed Unity
2017-03-06 18:45 - 2017-01-20 17:32 - 00000000 ____D C:\Program Files\IPVanish
2017-03-05 07:01 - 2015-05-24 14:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-04 20:35 - 2015-05-24 09:56 - 00000000 ____D C:\Users\Markus Schmidt
2017-02-28 19:25 - 2015-08-15 17:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-26 13:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2017-02-22 19:00 - 2015-05-24 12:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-14 22:03 - 2015-05-24 14:29 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 22:03 - 2015-05-24 14:29 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 22:03 - 2015-05-24 14:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 22:03 - 2015-05-24 14:29 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-14 22:03 - 2015-05-24 12:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-11 23:41 - 2016-07-20 18:57 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Roaming\TradeMaster
2017-02-11 23:36 - 2016-02-19 19:27 - 00000000 ____D C:\Users\Markus Schmidt\AppData\Local\GoPro
2017-02-10 20:12 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-09 20:22 - 2016-11-22 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 20:26 - 2016-12-31 15:41 - 00000000 ____D C:\Users\Markus Schmidt\Documents\Assassin's Creed III
2017-02-07 19:37 - 2015-05-24 12:14 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-07 19:37 - 2015-05-24 12:14 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-07 18:09 - 2015-05-24 12:14 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 18:09 - 2015-05-24 12:14 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-04 16:29

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Markus Schmidt (06-03-2017 22:58:24)
Gestartet von C:\Users\Markus Schmidt\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-05-24 08:56:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-226601024-652546334-2670691330-500 - Administrator - Disabled)
Gast (S-1-5-21-226601024-652546334-2670691330-501 - Limited - Disabled)
Markus Schmidt (S-1-5-21-226601024-652546334-2670691330-1000 - Administrator - Enabled) => C:\Users\Markus Schmidt

