Trojaner-Board - nova.rambler.ru nicht entfernbar

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - nova.rambler.ru nicht entfernbar (https://www.trojaner-board.de/184123-nova-rambler-ru-entfernbar.html)

nova.rambler.ru nicht entfernbar

Moin, habe vor zwei Tagen festgestellt, dass sich wohl ein nova.rambler.ru auf meinen PC eingeschlichen hat. Bekomme diesen nun nicht mehr los. Wie löse ich das Problem?
LG.

Hallo und :hallo:

+++ WICHTIGER HINWEIS +++

Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Habe Malwarebytes mal gestartet, den Log allerdings nicht gespeichert, geändert hat es an der Situation zumindest nichts. Starte nun mit deinem vorgeschlagenen Programm. :)
LG.

Log wirde automatisch gespeichert. Einfach im Verlauf nachsehen. Es wurde extra eine Anleitung dazu verlinkt. Also bitte alles lesen.

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 26.01.2017

Suchlaufzeit: 07:19

Protokolldatei: malwarebytes-26.01.2017.txt

Administrator: Ja
 

Version: 0.0.0.0000

Malware-Datenbank: v2017.01.26.01

Rootkit-Datenbank: v2016.11.20.01

Lizenz: Testversion

Malware-Schutz: Aktiviert

Schutz vor bösartigen Websites: Aktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: Phil
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 341083

Abgelaufene Zeit: 22 Min., 46 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 0

(keine bösartigen Elemente erkannt)
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01

durchgeführt von Phil (Administrator) auf SUPERPARCHITA (26-01-2017 13:12:04)

Gestartet von C:\Users\Phil\Downloads

Geladene Profile: Phil (Verfügbare Profile: Phil)

Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

() C:\Program Files (x86)\AdBlocker\AdBlockerService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe

(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe

(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe

(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Program Files\CyberLink\Shared files\RichVideo64.exe

(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

(Realtek semiconductor) C:\Windows\RTFTrack.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe

(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe

(Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

(Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\SpotifyCrashService.exe

(BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe

(BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe

(Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

(Spotify Ltd) C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Oracle Corporation) C:\Users\Phil\Knuddels-Stapp\CommonFiles\Java\bin\javaw.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)

HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-03-20] (Lenovo(beijing) Limited)

HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-03-20] (Lenovo(beijing) Limited)

HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10149712 2016-05-23] (Visicom Media Inc.)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Chromium] => "c:\users\phil\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Spotify Web Helper] => C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-24] (Spotify Ltd)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [uTorrent] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-20] (BitTorrent Inc.)

HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Run: [Spotify] => C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-24] (Spotify Ltd)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-08] (AVAST Software)

Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-26]

ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

CHR HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\Parameters: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{86C15C86-7EC0-4D3A-A5FD-C011E82E301B}: [DhcpNameServer] 82.163.143.171

Tcpip\..\Interfaces\{8E3FA1BE-487E-4631-89B7-ED56BF5B16E6}: [DhcpNameServer] 82.163.143.171

Tcpip\..\Interfaces\{9361F888-A3BA-4570-A873-C07129A8821B}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{BA94C931-D33F-4259-A23E-145E0B5E84CF}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{E0F197DE-4865-44F9-BFE2-68F883018A48}: [DhcpNameServer] 82.163.143.171

ManualProxies: 
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-8c9195fb

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-8c9195fb

HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131231474506803804&GUID=C2F51A81-B0EE-4A6A-81B0-0369F623F0DC

HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB

SearchScopes: HKLM -> DefaultScope {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {45199D14-1E6D-4B2F-8313-A1FAB8D25BCD} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

SearchScopes: HKU\S-1-5-21-18176717-516900863-2037645015-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

SearchScopes: HKU\S-1-5-21-18176717-516900863-2037645015-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-8c9195fb&q={searchTerms}

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll => Keine Datei

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll => Keine Datei

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-12] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-12] (Oracle Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF DefaultProfile: 6dhz67ax.default

FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default [2017-01-26]

FF NewTab: Mozilla\Firefox\Profiles\6dhz67ax.default -> about:newtab

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\6dhz67ax.default -> Search Provided by Bing

FF DefaultSearchUrl: Mozilla\Firefox\Profiles\6dhz67ax.default -> hxxps://www.google.com/search?bcutc=sp-006

FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\6dhz67ax.default -> Google

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\6dhz67ax.default -> Search Provided by Bing

FF Homepage: Mozilla\Firefox\Profiles\6dhz67ax.default -> hxxp://www.google.de/

FF Keyword.URL: Mozilla\Firefox\Profiles\6dhz67ax.default -> user_pref("keyword.URL", true);

FF NetworkProxy: Mozilla\Firefox\Profiles\6dhz67ax.default -> http", "130.207.85.164"

FF NetworkProxy: Mozilla\Firefox\Profiles\6dhz67ax.default -> http_port", 80

FF Extension: (Cliqz) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\cliqz@cliqz.com.xpi [2016-12-31]

FF Extension: (ProxTube) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\ich@maltegoetz.de.xpi [2016-10-19]

FF Extension: (Video DownloadHelper) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-31]

FF Extension: (Adblock Plus) - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]

FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml [2016-05-01]

FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\google-avast.xml [2016-09-13]

FF SearchPlugin: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\search provided by bing.xml [2016-10-23]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]

FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

FF HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\cliqz@cliqz.com => nicht gefunden

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()

FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [Keine Datei]

FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [Keine Datei]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-12] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-12] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

FF Plugin HKU\S-1-5-21-18176717-516900863-2037645015-1001: temasys.com.sg/TemWebRTCPlugin -> C:\Users\Phil\AppData\Roaming\Tem\TemWebRTCPlugin\0.8.874\npTemWebRTCPlugin.dll [2016-06-27] (Temasys)
 

Chrome: 

=======

CHR HomePage: Default -> hxxps://www.google.de/

CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM024XHN-M101MBB_S30YJ9EG212330"

CHR Profile: C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default [2017-01-26]

CHR Extension: (Google Präsentationen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-13]

CHR Extension: (Google Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]

CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]

CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]

CHR Extension: (Google-Suche) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]

CHR Extension: (Avast SafePrice) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-27]

CHR Extension: (Google Tabellen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-13]

CHR Extension: (Google Docs Offline) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-11]

CHR Extension: (Avast Online Security) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-27]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]

CHR Extension: (Google Mail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]

CHR Extension: (Chrome Media Router) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-27]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdBlockerService; C:\Program Files (x86)\AdBlocker\AdBlockerService.exe [8192 2016-09-30] () [Datei ist nicht signiert]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-01-11] (Digital Wave Ltd.)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)

R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)

S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)

R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)

R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-20] (Lenovo(beijing) Limited)

S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [269192 2014-06-16] ()

R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)

R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()

R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)

R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)

R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-03-20] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-08] (AVAST Software)

R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-08] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-08] (AVAST Software)

R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-08] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-08] (AVAST Software)

R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)

R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)

R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-08] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation)

S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()

R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-26] (Malwarebytes)

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)

R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)

R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)

R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)

S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)

R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

S3 dbx; system32\DRIVERS\dbx.sys [X]

S3 KMDFVirtualKbd; \SystemRoot\System32\drivers\KMDFVirtualKbd.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-01-26 13:12 - 2017-01-26 13:14 - 00028907 _____ C:\Users\Phil\Downloads\FRST.txt

2017-01-26 13:11 - 2017-01-26 13:12 - 00000000 ____D C:\FRST

2017-01-26 13:10 - 2017-01-26 13:11 - 02420736 _____ (Farbar) C:\Users\Phil\Downloads\FRST64.exe

2017-01-26 10:57 - 2017-01-26 10:57 - 00000000 ____D C:\Users\Phil\AppData\LocalLow\uTorrent

2017-01-26 10:36 - 2017-01-26 10:36 - 03988944 _____ C:\Users\Phil\Downloads\AdwCleaner_6.042.exe

2017-01-26 10:36 - 2017-01-26 10:36 - 01889232 _____ (Malwarebytes ) C:\Users\Phil\Downloads\mbae-setup-1.09.1.1291.exe

2017-01-24 17:35 - 2017-01-24 17:35 - 00003114 _____ C:\WINDOWS\System32\Tasks\{193D157F-7060-41D6-B6C9-D147DFFB5D27}

2017-01-19 19:03 - 2017-01-19 19:03 - 00000000 ____D C:\Users\Phil\Downloads\Zoey 101 Music Mix

2017-01-15 01:18 - 2017-01-25 02:23 - 00000000 ____D C:\Users\Phil\Downloads\Ultrasound (Pack2)11-30

2017-01-14 15:39 - 2017-01-14 15:39 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files

2017-01-09 04:20 - 2017-01-25 02:18 - 00000000 ____D C:\Users\Phil\Downloads\Hell's UltraSounds Special

2017-01-09 00:50 - 2017-01-25 01:43 - 00000000 ____D C:\Users\Phil\Downloads\UltraTraxx Rare Remixes (PACK1)1-10

2017-01-08 18:09 - 2017-01-08 23:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2017-01-08 13:21 - 2017-01-14 22:49 - 00000000 ____D C:\Users\Phil\Downloads\DJ Bourg - La Grande Retrospective Musicale Del&acute;Annee (Yearmix 2016)

2017-01-04 06:28 - 2017-01-22 14:48 - 00000000 ____D C:\Users\Phil\Desktop\Neuer Ordner (2)

2017-01-03 02:53 - 2017-01-03 12:44 - 00000000 ____D C:\Users\Phil\AppData\Roaming\avidemux

2017-01-03 00:50 - 2017-01-26 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)

2017-01-02 17:48 - 2017-01-02 17:48 - 00001149 _____ C:\Users\Phil\Desktop\MediathekView.lnk

2017-01-02 16:58 - 2017-01-02 16:58 - 09545308 _____ (XMedia Recode ) C:\Users\Phil\Downloads\XMediaRecode3358_setup.exe

2017-01-02 16:58 - 2017-01-02 16:58 - 00001086 _____ C:\Users\Public\Desktop\XMedia Recode.lnk

2017-01-02 16:58 - 2017-01-02 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode

2017-01-02 16:53 - 2017-01-02 16:53 - 00000000 ____D C:\Users\Phil\Documents\NeroVideo

2017-01-02 15:40 - 2017-01-02 16:53 - 00000000 ____D C:\Users\Phil\AppData\Local\Nero

2017-01-02 15:40 - 2017-01-02 15:40 - 00000000 ____D C:\Users\Phil\AppData\Local\Nero_AG

2017-01-02 14:13 - 2017-01-02 14:13 - 00000000 ____D C:\Users\Phil\AppData\Local\RapidSolution

2017-01-02 14:12 - 2017-01-02 14:12 - 00000000 ____D C:\ProgramData\simplitec

2017-01-02 14:09 - 2017-01-02 14:09 - 00002929 _____ C:\Users\Public\Desktop\Nero 2017.lnk

2017-01-02 14:03 - 2017-01-26 10:46 - 00000000 ____D C:\Program Files (x86)\Nero

2017-01-02 14:03 - 2017-01-02 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017

2017-01-02 14:02 - 2017-01-26 10:11 - 00000000 ____D C:\ProgramData\Nero

2017-01-02 14:02 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll

2017-01-02 14:02 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll

2017-01-02 14:02 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll

2017-01-02 13:55 - 2017-01-02 16:54 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Nero

2017-01-02 13:55 - 2017-01-02 13:55 - 03065512 _____ (Nero AG) C:\Users\Phil\Downloads\Nero2017-1.10.0.6_stub_trial.exe

2017-01-02 13:55 - 2017-01-02 13:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero

2017-01-02 13:35 - 2017-01-02 13:35 - 37762752 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper(1).exe

2017-01-02 13:30 - 2017-01-02 13:31 - 37762752 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper.exe

2017-01-02 13:24 - 2017-01-02 13:24 - 00001924 _____ C:\Users\Phil\Desktop\Magic DVD Ripper.lnk

2017-01-02 13:24 - 2017-01-02 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic DVD Ripper

2017-01-02 13:24 - 2017-01-02 13:24 - 00000000 ____D C:\ProgramData\MagicSoftware

2017-01-02 13:23 - 2017-01-02 13:24 - 00000000 ____D C:\Program Files (x86)\MagicDVDRipper

2017-01-02 13:23 - 2017-01-02 13:23 - 06287268 _____ (Magic DVD Software, Inc. ) C:\Users\Phil\Downloads\MagicDVDRipper800.exe

2017-01-02 13:23 - 2017-01-02 13:23 - 00000000 ____D C:\Users\Phil\AppData\Local\MagicSoftware

2017-01-02 13:17 - 2017-01-02 13:17 - 00001353 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk

2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Digiarty

2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty

2017-01-02 13:17 - 2017-01-02 13:17 - 00000000 ____D C:\Program Files (x86)\Digiarty

2017-01-02 13:16 - 2017-01-02 13:17 - 37767416 _____ (Digiarty Software, Inc. ) C:\Users\Phil\Downloads\winx-dvd-ripper-pt.exe

2017-01-01 23:08 - 2017-01-01 23:08 - 12951333 _____ C:\Users\Phil\Downloads\Follow Me.zip

2016-12-29 19:19 - 2016-12-30 16:55 - 07773553 _____ C:\Users\Phil\Desktop\19 Sandmann's Dummies feat. Die Olsenbande - Mächtig gewaltig (Radio Edit).mp3

2016-12-29 17:13 - 2016-12-30 12:11 - 00001923 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk

2016-12-29 17:09 - 2016-12-29 17:09 - 00000000 ____D C:\Users\Phil\AppData\Local\WinZip

2016-12-29 17:09 - 2016-12-29 17:09 - 00000000 ____D C:\ProgramData\UniqueId

2016-12-29 17:08 - 2016-12-29 17:44 - 00000000 ____D C:\Program Files\WinZip

2016-12-29 17:08 - 2016-12-29 17:09 - 00000000 ____D C:\ProgramData\WinZip

2016-12-29 17:08 - 2016-12-29 17:08 - 00000000 ____D C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C2410B.TMP

2016-12-28 20:13 - 2016-12-29 17:09 - 1887817728 _____ C:\Users\Phil\Downloads\Emo_Twinks_2.avi

2016-12-27 08:59 - 2016-12-28 18:51 - 2198378496 _____ C:\Users\Phil\Downloads\Gay Porn - [Saggerz Skaterz] Emo Twinks.avi
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-01-26 13:13 - 2016-09-17 20:22 - 00000000 ____D C:\Users\Phil\AppData\Roaming\uTorrent

2017-01-26 13:05 - 2016-11-20 12:29 - 00000000 ____D C:\Users\Phil\AppData\LocalLow\Mozilla

2017-01-26 12:59 - 2015-12-03 22:35 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Skype

2017-01-26 12:56 - 2015-11-22 19:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2017-01-26 12:32 - 2015-11-28 00:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-01-26 12:10 - 2016-02-26 13:57 - 00000000 ____D C:\Users\Phil\Knuddels-Stapp

2017-01-26 11:32 - 2015-11-13 19:35 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-18176717-516900863-2037645015-1001

2017-01-26 11:04 - 2015-03-20 19:21 - 00000000 ____D C:\ProgramData\LU

2017-01-26 11:03 - 2015-11-13 12:37 - 00001275 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk

2017-01-26 11:00 - 2015-03-21 01:53 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat

2017-01-26 11:00 - 2015-03-21 01:53 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat

2017-01-26 11:00 - 2014-03-18 10:53 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-01-26 11:00 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf

2017-01-26 10:59 - 2016-01-27 21:41 - 00000000 ____D C:\Users\Phil\AppData\Local\Spotify

2017-01-26 10:59 - 2016-01-27 21:40 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Spotify

2017-01-26 10:55 - 2015-11-13 19:28 - 00000000 ____D C:\Users\Phil

2017-01-26 10:53 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-01-26 10:50 - 2015-12-04 14:21 - 00000306 __RSH C:\ProgramData\ntuser.pol

2017-01-26 10:46 - 2013-08-22 15:44 - 00721840 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-01-26 10:46 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2017-01-26 10:45 - 2015-03-20 18:59 - 00004608 _____ C:\WINDOWS\system32\VfService.trf

2017-01-26 10:26 - 2016-03-06 15:44 - 00000000 ____D C:\Users\Phil\AppData\Local\Overwolf

2017-01-26 10:23 - 2015-03-20 19:10 - 00000000 ____D C:\Program Files\Lenovo PhoneCompanion

2017-01-26 10:23 - 2015-03-20 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2017-01-26 10:21 - 2015-11-29 23:22 - 00000000 ____D C:\Program Files (x86)\AVS4YOU

2017-01-26 10:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Branding

2017-01-26 10:10 - 2015-03-20 19:13 - 00000000 ____D C:\ProgramData\Energy Manager

2017-01-26 01:27 - 2015-11-13 14:34 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mp3tag

2017-01-26 01:25 - 2015-11-28 00:34 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2017-01-26 01:25 - 2015-11-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2017-01-26 01:25 - 2015-11-28 00:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2017-01-25 22:25 - 2015-11-14 00:11 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Audacity

2017-01-25 12:06 - 2015-12-21 14:18 - 00162304 ___SH C:\Users\Phil\Desktop\Thumbs.db

2017-01-25 12:00 - 2016-11-05 12:28 - 00000000 ____D C:\Program Files (x86)\AdBlocker

2017-01-25 11:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF

2017-01-25 10:15 - 2016-10-23 13:52 - 00000000 ____D C:\Users\Phil\AppData\Local\JDownloader v2.0

2017-01-25 10:13 - 2016-03-13 01:15 - 00000000 ____D C:\Users\Phil\AppData\Roaming\vlc

2017-01-25 01:20 - 2016-12-17 14:30 - 00003180 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-01-25 01:20 - 2016-04-26 01:39 - 00002366 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk

2017-01-25 01:20 - 2016-01-03 15:19 - 00003188 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-18176717-516900863-2037645015-1001

2017-01-18 16:19 - 2016-09-08 23:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\spek

2017-01-17 05:29 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-01-17 05:27 - 2015-03-20 18:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2017-01-15 23:06 - 2015-11-13 16:26 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2017-01-15 22:38 - 2016-03-06 15:45 - 00000000 ____D C:\Users\Phil\AppData\Roaming\TS3Client

2017-01-14 15:38 - 2016-09-12 00:04 - 00001421 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk

2017-01-14 15:38 - 2016-07-04 16:45 - 00001358 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

2017-01-14 15:38 - 2016-07-04 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2017-01-14 15:38 - 2016-07-04 16:44 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft

2017-01-14 15:32 - 2016-07-04 16:44 - 00000000 ____D C:\Users\Phil\AppData\Roaming\DVDVideoSoft

2017-01-14 00:31 - 2015-12-03 22:35 - 00000000 ____D C:\ProgramData\Skype

2017-01-13 14:15 - 2016-03-13 01:16 - 00000000 ____D C:\Users\Phil\AppData\Roaming\dvdcss

2017-01-12 00:52 - 2015-11-20 22:07 - 00000000 ____D C:\ProgramData\Oracle

2017-01-12 00:51 - 2016-03-06 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-01-12 00:51 - 2016-03-06 18:11 - 00000000 ____D C:\Program Files (x86)\Java

2017-01-12 00:50 - 2016-03-06 18:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2017-01-11 22:51 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-01-11 17:18 - 2016-02-26 13:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-01-11 17:17 - 2015-11-15 03:35 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-01-11 17:11 - 2015-11-15 03:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-01-10 11:56 - 2015-11-22 19:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2017-01-10 11:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-01-10 11:56 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed