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.37.007 - Portrait Displays, Inc.)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Alcatel PC Suite V7.0.58 (HKLM-x32\...\{93DB-0E9758B0D131_PCS_Alcatel_Union}_is1) (Version:  - Singularity Software Co., Ltd.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.2.4 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.4.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS PCE-AC68 WLAN Card Utilities/Driver (HKLM-x32\...\{39BD9681-D3B1-435C-A0C1-F87C68513401}) (Version: 2.0.8.8 - ASUS)
ASUS Product Register Program (HKLM-x32\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.022 - ASUSTek Computer Inc.)
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
Brother P-touch Address Book 1.1 (HKLM-x32\...\{B2023017-DEE4-44F7-8A71-CA6084BF534C}) (Version: 1.1.2200 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{AE95F9E3-5333-4CA9-BAAE-481F5AEDACBF}) (Version: 1.0.0050 - Brother Industries, Ltd.)
Brother QL-Series-N Software User's Guide (HKLM-x32\...\{FDAFD1DE-16D6-4169-94DA-2777038D3CA3}) (Version: 2.00.0000 - Brother Industries, Ltd.)
Canon SELPHY CP1200 (HKLM\...\Canon SELPHY CP1200) (Version: 1.1.0.1 - Canon INC.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DVDVideoSoftFS version 6.5.1.514 (HKLM-x32\...\DVDVideoSoftFS_is1) (Version: 6.5.1.514 - DVDVideoSoft Ltd.)
EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.12.54500 - EPLAN Software & Service GmbH & Co. KG)
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version:  - Ubisoft)
FXOrder2GoRE (HKLM-x32\...\FXOrder2GoRE) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoPro (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (x32 Version: 5.9.2733 - GoPro, Inc.) Hidden
GoPro TRADER (HKLM-x32\...\{30F9430B-7E39-4EB6-9FA8-B8CC16FF644A}_is1) (Version:  - Trading Search)
HP LaserJet 100 color MFP M175 (HKLM-x32\...\{965D0289-10E1-45ec-B11F-A60AC9AE8D4D}) (Version:  - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM175DSService (x32 Version: 001.001.05133 - Hewlett-Packard) Hidden
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI (HKLM-x32\...\{19542156-285B-458C-994D-2A21889001DF}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppLaserJetService (x32 Version: 002.015.00602 - Hewlett-Packard) Hidden
hppM175LaserJetService (x32 Version: 001.014.00480 - Hewlett-Packard) Hidden
InstanceFinder (x32 Version: 1.00.0001 - HP) Hidden
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.0.400 - Intel Corporation)
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Langenscheidt Vokabeltrainer 7.0 Englisch (HKLM-x32\...\{9C0A3479-7F61-427B-8A8C-A884759037BA}) (Version: 7.0.134 - Langenscheidt)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Firefox 43.0.1 (x86 de) (HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.7.1.6246 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}) (Version: 1.1.1 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SDK (x32 Version: 2.32.010 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version:  - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
ToolboxProxy (x32 Version: 1.00.0001 - HP) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vokabeltrainer-Update 7.0.135 (HKLM-x32\...\{4C00A7C7-7223-4875-B1A7-B4350F452CDC}) (Version: 7.0.135 - Langenscheidt)
WD Drive Utilities (HKLM-x32\...\{C093AD5D-29E9-4777-AAAC-28C02FCC2A51}) (Version: 1.0.4.11 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{DEE2025E-D6C0-47E2-8657-AA57857FEEDA}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{FECF90E3-FDEA-4A87-8A06-2683388C69C4}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-226601024-652546334-2670691330-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07792D2B-E32B-4E6C-93FD-AF6FE0F0684C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {19C59A2B-81A5-4A3A-B2AA-D6278D112F11} - System32\Tasks\PCEAC68WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC68 WLAN Card Utilities\WlanMgr.exe [2014-06-06] (ASUS)
Task: {1FDF1968-8D80-4DED-8E22-43BA1E9B536B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {25DCE529-6D5E-4537-940D-6B9983392F60} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {2DEB5B4F-1332-41D8-ABE3-A63BD62BCEA7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-06-21] (ASUSTek Computer Inc.)
Task: {3AC54D61-EF75-4380-A99C-0222C5FE17B4} - System32\Tasks\{636A74D8-476D-4592-B31F-78C1EBC8B198} => pcalua.exe -a C:\Users\MARKUS~1\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {3F840717-93D6-4733-BD29-216F4647C29E} - System32\Tasks\ASUS\i-Setup113021 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {54B8FDEB-51B0-4874-82F0-205BF004E2D7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6BA80107-62BF-47DE-BBE1-5DADF17EFC9A} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {716050D6-F734-46E2-9CDA-13D81D7AC70B} - System32\Tasks\IPVanish => C:\Program Files\IPVanish\ElevateProcess.exe [2017-01-03] (IPVanish)
Task: {7A9DA35A-A0C0-4854-B492-C2A0629EC4B9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87920876-477B-42CB-A81A-681932DFA5F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {8C28B97C-2827-4716-9614-CB757E2A6842} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {92CD4531-51E4-4F2B-BDCA-C702713490B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ADE930F1-6A4C-4EA1-B3D9-B48B0844C0E2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D9A7A627-CB6D-4145-AB08-94A17283E460} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {DEBF80BC-AC6E-4C26-848B-329DD4BFCE94} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-13] (Dropbox, Inc.)
Task: {E6B02DF2-CC55-4880-8C2C-3B5220E551CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {EDA6324C-820A-4CB3-AD36-CB29CD9B0F27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08] (Google Inc.)
Task: {FD932891-3F9E-4D1E-9AF7-31F4B55749EC} - System32\Tasks\{28780413-7A1B-4425-B171-AF7D44902511} => pcalua.exe -a "C:\Program Files (x86)\Vuze\uninstall.exe" -d "C:\Program Files (x86)\Vuze"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-24 11:51 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-24 10:21 - 2012-10-29 08:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-01 09:26 - 2013-10-01 09:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2015-06-01 16:25 - 2006-12-11 01:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-05-11 23:39 - 2016-05-11 23:39 - 01088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2015-05-24 11:59 - 2010-05-13 15:34 - 00674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2015-05-24 11:59 - 2010-05-13 15:34 - 00711792 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2016-05-11 23:39 - 2016-05-11 23:39 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2015-05-24 10:21 - 2017-03-06 21:23 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2015-05-24 10:21 - 2012-05-07 17:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
2015-05-24 12:42 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00028024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 18:09 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2013-11-22 12:06 - 2013-11-22 12:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 14:56 - 2015-04-13 14:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 01549248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00363456 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00772544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00702400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-226601024-652546334-2670691330-1000\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-226601024-652546334-2670691330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Schmidt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.2.17.60 - 62.2.24.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2E190156-A7F7-4A3B-8B7D-0DBA80EA06E4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D2F39A9E-BFC9-489B-8CF9-4537D5B34D88}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-02-2017 11:05:52 Geplanter Prüfpunkt
20-02-2017 20:51:29 Geplanter Prüfpunkt
28-02-2017 19:17:14 Geplanter Prüfpunkt
04-03-2017 20:35:16 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:35:24 Revo Uninstaller's restore point - Nox APP Player
04-03-2017 20:51:03 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.1.1043
05-03-2017 22:54:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/06/2017 10:50:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Google Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/06/2017 10:43:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/06/2017 09:31:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "H:\Google Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/06/2017 09:25:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/06/2017 09:23:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (03/06/2017 09:23:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (03/06/2017 09:23:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (03/06/2017 06:33:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 10:52:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/05/2017 10:50:54 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).