2017-01-09 01:08 - 2016-11-25 00:13 - 00000000 ____D C:\Users\Phil\Downloads\UTR144

2017-01-07 10:12 - 2015-11-14 21:50 - 01407488 ___SH C:\Users\Phil\Documents\Thumbs.db

2017-01-06 20:53 - 2016-12-13 22:52 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Sony

2017-01-06 00:34 - 2015-11-15 01:56 - 01823232 ___SH C:\Users\Phil\Downloads\Thumbs.db

2017-01-05 16:32 - 2016-12-23 16:01 - 00000000 ____D C:\Users\Phil\Desktop\DDRock

2017-01-05 16:26 - 2015-11-27 21:07 - 00000000 ___RD C:\Users\Phil\dwhelper

2017-01-05 07:02 - 2016-04-18 22:06 - 00000000 ____D C:\Users\Phil\Desktop\Neuer Ordner (3)

2017-01-02 20:49 - 2016-04-25 14:34 - 00000000 ____D C:\Users\Phil\MediathekView

2017-01-02 18:34 - 2016-04-25 14:32 - 00000000 ____D C:\Users\Phil\.mediathek3

2017-01-02 16:58 - 2016-07-13 19:10 - 00000000 ____D C:\Program Files (x86)\XMedia Recode

2017-01-02 14:12 - 2015-03-20 18:16 - 00000000 ____D C:\ProgramData\Package Cache

2017-01-01 18:41 - 2016-01-09 11:34 - 00000000 ____D C:\Program Files\Common Files\Apple

2017-01-01 18:36 - 2016-07-18 21:09 - 00000000 ____D C:\Users\Phil\.legitmix

2016-12-30 12:12 - 2016-09-02 18:51 - 00002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk

2016-12-30 12:12 - 2016-05-20 18:08 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

2016-12-30 12:12 - 2016-05-12 20:20 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2016-12-30 12:12 - 2016-05-01 14:52 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

2016-12-30 12:12 - 2016-05-01 14:52 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

2016-12-30 12:12 - 2016-02-26 13:57 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels Standalone.lnk

2016-12-30 12:12 - 2016-02-26 13:53 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-12-30 12:12 - 2016-01-07 18:43 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk

2016-12-30 12:12 - 2016-01-03 15:11 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk

2016-12-30 12:12 - 2015-12-19 17:01 - 00001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disketch CD-Beschriftungssoftware.lnk

2016-12-30 12:12 - 2015-12-07 18:27 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-12-30 12:12 - 2015-12-03 01:28 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk

2016-12-30 12:12 - 2015-11-20 22:09 - 00001346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk

2016-12-30 12:12 - 2015-11-14 00:11 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2016-12-30 12:12 - 2015-03-20 18:56 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk

2016-12-30 12:11 - 2016-09-13 21:45 - 00001849 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2016-12-30 12:11 - 2016-09-04 13:37 - 00001068 _____ C:\Users\Public\Desktop\eMuleTorrent.lnk

2016-12-30 12:11 - 2016-09-02 18:54 - 00002057 _____ C:\Users\Public\Desktop\FL Studio 11.lnk

2016-12-30 12:11 - 2016-07-12 05:40 - 00001004 _____ C:\Users\Public\Desktop\ManyCam.lnk

2016-12-30 12:11 - 2016-07-04 16:45 - 00001360 _____ C:\Users\Public\Desktop\Free DVD Video Converter.lnk

2016-12-30 12:11 - 2016-06-15 14:10 - 00000992 _____ C:\Users\Public\Desktop\Winamp.lnk

2016-12-30 12:11 - 2016-05-25 20:17 - 00001001 _____ C:\Users\Public\Desktop\Bandicam.lnk

2016-12-30 12:11 - 2016-05-20 18:08 - 00001186 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk

2016-12-30 12:11 - 2016-05-12 20:20 - 00001210 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2016-12-30 12:11 - 2016-03-13 01:15 - 00000936 _____ C:\Users\Public\Desktop\VLC media player.lnk

2016-12-30 12:11 - 2016-03-06 15:43 - 00001175 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

2016-12-30 12:11 - 2016-02-27 02:35 - 00000992 _____ C:\Users\Public\Desktop\Mp3tag.lnk

2016-12-30 12:11 - 2016-02-26 13:53 - 00001160 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-12-30 12:11 - 2016-02-14 22:48 - 00000303 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk

2016-12-30 12:11 - 2016-02-09 04:11 - 00001030 _____ C:\Users\Public\Desktop\SoulseekQt.lnk

2016-12-30 12:11 - 2016-01-07 18:43 - 00002200 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-12-30 12:11 - 2015-12-26 12:22 - 00000980 _____ C:\Users\Public\Desktop\CDex.lnk

2016-12-30 12:11 - 2015-12-19 17:01 - 00001197 _____ C:\Users\Public\Desktop\Disketch CD-Beschriftungssoftware.lnk

2016-12-30 12:11 - 2015-12-07 18:27 - 00000976 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk

2016-12-30 12:11 - 2015-12-03 22:35 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk

2016-12-30 12:11 - 2015-11-14 00:11 - 00001020 _____ C:\Users\Public\Desktop\Audacity.lnk

2016-12-30 12:11 - 2015-11-13 19:30 - 00001457 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2016-12-30 12:11 - 2015-11-13 19:28 - 00000469 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2016-12-30 12:11 - 2015-11-13 19:28 - 00000467 _____ C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2016-12-30 12:11 - 2015-11-13 16:27 - 00001987 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2016-12-30 12:10 - 2016-12-13 22:59 - 00001566 _____ C:\Users\Phil\Desktop\vegas130.exe - Verknüpfung.lnk

2016-12-30 12:10 - 2016-10-23 13:55 - 00002164 _____ C:\Users\Phil\Desktop\JDownloader 2.lnk

2016-12-30 12:10 - 2016-09-17 20:31 - 00002675 _____ C:\Users\Phil\Desktop\µTorrent.lnk

2016-12-30 12:10 - 2016-09-13 21:45 - 00001863 _____ C:\Users\Phil\Desktop\Spotify.lnk

2016-12-30 12:10 - 2016-09-12 00:05 - 00002307 _____ C:\Users\Phil\Desktop\Chromium.lnk

2016-12-30 12:10 - 2016-09-02 18:54 - 00001157 _____ C:\Users\Phil\Desktop\ASIO4ALL v2 Instruction Manual.lnk

2016-12-30 12:10 - 2016-07-09 03:40 - 00000000 ____D C:\Program Files (x86)\eMuleTorrent

2016-12-30 12:10 - 2016-06-08 21:17 - 00001933 _____ C:\Users\Phil\Desktop\DVD Flick.lnk

2016-12-30 12:10 - 2016-05-21 13:14 - 00002190 _____ C:\Users\Phil\Desktop\InstagramDownloader - CHIP Downloader.lnk

2016-12-30 12:10 - 2016-03-06 16:28 - 00001899 _____ C:\Users\Phil\Desktop\Knuddels.lnk

2016-12-30 12:10 - 2016-02-26 13:57 - 00002114 _____ C:\Users\Phil\Desktop\Knuddels Standalone.lnk

2016-12-30 12:10 - 2016-02-14 22:48 - 00000367 _____ C:\Users\Phil\Desktop\Heimnetzgruppe - Verknüpfung.lnk

2016-12-30 12:10 - 2016-01-25 01:44 - 00002326 _____ C:\Users\Phil\Desktop\Chrome App Launcher.lnk

2016-12-30 12:10 - 2015-12-19 18:36 - 00001265 _____ C:\Users\Phil\Desktop\Professional Label Software SE.lnk

2016-12-30 12:10 - 2015-12-04 14:20 - 00001086 _____ C:\Users\Phil\Desktop\Format Factory.lnk

2016-12-30 12:10 - 2015-11-25 01:03 - 00001098 _____ C:\Users\Phil\Desktop\Free Alarm Clock.lnk

2016-12-30 12:10 - 2015-11-22 16:12 - 00001901 _____ C:\Users\Phil\Desktop\eMuleTorrent.lnk

2016-12-30 12:10 - 2015-11-13 15:18 - 00001045 _____ C:\Users\Phil\Desktop\VirtualDJ 8.lnk

2016-12-30 12:10 - 2015-11-13 13:53 - 00000424 _____ C:\Users\Phil\Desktop\Arbeitssplatz.lnk

2016-12-29 19:24 - 2015-11-13 12:35 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{07652670-E09D-4463-9537-7A223D22B87F}

2016-12-27 09:54 - 2016-11-06 15:51 - 00000002 _____ C:\END
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-04-25 14:31 - 2016-04-25 14:31 - 37860047 _____ () C:\Program Files (x86)\MediathekView_v11.zip

2015-03-20 18:09 - 2015-03-20 18:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2016-02-25 11:50 - 2016-02-25 11:50 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

C:\Users\Phil\FFInstOnline.exe
 
 

Einige Dateien in TEMP:

====================

2016-10-23 13:51 - 2016-10-23 13:51 - 0079736 _____ (AppWork GmbH) C:\Users\Phil\AppData\Local\Temp\131217006643445404.exe

2016-11-05 12:28 - 2016-11-05 12:28 - 0789384 _____ (StarkIndastri                                               ) C:\Users\Phil\AppData\Local\Temp\adblocker.exe

2017-01-11 17:57 - 2017-01-11 17:57 - 0737856 _____ (Oracle Corporation) C:\Users\Phil\AppData\Local\Temp\jre-8u111-windows-au.exe

2017-01-02 14:01 - 2014-10-29 02:58 - 1040384 _____ (Microsoft Corporation) C:\Users\Phil\AppData\Local\Temp\kernel32.dll

2017-01-02 14:12 - 2017-01-02 14:12 - 13748240 _____ (Nero AG                                                     ) C:\Users\Phil\AppData\Local\Temp\Nero TuneItUp_2.4.6.195.exe

2017-01-25 10:14 - 2017-01-25 10:14 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole3593948613513437771.dll

2017-01-25 10:14 - 2017-01-25 10:14 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole4390557319286301889.dll

2017-01-25 10:15 - 2017-01-25 10:15 - 0040448 ____N () C:\Users\Phil\AppData\Local\Temp\proxy_vole8904135303260292371.dll

2016-12-08 19:21 - 2016-12-08 19:21 - 13983608 _____ (Google Inc.) C:\Users\Phil\AppData\Local\Temp\{666FA83C-87B4-4B82-AE2A-B39D28AF21CE}-55.0.2883.87_54.0.2840.99_chrome_updater.exe

2016-10-20 10:07 - 2016-10-20 10:07 - 44295032 _____ (Google Inc.) C:\Users\Phil\AppData\Local\Temp\{F4FD0A43-4C2F-4119-8D94-E24462144B88}-54.0.2840.71_chrome_installer.exe
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-01-21 05:08
 

==================== Ende von FRST.txt ============================

Gab es denn nie irgendwelche Funde?

Addition.txt

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01

durchgeführt von Phil (26-01-2017 13:15:13)

Gestartet von C:\Users\Phil\Downloads

Windows 8.1 (Update) (X64) (2015-11-13 18:28:28)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-18176717-516900863-2037645015-500 - Administrator - Disabled)

Gast (S-1-5-21-18176717-516900863-2037645015-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-18176717-516900863-2037645015-1003 - Limited - Enabled)

Phil (S-1-5-21-18176717-516900863-2037645015-1001 - Administrator - Enabled) => C:\Users\Phil
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

µTorrent (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)

AdBlocker (HKLM-x32\...\{708B2796-B19A-4BEE-BA20-6051D8B3F8D8}_is1) (Version: 1.0.0.2 - StarkIndastri) <==== ACHTUNG

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)

Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)

Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)

Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.4.1036 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)

Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.80.0.2016 - Georgy Berdyshev)

CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.0 - Conexant)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)

CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden

Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden

Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden

Disketch CD-Beschriftungssoftware (HKLM-x32\...\Disketch) (Version: 3.34 - NCH Software)

Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)

DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)

eMule (HKLM-x32\...\eMule1.0.0.9) (Version: 1.0.0.9 - eMule)

eMuleTorrent (HKLM-x32\...\eMuleTorrent) (Version: 1.0.0.22 - eMule.com)

Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)

Energy Manager (x32 Version: 1.5.0.21 - Lenovo) Hidden

FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)

FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )

FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)

Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)

Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.31.109 - Digital Wave Ltd)

GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)

Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)

IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Knuddels Standalone App (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Knuddels Standalone App ) (Version: "2015.12.6.0" - "Knuddels Standalone App")

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)

Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)

Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)

Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)

Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden

Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)

Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden

Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)

Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)

Lenovo Solution Center (HKLM\...\{891BDB32-6BA9-46EC-826C-324125B10A18}) (Version: 2.5.001.00 - Lenovo Group Limited)

Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)

Lenovo Updates (x32 Version: 1.0.0.65 - Lenovo) Hidden

Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo)

Magic DVD Ripper V8.0.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version:  - Magic DVD Software, Inc.)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden

Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

ManyCam 5.3.0 (HKLM-x32\...\ManyCam) (Version: 5.3.0 - Visicom Media Inc.)

Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)

Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)

Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

Music Recorder (x32 Version: 18.001.2 - Nero AG) Hidden

Nero 2017 (HKLM-x32\...\{18625598-62C3-4DBF-B1AA-3BD27395F7F5}) (Version: 18.0.05900 - Nero AG)

Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG)

Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)

Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden

Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)

Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)

SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden

Sigel Professional Label Software SE (HKLM-x32\...\Sigel Professional Label Software SE) (Version:  - )

Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)

SoulseekQt Version 2016.1.24 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2016.1.24 - Soulseek LLC)

Spotify (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)

Start Menu (HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)

TemWebRTCPlugin (HKLM-x32\...\{C99BE9E3-2401-4832-8342-C5BF190CFFBD}) (Version: 0.8.874 - Temasys)

User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

VirtualDJ 8 (HKLM-x32\...\{24F8CB37-888B-41E6-B119-CDC3F5075F57}) (Version: 8.0.2483.0 - Atomix Productions)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

Winamp Color Themes Pack 2.3 (HKLM-x32\...\Winamp Color Themes Pack) (Version: 2.3 - Paweł Porwisz)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)

Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

WinX DVD Ripper Platinum 7.5.18 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

WinZip (HKLM\...\WinZip) (Version:  21.0 (12288g) - 64-bit - WinZip Computing, S.L.)

XMedia Recode Version 3.3.5.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.8 - XMedia Recode)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-18176717-516900863-2037645015-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {40E66640-5CBE-4A4D-ABB7-0693E786F733} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)

Task: {470CDF8B-5BD2-40B9-A6C4-B32FA1C48418} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-06-16] ()

Task: {4CF12A74-BD27-415B-92A8-0058E3143274} - System32\Tasks\SafeZone scheduled Autoupdate 1463764111 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)

Task: {80D49A7D-D979-42BD-8764-E6E7CEBF29BD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)

Task: {8FB164E5-A65A-4FED-9F42-4522A7410C51} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG)

Task: {A628A5FF-2AB3-47BB-A3B8-974419058355} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-06-16] (Lenovo)

Task: {A6603B27-FA9B-4561-9786-A4AA54DD8D00} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE

Task: {AA5AF9C6-2DFC-4834-ACDD-52539C91F433} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)

Task: {ABE58FA7-260F-4A64-A57C-76675C37B704} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-06-16] ()

Task: {B4FCEBDC-7CB4-4299-A017-8E336CC60CE5} - System32\Tasks\{60DAB822-9A31-4A47-B237-1C9C7C366EB7} => pcalua.exe -a C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.exe -c -FN="C:\Users\Phil\AppData\Roaming\{425374E8-6701-199E-0C37-3E4CD0E5C372}\SynHelper.exe"-P=/Uninstall /s /noun /DelSelfDir

Task: {B8F930AB-7233-4100-9E69-7F044362CC09} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)

Task: {BD25C5B0-A208-41CB-90C1-1E33E869A8CB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)

Task: {BEE7DC85-4E5F-4DE8-994D-13904180BBCE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-06-16] (Lenovo)

Task: {C75F2EDE-EF6C-469C-B00A-AD9F14EEF8BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)

Task: {D015B755-443A-4750-B246-889689F6070A} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()

Task: {D20E2376-FF23-4FB2-81B8-92633D0451CB} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"

Task: {D9ACE840-8FD0-4D5C-9998-C6C285EE8617} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-06-16] (Lenovo)

Task: {E56D9C13-A831-4752-87FE-AC61563EA26A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)

Task: {E85B910E-DC16-4F6D-8EE6-EF0F31276C68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)

Task: {E8686384-FBD2-488F-B736-6E5E321059B1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-24] (AVAST Software)

Task: {EA186686-B843-446E-AD1E-3E915A9069D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)

Task: {FFB80839-9851-4032-910F-19996086BFA4} - System32\Tasks\{193D157F-7060-41D6-B6C9-D147DFFB5D27} => pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Phil\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\2to3.lnk -> C:\Program Files (x86)\eMule\python\Scripts\2to3.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze-postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze-postinstall.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze-quickstart.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze-quickstart.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cxfreeze.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cxfreeze.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cygdb-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cygdb-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\cython-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\cython-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\easy_install-2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\easy_install-2.7-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\easy_install-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\easy_install-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\epylint-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\epylint-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\f2py.lnk -> C:\Program Files (x86)\eMule\python\Scripts\f2py.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\guidata-tests.lnk -> C:\Program Files (x86)\eMule\python\Scripts\guidata-tests.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\guiqwt-tests.lnk -> C:\Program Files (x86)\eMule\python\Scripts\guiqwt-tests.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\idle.lnk -> C:\Program Files (x86)\eMule\python\Lib\idlelib\idle.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcluster-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcluster-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcluster2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcluster2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcontroller-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcontroller-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipcontroller2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipcontroller2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipengine-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipengine-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipengine2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipengine2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\iptest-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\iptest-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\iptest2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\iptest2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ipython_win_post_install.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ipython_win_post_install.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\isympy.lnk -> C:\Program Files (x86)\eMule\python\Scripts\isympy.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\miniterm.lnk -> C:\Program Files (x86)\eMule\python\Scripts\miniterm.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\nosetests-2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\nosetests-2.7-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\nosetests-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\nosetests-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilconvert.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilconvert.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pildriver.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pildriver.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilfile.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilfile.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilfont.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilfont.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pilprint.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pilprint.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip2-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip2-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pip2.7-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pip2.7-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pt2to3.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pt2to3.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ptdump.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ptdump.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ptrepack.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ptrepack.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pygmentize-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pygmentize-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pylint-gui-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pylint-gui-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pylint-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pylint-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyreverse-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyreverse-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyside-uic-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyside-uic-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyside_postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyside_postinstall.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pytest.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pytest.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pyuic4.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pyuic4.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pywin32_postinstall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pywin32_postinstall.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\pywin32_testall.lnk -> C:\Program Files (x86)\eMule\python\Scripts\pywin32_testall.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\register_python.lnk -> C:\Program Files (x86)\eMule\python\Scripts\register_python.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2html.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2html.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2latex.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2latex.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2man.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2man.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2odt.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2odt.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2odt_prepstyles.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2odt_prepstyles.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2pdf-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2pdf-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2pseudoxml.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2pseudoxml.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2s5.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2s5.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2xetex.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2xetex.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rst2xml.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rst2xml.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\rstpep2html.lnk -> C:\Program Files (x86)\eMule\python\Scripts\rstpep2html.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\runxlrd.lnk -> C:\Program Files (x86)\eMule\python\Scripts\runxlrd.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sift.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sift.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\skivi-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\skivi-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-apidoc-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-apidoc-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-autogen-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-autogen-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-build-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-build-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\sphinx-quickstart-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\sphinx-quickstart-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\spyder.lnk -> C:\Program Files (x86)\eMule\python\Scripts\spyder.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\spyder_win_post_install.lnk -> C:\Program Files (x86)\eMule\python\Scripts\spyder_win_post_install.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\symilar-script.lnk -> C:\Program Files (x86)\eMule\python\Scripts\symilar-script.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttffamily.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttffamily.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttffiles.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttffiles.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttfgroups.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttfgroups.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttfmetadata.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttfmetadata.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\ttx.lnk -> C:\Program Files (x86)\eMule\python\Scripts\ttx.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\vitables.lnk -> C:\Program Files (x86)\eMule\python\Scripts\vitables.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\wpcp.lnk -> C:\Program Files (x86)\eMule\python\Scripts\wpcp.bat ()