Systemfehler:
=============
Error: (03/06/2017 10:58:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (03/06/2017 10:58:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 00:30:25.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 19:00:54.925
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 19:00:54.924
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-24 12:28:57.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8131.87 MB
Verfügbarer physikalischer RAM: 4612.65 MB
Summe virtueller Speicher: 16261.94 MB
Verfügbarer virtueller Speicher: 11836.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:300.55 GB) (Free:82.9 GB) NTFS
Drive e: (Assassin's Creed Rogue.iso) (CDROM) (Total:7.72 GB) (Free:0 GB) CDFS
Drive f: (My Passport) (Fixed) (Total:931.48 GB) (Free:285.11 GB) NTFS
Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:203.94 GB) NTFS
Drive h: (Download) (Fixed) (Total:146.48 GB) (Free:45.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: DD7670FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 80833F04)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 5CA849B9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Frage:

Wenn ich nun durch das dass alles Entfernt wurde, zum Test auf Kinox.to gehe und einen Film Starten würde, müsste im Grunde das Fenster wieder kommen wo eine Frage gestellt wird und es dürften keine Popup Fenster mehr kommen??

Gibt es eine Software die solche Fehler vorbeugt.

M-K-D-B · 07.03.2017, 16:18

Servus,

Zitat:

Gefunden was nicht sein sollte, wie z.B. Malware usw

wie gesagt, etwas Adware und unerwünschte Software. Für mich zählt Adware (Werbesoftware) bereits zu Malware, also ja.

Aktuell sehe ich allerdings nichts mehr in den Logdateien.

Zitat:

Kann man sehen welche Software entfernt wurde und gibt es einen Schutz für die Zukunft um das zu verhindern?

Die Logateien listen alles auf, das entfernt wurde.

Zitat:

Kann es sein das eine Datei oder ähnliches Entfernt wurde was für meinen ASUS Treiber wichtig ist, hätte beim Windows start eine Fehlermeldung erhalten.

Ist mir nichts bewusst/bekannt. Welche Fehlermeldung erscheint denn? Wie lautet sie? Kannst du einen Screenshot davon machen?

Zitat:

Wenn ich nun durch das dass alles Entfernt wurde, zum Test auf Kinox.to gehe und einen Film Starten würde, müsste im Grunde das Fenster wieder kommen wo eine Frage gestellt wird und es dürften keine Popup Fenster mehr kommen??

Schwer zu sagen, normalerweise nicht. In meinem Eingangspost habe ich bereits auf Gefahren von kinox.to & Co hingewiesen.

Zitat:

Gibt es eine Software die solche Fehler vorbeugt.

Von welchen Fehlern sprichst du? Es gibt keine Software, die 100%igen Schutz bietet, wenn du das meinst. Jeder, der etwas anderes behauptet, will nur etwas verkaufen oder hat keine Ahnung von Malware.

Zitat:

CHIP-Installer.exe

Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

sniper30 · 07.03.2017, 22:32

Servus Matthias

Von den Problemen würde ich nichts merken, wie vorher, jedoch habe ich den Test auf
Kinox.to gemacht und leider öffnet es nach wie vor die Popup Fenster, trotz Adblock und Ghostery, was etwas merkwürdig ist für mich.

Zudem kommt eben von Asus noch die Fehlermeldung, dass eine Log Datei nicht gefunden wird und eine Datei mit meinem Namen und wie ich diese öffnen möchte.

Leider kann ich hier kein Bild einfügen, leider nur mit URL, diese habe ich nicht.
Könnte ich anders ein Bild hochladen im Forum?

Den Installer hätte ich nicht bewusst installiert, aber gut wenn der weg ist.

Auch erscheint bei Youtube in den Videos wieder eine Google Werbung, welche bedauerlicherweise vorher nicht war, bevor ich den Sch**** Klick getätigt habe.

Bin mir auch nicht sicher ob Google oder Youtube hier nicht etwas umgestellt hat, das
Adblock dies nicht mehr blockieren kann.

Gerade eben Probiert, selbst im Firefox erscheint ein Popup, obwohl Adblock und Ghostery und selbst im Firefox in den Einstellungen Pop Up Fenster nicht erlaubt werden, öffnet sich ein Fenster?

Hättet Ihr hier einen Rat für mich um dieses Problem zu beheben?

M-K-D-B · 08.03.2017, 15:08

Servus,

Du kannst mir Bilder als Anhang hochladen, am Besten in ein .zip Archiv packen.

Dann kann ich mir die Meldung von ASUS ansehen sowie die Werbung in Youtube, von der du sprichst.

sniper30 · 09.03.2017, 22:11

Im Anhang siehst du die Werbungen von Youtube welche vorher nicht mehr da waren

08.03.2017, 15:08	#14
M-K-D-B /// TB-Ausbilder	versehentlich Kinox.To popup Fenster mit Ja bestätigt Servus, Du kannst mir Bilder als Anhang hochladen, am Besten in ein .zip Archiv packen. Dann kann ich mir die Meldung von ASUS ansehen sowie die Werbung in Youtube, von der du sprichst.

versehentlich Kinox.To popup Fenster mit Ja bestätigt

Plagegeister aller Art und deren Bekämpfung: versehentlich Kinox.To popup Fenster mit Ja bestätigt