Shortcut: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMule\wppm.lnk -> C:\Program Files (x86)\eMule\python\Scripts\wppm.bat ()
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-11-05 12:28 - 2016-09-30 14:57 - 00008192 _____ () C:\Program Files (x86)\AdBlocker\AdBlockerService.exe

2016-11-05 12:28 - 2016-09-30 14:57 - 00020992 _____ () C:\Program Files (x86)\AdBlocker\Service.dll

2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-03-20 19:04 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe

2015-03-20 18:59 - 2015-03-20 18:59 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe

2015-03-20 18:59 - 2015-03-20 18:59 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll

2015-03-20 18:10 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

2014-03-26 12:50 - 2015-03-20 19:13 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll

2016-09-08 19:01 - 2016-09-08 19:01 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2017-01-25 22:09 - 2017-01-25 22:09 - 04459096 _____ () C:\Program Files\AVAST Software\Avast\defs\17012501\algo.dll

2016-09-08 19:01 - 2016-09-08 19:01 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

2016-07-04 16:44 - 2016-08-31 18:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2016-07-04 16:44 - 2017-01-09 13:21 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2016-07-04 16:44 - 2017-01-09 13:21 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2016-07-04 16:44 - 2017-01-09 13:21 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2015-03-20 18:04 - 2013-09-16 20:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2014-10-01 10:23 - 2014-10-01 10:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll

2014-10-01 10:24 - 2014-10-01 10:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll

2014-10-01 10:25 - 2014-10-01 10:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll

2014-10-01 10:24 - 2014-10-01 10:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll

2014-10-01 10:24 - 2014-10-01 10:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll

2016-01-27 21:41 - 2016-12-24 23:07 - 51777648 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libcef.dll

2016-07-01 17:55 - 2016-07-01 17:55 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2016-01-27 21:41 - 2016-12-24 23:07 - 01803888 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libglesv2.dll

2016-01-27 21:41 - 2016-12-24 23:07 - 00086128 _____ () C:\Users\Phil\AppData\Roaming\Spotify\libegl.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Windows:nlsPreferences [386]

AlternateDataStreams: C:\Users\Phil\Desktop\WhatsApp Dateien:com.dropbox.attributes [168]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\legitmix.com -> hxxp://legitmix.com

IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\legitmix.com -> hxxps://legitmix.com

IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-18176717-516900863-2037645015-1001\...\webcompanion.com -> hxxp://webcompanion.com
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 14:25 - 2017-01-24 17:36 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-18176717-516900863-2037645015-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => LPort=139

FirewallRules: [{8F605078-005D-4DC5-A10D-B87DE090F774}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{0ABB12FD-972F-4F46-888A-EFA87B67B5DE}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe

FirewallRules: [{AAD13B89-887B-4C12-BDE9-5720B07F8BBF}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe

FirewallRules: [{0A2B8231-409E-48C8-B782-F4F073536A16}] => C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{FFB78175-BC32-4E85-A1FE-E9064D1510A5}] => LPort=55100

FirewallRules: [{FD31D86F-94A8-4509-97BA-9D7ADAA7BEDE}] => C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe

FirewallRules: [TCP Query User{17C6CBD5-073D-41B7-ADDA-D2F9F8CE99DC}C:\program files (x86)\soulseekqt\soulseekqt.exe] => C:\program files (x86)\soulseekqt\soulseekqt.exe

FirewallRules: [UDP Query User{06B28F46-83A7-4F61-9A6D-992E818B7BD0}C:\program files (x86)\soulseekqt\soulseekqt.exe] => C:\program files (x86)\soulseekqt\soulseekqt.exe

FirewallRules: [TCP Query User{E0352B13-293E-4232-A83E-1353ED449049}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe

FirewallRules: [UDP Query User{40B4F400-7801-4487-8FB1-F7723A52ECB1}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe

FirewallRules: [TCP Query User{6F5E588D-5F4F-4BF4-BE77-24E323916910}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{9B301A12-0DB6-4A94-97A8-2F67A28E938A}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{8F7D71DA-8DBD-426A-88DD-68E5F4DD91C8}C:\users\phil\ffinstonline.exe] => C:\users\phil\ffinstonline.exe

FirewallRules: [UDP Query User{B5A0A261-67A6-4D29-9CF6-28260220678A}C:\users\phil\ffinstonline.exe] => C:\users\phil\ffinstonline.exe

FirewallRules: [{9324FCA9-2DF4-4E7A-A73D-69382856AC94}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{38740415-2326-493E-9E4A-639B9C612792}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{2C94930F-FA8F-44D0-998C-66323562CACD}] => C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{0B138151-A7C0-4B98-9425-C197314CAB81}] => C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{D2831A16-2999-480C-9873-637569F2720B}] => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe

FirewallRules: [{1630DD38-72A7-4432-8E99-32582FF55BC8}] => C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe

FirewallRules: [{BD541C52-A539-4331-B4D9-E6F6D14516A3}] => C:\Program Files (x86)\PicosmosTools\PTInstOnline.exe

FirewallRules: [TCP Query User{995EC91A-01E1-43D9-AD11-0748CDFAC633}C:\program files (x86)\virtualdj\virtualdj8.exe] => C:\program files (x86)\virtualdj\virtualdj8.exe

FirewallRules: [UDP Query User{E5E4FE9A-EA9E-4CFE-83CC-E1CF22ECD777}C:\program files (x86)\virtualdj\virtualdj8.exe] => C:\program files (x86)\virtualdj\virtualdj8.exe

FirewallRules: [{1EF525F1-79B7-431B-9809-8B937BBAE3D6}] => C:\Users\Phil\AppData\Local\Microsoft\OneDrive\OneDrive.exe

FirewallRules: [{A5C72B30-C526-4B97-8CB7-B273393E4068}] => C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{77B5948B-1919-4612-89F7-7640B9BA22E5}] => C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B207B076-B451-4D3B-B9E1-89354CF8F3FB}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{466C2EF2-2010-4D66-AFE4-412CD106DBE0}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{365E860F-402A-4301-98B8-56F1C083614B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{E7388C48-896A-4FF1-A9F3-C45F24BE7F99}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{906E6A30-769C-4470-A62D-074C2055BF22}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{5C8DA653-3099-4BC2-81FD-414919F04185}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{A53420E2-F57D-4F0E-A4C8-4224171D5B93}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe

FirewallRules: [UDP Query User{CB235FE2-B114-4E22-88C0-2F35A427E822}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe

FirewallRules: [TCP Query User{D0ED129F-5F02-4103-B196-7F80823E8454}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe

FirewallRules: [UDP Query User{6732C4BF-549A-44EE-8DA8-572001DBB525}C:\program files (x86)\soulseek\soulseekqt.exe] => C:\program files (x86)\soulseek\soulseekqt.exe

FirewallRules: [TCP Query User{6CAE1EAA-F677-4CB0-B12A-EC20431FC68B}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{31BC8797-BAAC-49DC-B7EB-148F70105E57}C:\users\phil\appdata\roaming\spotify\spotify.exe] => C:\users\phil\appdata\roaming\spotify\spotify.exe

FirewallRules: [{72330670-BD4F-460E-800D-B1111373994A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{ED94A1C3-1AD6-4983-AE6C-A6205478E4D1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{3EEA096F-F057-46EA-BA3F-B0EC62EEF2F5}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{7D5AA269-6D70-4C0C-AF44-D589F6342B3F}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [{306500C6-E0AE-4A7F-AA04-4F071AC08593}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{1E13CA20-EE3F-4265-B9B9-DF2BB820CF2F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{A6EFA119-0A27-4705-9B5B-E7DC610D36B8}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{CB5D4F7A-E871-48DC-80C1-0ECD55351083}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{7AD15C9E-0687-49E1-B608-956E58A779D6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{DAB87BB1-69DF-47BD-B56F-5F73D6A9F6B0}] => LPort=2869

FirewallRules: [{C2DBBB4F-361F-47AC-A509-227D00451385}] => LPort=1900

FirewallRules: [{FACB5F5B-FD16-4014-A923-30494D467B7F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [{7C55E431-D485-42FD-A55B-05D02B9E5B32}] => C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [{04743087-5FED-4992-B2FA-8F534A32D89F}] => C:\Program Files (x86)\Winamp\winamp.exe

FirewallRules: [TCP Query User{4331A288-517E-49AA-A12E-CA5BACAC6024}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe

FirewallRules: [UDP Query User{82AF5EC6-51A2-413B-ACCB-4DA8D4678B44}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe

FirewallRules: [TCP Query User{92E00EC3-C210-415C-8BEA-F56BA56E15A2}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{B98D6D39-C38D-4118-8C0E-1C17C875AD39}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [TCP Query User{A084EE50-5815-4763-8259-44275A92FF3B}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe

FirewallRules: [UDP Query User{23537AAF-AC31-4869-BB8B-93801F602EA7}C:\program files (x86)\emule\emuletorrent.exe] => C:\program files (x86)\emule\emuletorrent.exe

FirewallRules: [TCP Query User{097866BD-BAC7-490B-A86B-65F02D50020F}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe

FirewallRules: [UDP Query User{52D609D5-016B-48E2-91FB-411811D385CD}C:\program files (x86)\emuletorrent\emuletorrent.exe] => C:\program files (x86)\emuletorrent\emuletorrent.exe

FirewallRules: [{85B9D874-370C-4DD3-808E-058491EE9129}] => C:\Users\Phil\AppData\Local\Chromium\Application\chrome.exe

FirewallRules: [{35B51B49-1329-48E3-BCDA-4BE3694C27FD}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{D7B74F16-32AC-4A02-92DB-B941A90032D4}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A981E664-FF4A-480B-BF91-F3798DC8BF36}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A4C546CE-E5D2-491C-B343-1FC7A1A313FB}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{1EF77C32-DEC6-43E2-9E3B-2D489B30233B}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{CD11F33C-9135-4539-9C88-A23BFB5CB060}] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{D680D83E-4396-4E2E-BBB2-E2199500F6D7}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{50D4508A-54E5-494A-AB12-543A9C23FC7A}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{5D9050F7-2F98-4C51-916D-1BDB9664C5BB}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{E5FF7175-AABC-4087-8963-531F8C78E58A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{51E667D4-E220-44B9-8FF7-14AEF35183BE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{96592BF8-327D-468A-A82C-D0E0E5B92293}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe

FirewallRules: [{27F67796-6A32-48BA-A425-8E78EE187290}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe

FirewallRules: [{D304B771-FE9B-4E2A-80D5-67981E238FFB}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe

FirewallRules: [{E797203D-1D2D-40CD-9F05-E125BA3E23EE}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe

FirewallRules: [{00A0CCA6-E4F5-410C-9D23-2B9D1E97E999}] => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe

FirewallRules: [{DA4E765A-AA2D-4F26-A717-717E8842D405}] => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
 

==================== Wiederherstellungspunkte =========================
 

14-01-2017 00:30:25 ASU_MSI_TRAN

21-01-2017 05:36:37 Geplanter Prüfpunkt

26-01-2017 10:16:35 OpenOffice 4.1.1 wird entfernt
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (01/26/2017 10:53:39 AM) (Source: DbxSvc) (EventID: 320) (User: )

Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
 

Error: (01/26/2017 10:47:23 AM) (Source: DbxSvc) (EventID: 320) (User: )

Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
 

Error: (01/26/2017 06:19:32 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (01/25/2017 12:00:11 PM) (Source: DbxSvc) (EventID: 320) (User: )

Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
 

Error: (01/25/2017 06:19:33 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (01/24/2017 11:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d

Ausnahmecode: 0xc015000f

Fehleroffset: 0x0009e024

ID des fehlerhaften Prozesses: 0xcd0

Startzeit der fehlerhaften Anwendung: 0x01d27693ee79503d

Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CDex\CDex.exe

Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll

Berichtskennung: 66530a7b-e287-11e6-82b2-f4066981efdd

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (01/24/2017 11:49:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1

Name des fehlerhaften Moduls: CDex.exe, Version: 1.80.0.0, Zeitstempel: 0x571209f1

Ausnahmecode: 0x80000003

Fehleroffset: 0x0025e84a

ID des fehlerhaften Prozesses: 0xcd0

Startzeit der fehlerhaften Anwendung: 0x01d27693ee79503d

Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CDex\CDex.exe

Pfad des fehlerhaften Moduls: C:\Program Files (x86)\CDex\CDex.exe

Berichtskennung: 64d21f0a-e287-11e6-82b2-f4066981efdd

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (01/24/2017 06:19:35 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (01/23/2017 06:19:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (01/22/2017 06:19:39 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 
 

Systemfehler:

=============

Error: (01/26/2017 10:54:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 

Error: (01/26/2017 10:54:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
 

Error: (01/26/2017 10:52:42 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)

Description: Der Systemüberwachungszeitgeber wurde ausgelöst.
 

Error: (01/26/2017 10:53:03 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎26.‎01.‎2017 um 10:47:10 unerwartet heruntergefahren.
 

Error: (01/26/2017 10:45:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 

Der Dienst wurde nicht gestartet.
 

Error: (01/26/2017 10:45:39 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)

Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (01/26/2017 07:01:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "AdBlockerService" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/26/2017 03:43:04 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)

Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (01/26/2017 03:42:33 AM) (Source: DCOM) (EventID: 10010) (User: SuperParchita)

Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (01/25/2017 12:00:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "AdBlockerService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
 
 

CodeIntegrity:

===================================

  Date: 2016-09-09 03:59:42.185

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-09 01:51:43.273

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-09 00:46:02.996

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 23:43:56.870

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 23:15:21.642

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 22:47:23.639

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 22:38:40.737

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 22:31:19.109

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2016-09-08 22:30:28.787

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Pentium(R) 3558U @ 1.70GHz

Prozentuale Nutzung des RAM: 51%

Installierter physikalischer RAM: 8084.27 MB

Verfügbarer physikalischer RAM: 3919.29 MB

Summe virtueller Speicher: 9364.27 MB

Verfügbarer virtueller Speicher: 4777.24 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows8_OS) (Fixed) (Total:889.82 GB) (Free:52.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:2.51 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 35DA7228)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Es ist nie was aufgetaucht :/
Nur so PUP's, die hab ich dann sofort gelöscht.

dann auch bitte sinnigerweise die Logs MIT FUNDEN posten :kloppen:

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 30.12.2016

Suchlaufzeit: 03:58

Protokolldatei: malwarebytes-26.01.2017.txt

Administrator: Ja
 

Version: 2.2.0.1024

Malware-Datenbank: v2016.12.30.01

Rootkit-Datenbank: v2016.11.20.01

Lizenz: Kostenlose Version

Malware-Schutz: Deaktiviert

Schutz vor bösartigen Websites: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: Phil
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 337497

Abgelaufene Zeit: 37 Min., 27 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 1

PUP.Optional.DownloadProtect, C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe, 5236, Löschen bei Neustart, [a2d7b33a811993a3df467702857b6e92]
 

Module: 1

PUP.Optional.FusionCore, C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libmp3lame.dll, Löschen bei Neustart, [7108b23ba5f5ab8b97088fdf08f88d73], 
 

Registrierungsschlüssel: 19

PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [4a2f6885b6e495a18cef55fff60c52ae], 

PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [4a2f6885b6e495a18cef55fff60c52ae], 

PUP.Optional.Vondos, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browser-Security, In Quarantäne, [c1b84ca1ddbd46f00f7fa79747b95fa1], 

PUP.Optional.WebDiscoverBrowser, HKLM\SOFTWARE\WebDiscoverBrowser, In Quarantäne, [da9f09e41486b18514743049768dc63a], 

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, In Quarantäne, [c4b56489fd9d75c106a153eed0304eb2], 

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [4534a04dc0dad264c6cc84170ef4936d], 

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AAFCAFFA-9A80-4B23-8783-EEB754C440AF}, Löschen bei Neustart, [57223faed1c9d066510d71a540c022de], 

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered locel, Löschen bei Neustart, [3841a6479cfe42f4d918c4514cb4de22], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\LenovoBrowserGuard, In Quarantäne, [89f026c79dfd2b0bba3af4752ed2e11f], 

PUP.Optional.OffersOlymp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [a6d37974b5e59e987d62dfb67e82d52b], 

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [bfbadc111c7e9c9a9002128923df7789], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD, In Quarantäne, [5f1a1ad39bffe94db6f7d69446babc44], 

PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8ABBD5C4}, In Quarantäne, [3f3aa548f5a5b77f2cdb55390201cc34], 

PUP.Optional.InstallCore, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\csastats, In Quarantäne, [235675786733d26469b86c2407fcbf41], 

PUP.Optional.InstallCore, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\ICSW1.23, In Quarantäne, [3f3a7b727d1d83b36f9d10370af96e92], 

PUP.Optional.WebDiscoverBrowser, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\WebDiscoverBrowser, In Quarantäne, [6514905dc7d3082ee0a4b5c4eb18d62a], 

PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}, In Quarantäne, [5128cb226238fb3bae7b83c6dd23946c], 

PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080CAD-4ADC-49AC-8C63-EDA16E595CBD}, In Quarantäne, [1267509da3f7d066d4bd1b80d131b749], 

PUP.Optional.ProductSetup, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\PRODUCTSETUP, In Quarantäne, [b3c6f0fde7b3f44238ec1e328b78d62a], 
 

Registrierungswerte: 18

PUP.Optional.FusionCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\DVDVIDEOSOFT\LIB\LIBMP3LAME.DLL, 3, In Quarantäne, [7108b23ba5f5ab8b97088fdf08f88d73]

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49&param1=1&param2=f[c4b56489fd9d75c106a153eed0304eb2]D4%26b[c4b56489fd9d75c106a153eed0304eb2]DIE%26cc[c4b56489fd9d75c106a153eed0304eb2]Dde%26pa[c4b56489fd9d75c106a153eed0304eb2]DWincy%26cd[c4b56489fd9d75c106a153eed0304eb2]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[c4b56489fd9d75c106a153eed0304eb2]D1725735817%26a[c4b56489fd9d75c106a153eed0304eb2]Dwncy_fs_15_49%26os[c4b56489fd9d75c106a153eed0304eb2]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49&param1=1&param2=f[a9d057963367b482aafdc57ca45cf010]D4%26b[a9d057963367b482aafdc57ca45cf010]DIE%26cc[a9d057963367b482aafdc57ca45cf010]Dde%26pa[a9d057963367b482aafdc57ca45cf010]DWincy%26cd[a9d057963367b482aafdc57ca45cf010]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[a9d057963367b482aafdc57ca45cf010]D1725735817%26a[a9d057963367b482aafdc57ca45cf010]Dwncy_fs_15_49%26os[a9d057963367b482aafdc57ca45cf010]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36&param1=1&param2=f[4534a04dc0dad264c6cc84170ef4936d]D4%26b[4534a04dc0dad264c6cc84170ef4936d]DIE%26cc[4534a04dc0dad264c6cc84170ef4936d]Dde%26pa[4534a04dc0dad264c6cc84170ef4936d]DWincy%26cd[4534a04dc0dad264c6cc84170ef4936d]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[4534a04dc0dad264c6cc84170ef4936d]D452713350%26a[4534a04dc0dad264c6cc84170ef4936d]Dwbf_fsvideosft_16_36%26os_ver[4534a04dc0dad264c6cc84170ef4936d]D6.3%26os[4534a04dc0dad264c6cc84170ef4936d]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AAFCAFFA-9A80-4B23-8783-EEB754C440AF}|Path, \Yahoo! Powered locel, Löschen bei Neustart, [57223faed1c9d066510d71a540c022de]

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36&param1=1&param2=f[bfbadc111c7e9c9a9002128923df7789]D4%26b[bfbadc111c7e9c9a9002128923df7789]DIE%26cc[bfbadc111c7e9c9a9002128923df7789]Dde%26pa[bfbadc111c7e9c9a9002128923df7789]DWincy%26cd[bfbadc111c7e9c9a9002128923df7789]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[bfbadc111c7e9c9a9002128923df7789]D452713350%26a[bfbadc111c7e9c9a9002128923df7789]Dwbf_fsvideosft_16_36%26os_ver[bfbadc111c7e9c9a9002128923df7789]D6.3%26os[bfbadc111c7e9c9a9002128923df7789]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.LenovoBrowserGuard.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD|Publisher, ClientConnect LTD, In Quarantäne, [5f1a1ad39bffe94db6f7d69446babc44]

PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8abbd5c4}|1, 1458241516, In Quarantäne, [3f3aa548f5a5b77f2cdb55390201cc34]

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{86C15C86-7EC0-4D3A-A5FD-C011E82E301B}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [1d5cbb32ecaebd7951a8830ab3508c74]

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{8E3FA1BE-487E-4631-89B7-ED56BF5B16E6}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [c7b2bf2ecfcb06309168cac3b94ae31d]

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{9361F888-A3BA-4570-A873-C07129A8821B}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [8fea1dd01585d95d6099e6a7937041bf]

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{BA94C931-D33F-4259-A23E-145E0B5E84CF}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [047512dbf8a22511c336335a42c102fe]

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{E0F197DE-4865-44F9-BFE2-68F883018A48}|NameServer, 82.163.143.171 82.163.142.173, In Quarantäne, [3f3a5994c6d4a88ea257f697db281fe1]

PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49&param1=1&param2=f[5128cb226238fb3bae7b83c6dd23946c]D4%26b[5128cb226238fb3bae7b83c6dd23946c]DIE%26cc[5128cb226238fb3bae7b83c6dd23946c]Dde%26pa[5128cb226238fb3bae7b83c6dd23946c]DWincy%26cd[5128cb226238fb3bae7b83c6dd23946c]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[5128cb226238fb3bae7b83c6dd23946c]D1725735817%26a[5128cb226238fb3bae7b83c6dd23946c]Dwncy_fs_15_49%26os[5128cb226238fb3bae7b83c6dd23946c]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}|TopResultURLFallback, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_49&param1=1&param2=f[bcbd0ce1594149edf930341520e059a7]D4%26b[bcbd0ce1594149edf930341520e059a7]DIE%26cc[bcbd0ce1594149edf930341520e059a7]Dde%26pa[bcbd0ce1594149edf930341520e059a7]DWincy%26cd[bcbd0ce1594149edf930341520e059a7]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyEtAtAtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyCzytDtAzytByDtGtC0AzzzztG0D0F0AyBtGyEtAyE0DtG0EyE0B0EtC0CyByEtAyD0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[bcbd0ce1594149edf930341520e059a7]D1725735817%26a[bcbd0ce1594149edf930341520e059a7]Dwncy_fs_15_49%26os[bcbd0ce1594149edf930341520e059a7]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.WinYahoo, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{26080cad-4adc-49ac-8c63-eda16e595cbd}|URL, https://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_36&param1=1&param2=f[1267509da3f7d066d4bd1b80d131b749]D4%26b[1267509da3f7d066d4bd1b80d131b749]DIE%26cc[1267509da3f7d066d4bd1b80d131b749]Dde%26pa[1267509da3f7d066d4bd1b80d131b749]DWincy%26cd[1267509da3f7d066d4bd1b80d131b749]D2XzuyEtN2Y1L1Qzu0FyCtDyCyCzyzztC0E0F0DzytC0C0AyEtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDyBtDtCtByD0DtGyByCtAyBtG0Azy0D0FtGyBtAzyyEtGtByC0DyCtCzz0AyB0EtDtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByDzzyByC0CyE0AtGzzyD0E0DtGyEyCzyyBtGzztByEtDtGyC0F0BtBtA0F0D0CyEtDyBtC2QtN0A0LzuyE%26cr[1267509da3f7d066d4bd1b80d131b749]D452713350%26a[1267509da3f7d066d4bd1b80d131b749]Dwbf_fsvideosft_16_36%26os_ver[1267509da3f7d066d4bd1b80d131b749]D6.3%26os[1267509da3f7d066d4bd1b80d131b749]DWindowsIn QuarantäneB8.1&p={searchTerms}, %4, %5

PUP.Optional.DownloadProtect, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|safe_urls768, "C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe", In Quarantäne, [a2d7b33a811993a3df467702857b6e92]

PUP.Optional.ProductSetup, HKU\S-1-5-21-18176717-516900863-2037645015-1001\SOFTWARE\PRODUCTSETUP|tb, 0K2Y1J1E2T1S2X0X0Z1S1N1C2S1G, In Quarantäne, [b3c6f0fde7b3f44238ec1e328b78d62a]
 

Registrierungsdaten: 1

Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Gut: (8.8.8.8), Schlecht: (82.163.143.171 82.163.142.173),Ersetzt,[fe7bb13cb2e8bd79e63daa360300ac54]
 

Ordner: 43

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.SysTweak, C:\Users\Phil\AppData\Roaming\systweak, In Quarantäne, [64157c7165359f97efbbb7a6a65a857b], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp\simple-storage, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\_metadata, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Program Files (x86)\Offers Olymp, In Quarantäne, [96e3915c7822082e652b197daf514bb5], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\firefox@browser-security.de, In Quarantäne, [99e0bd304c4e9b9bbf206f557d83619f], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\firefox@browser-security.de\simple-storage, In Quarantäne, [99e0bd304c4e9b9bbf206f557d83619f], 

PUP.Optional.OpenCandy, C:\Users\Phil\AppData\Roaming\OpenCandy, In Quarantäne, [36433bb2f0aa63d3fb512752dc2642be], 

PUP.Optional.OpenCandy, C:\Users\Phil\AppData\Roaming\OpenCandy\7EF2F133A3EE46D2BB9B72E0E75D2AB6, In Quarantäne, [36433bb2f0aa63d3fb512752dc2642be], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security, Löschen bei Neustart, [3049a944d8c27eb81e0ba0f530d2758b], 

PUP.Optional.Winsere, C:\Program Files (x86)\Winsere, In Quarantäne, [7ffa38b51d7dcc6a043cc3d6cd3546ba], 

PUP.Optional.Winsere, C:\Program Files (x86)\Winsere\Winsere, In Quarantäne, [7ffa38b51d7dcc6a043cc3d6cd3546ba], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\4987ceef-0673-0, In Quarantäne, [de9bc22b900ad75fb75c3f5b748e7c84], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\4987ceef-6d21-1, In Quarantäne, [c4b5e805cdcd1b1b7a99326825dda957], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{073785f0-012c-0}, In Quarantäne, [78011cd1603ae94db262128806fc9c64], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{094fb846-012c-1}, In Quarantäne, [e2976f7e564471c532e2c0dac43e40c0], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{0e63db1c-512c-0}, In Quarantäne, [f98002eb6c2e95a11ef6910947bba858], 

PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{31dfb2e4-012c-1}, In Quarantäne, [68113eaffd9d72c4858fd6c47e8449b7], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 
 

Dateien: 128

PUP.Optional.FusionCore, C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libmp3lame.dll, Löschen bei Neustart, [7108b23ba5f5ab8b97088fdf08f88d73], 

Adware.FusionCore, C:\Users\Phil\AppData\Local\Microsoft\Windows\INetCache\emuletorrent.exe, In Quarantäne, [b1c85895504a72c44a5c26de6a96c53b], 

Trojan.Downloader, C:\Program Files (x86)\Video DVD Maker\download_codecs.exe, In Quarantäne, [0079e10c0892ff37867aeedb40c1837d], 

Adware.FusionCore, C:\Program Files (x86)\eMuleTorrent\eMuleTorrent.exe, In Quarantäne, [82f70de0f0aa81b5d7cff212c040817f], 

PUP.Optional.BundleInstaller, C:\Users\Phil\AppData\Local\Temp\13121700669229037601.exe, In Quarantäne, [4237ca236733e84e4633c240c43da25e], 

PUP.Optional.FusionCore, C:\Users\Phil\AppData\Local\Temp\is-KAGUD.tmp\Fusion.dll, In Quarantäne, [87f237b639616dc9a80b930d50b0df21], 

PUP.Optional.FusionCore, C:\Users\Phil\AppData\Local\Temp\is-UGMJI.tmp\Fusion.dll, In Quarantäne, [aecbea03fb9ff93d0ba8a9f7d32da65a], 

PUP.Optional.InstallCore, C:\Users\Phil\Downloads\Installer_For_Nero_Burning_Rom.exe, In Quarantäne, [3a3f8667aaf065d1b6ce1374ce33ff01], 

PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeDVDVideoConverter_2.0.65.823_d(1).exe, In Quarantäne, [24552bc20397082eabf4b1bdd22eaa56], 

PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeDVDVideoConverter_2.0.65.823_d.exe, In Quarantäne, [3148b9343f5b53e38718412d33cd3cc4], 

PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeYouTubeToDVDConverter_3.1.103.829_d.exe, In Quarantäne, [c8b11bd2227839fd732c36381ee29070], 

PUP.Optional.FusionCore, C:\Users\Phil\Downloads\FreeYouTubeToMP3Converter_4.1.28.831_d.exe, In Quarantäne, [fe7ba04d910940f6ebb44e207c8457a9], 

PUP.Optional.Vondos, C:\Users\Phil\AppData\Roaming\Browser-Security\uninstall.exe, In Quarantäne, [c1b84ca1ddbd46f00f7fa79747b95fa1], 

PUP.Optional.WinYahoo, C:\Windows\System32\Tasks\Yahoo! Powered locel, In Quarantäne, [1861a04d13875ed8cc2427ee7090a060], 

PUP.Optional.WinYahoo, C:\Windows\Tasks\Yahoo! Powered locel.job, In Quarantäne, [6d0ca8454852f244bbb9849255abd62a], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\doso.txt, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\hdat1, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\hdat2, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\mala, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{1C48D92B-960A-53ED-10CC-CDAF8A8E4661}\midefe, In Quarantäne, [4a2ff7f6c4d63afc2d0d87fc25dbbb45], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\doso.txt, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\aowLC, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\hdat1, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\hdat2, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\midefe, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\sXwbG, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.WinYahoo.Generic, C:\ProgramData\{2B4CEE2F-A10E-64E9-27C8-FAABBD8A7165}\tote, In Quarantäne, [18614e9f6733ff37e159fd8607f935cb], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\@offersolymp.xpi, In Quarantäne, [d0a94e9f8317231359a5b0e4d42cf50b], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\extensions\firefox@browser-security.de.xpi, In Quarantäne, [c3b6fcf13d5d49ed8b0087dae91a6997], 

PUP.Optional.WinYahoo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, In Quarantäne, [c1b85e8f2c6e6fc7f1f5db9fcf3443bd], 

PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage, In Quarantäne, [b9c0806dd4c6191d54b3bac133d0df21], 

PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage-journal, In Quarantäne, [7108519cc8d20f27a265ed8e59aa8779], 

PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage, In Quarantäne, [4a2f717c6b2fe0561debe89326dd41bf], 

PUP.Optional.YourSearching.ShrtCln, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yoursearching.com_0.localstorage-journal, In Quarantäne, [99e047a694069c9a4bbddf9ccc3747b9], 

PUP.Optional.WinYahoo, C:\Program Files (x86)\Mozilla Firefox\browser\components\mrt.js, In Quarantäne, [1c5d658852484ee8ab59a1e5fd0623dd], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\4187f8f8a43b5971a9b33d8538b5098f.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\68da72d5eb8a9b2ba5c1aa2c44169dad.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\ad71cd37b38ea225add63e29b9fa7d28.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\2d816281f7d438cf3b281250a6dd49ac\d0b793487b63caaa5cea4df171a0f27d.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\0a9a85550d5ce75d402429f49ea7c78f.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\0c1a4bd194c5dd89781223bdc34d64c4.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\276fb25d355538b4368f8a6a6cb93f86, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\4187f8f8a43b5971a9b33d8538b5098f.ico, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\8f65750e2f58adcff88b41f833be1d08.exe, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\a8840dc665557850f806576f9bd6e914.cfg, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.Wajam.Gen, C:\Program Files\84a84e438f4a70c121672b6640e31105\a8840dc665557850f806576f9bd6e914.inf, In Quarantäne, [adcc16d7108a38fea809365510f37090], 

PUP.Optional.DownloadProtect, C:\Users\Phil\AppData\Roaming\Browser-Security\s768.exe, Löschen bei Neustart, [a2d7b33a811993a3df467702857b6e92], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\json2.min.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\main.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\defaults.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.LenovoBrowserGuard.AppFlsh, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [fb7e14d906941f17f293313625dbd62a], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\jetpack\@offersolymp\simple-storage\store.json, In Quarantäne, [c2b78469fe9c15219a9f8411f20efd03], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\background.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon128.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon16.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\icon48.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\manifest.json, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\content.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\index.html, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\main.css, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\main.js, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\content\pxl2.png, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.5_0\_metadata\verified_contents.json, In Quarantäne, [b0c9e904405a94a29cf3cbcb1be5d927], 

PUP.Optional.OffersOlymp, C:\Program Files (x86)\Offers Olymp\bbiilhoacmmppcmcogfmaailncbelbgn.crx, In Quarantäne, [96e3915c7822082e652b197daf514bb5], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security\data, In Quarantäne, [3049a944d8c27eb81e0ba0f530d2758b], 

PUP.Optional.BrowserSecurity, C:\Users\Phil\AppData\Roaming\Browser-Security\license.rtf, In Quarantäne, [3049a944d8c27eb81e0ba0f530d2758b], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\HowToRemove.html, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\chromium-min.jpg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\down.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\ff menu.JPG, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\ff search engine-min.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\hp-min ff.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\hp-min ie.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\search engine.gif, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\setup pages.gif, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\sp-min.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\start-min.jpg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\HowToRemove\up.png, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\bapi16.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\bapi17.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\cito, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\install.log, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\leni, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\soco, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\soni.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\Sqlite3.dll, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\toro.cfg, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.dat, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{420E7452-66A6-18EA-0B3E-3D022F56C19A}\uninst.exe, In Quarantäne, [fa7f04e9504aa393eeeacd27fb08a45c], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\HowToRemove.html, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\chromium-min.jpg, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\down.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\ff menu.JPG, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\ff search engine-min.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\hp-min ff.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\hp-min ie.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\search engine.gif, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\setup pages.gif, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\sp-min.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\start-min.jpg, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\HowToRemove\up.png, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\config.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\info.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\install.log, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\noso, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\Sqlite3.dll, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Local\{A8709E2C-8CD8-F294-E140-D77CC5282BE4}\uninst.dat, In Quarantäne, [196031bc5b3f82b42cac4fa539ca5ba5], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\yahoo! powered.xml, In Quarantäne, [de9b2fbe5149c571c51e3aba1fe429d7], 

PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js, In Quarantäne, [3841de0f5347b2842efdf6fef50e956b], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml, In Quarantäne, [ed8c9c51297139fd776c1cd89b68a25e], 

PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\user.js, In Quarantäne, [1069ec017228f442f83341b3f90ad030], 

PUP.Optional.WinYahoo, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\yahoo! powered.xml, In Quarantäne, [7afffcf128723402eef5cf25bd461fe1], 

PUM.Optional.FireFoxSecurityOverride, C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\user.js, In Quarantäne, [0d6cb33a18820e28999246aee61dca36], 
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Düdüm, sorry :'D

Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Deinstallation abgeschlossen.

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Code:

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org
 

Database version:

  main:    v2014.11.18.05

  rootkit: v2014.11.12.01
 

Windows 8.1 x64 NTFS

Internet Explorer 11.0.9600.18538

Phil :: SUPERPARCHITA [administrator]
 

26.01.2017 15:33:09

mbar-log-2017-01-26 (15-33-09).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 371982

Time elapsed: 1 hour(s), 3 minute(s), 45 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

Code:

20:40:29.0103 0x193c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01

20:40:29.0103 0x193c  UEFI system

20:40:35.0655 0x193c  ============================================================

20:40:35.0655 0x193c  Current date / time: 2017/01/26 20:40:35.0655

20:40:35.0655 0x193c  SystemInfo:

20:40:35.0655 0x193c  

20:40:35.0655 0x193c  OS Version: 6.3.9600 ServicePack: 0.0

20:40:35.0656 0x193c  Product type: Workstation

20:40:35.0656 0x193c  ComputerName: SUPERPARCHITA

20:40:35.0656 0x193c  UserName: Phil

20:40:35.0656 0x193c  Windows directory: C:\WINDOWS

20:40:35.0656 0x193c  System windows directory: C:\WINDOWS

20:40:35.0656 0x193c  Running under WOW64

20:40:35.0656 0x193c  Processor architecture: Intel x64

20:40:35.0656 0x193c  Number of processors: 2

20:40:35.0656 0x193c  Page size: 0x1000

20:40:35.0656 0x193c  Boot type: Normal boot

20:40:35.0656 0x193c  CodeIntegrityOptions = 0x00000001

20:40:35.0656 0x193c  ============================================================

20:40:36.0487 0x193c  KLMD registered as C:\WINDOWS\system32\drivers\33825173.sys

20:40:36.0488 0x193c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19

20:40:39.0003 0x193c  System UUID: {C334BC4C-398D-93C8-1075-E5F506D16C21}

20:40:40.0268 0x193c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:40:40.0272 0x193c  ============================================================

20:40:40.0272 0x193c  \Device\Harddisk0\DR0:

20:40:40.0272 0x193c  GPT partitions:

20:40:40.0272 0x193c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D7E0B6FB-E275-449D-AD2B-34F0539C091F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000

20:40:40.0272 0x193c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {91CC3BA4-D96F-416D-A9B0-EA3F4AE89923}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000

20:40:40.0272 0x193c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {99D1CE56-F334-46DB-A809-EAD15CCD76C8}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000

20:40:40.0273 0x193c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E6A679AB-B102-46B6-8B6E-4AD991123CD9}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000

20:40:40.0273 0x193c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9DE476CF-8629-4F88-8CA2-2DF199D7C690}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3A5800

20:40:40.0273 0x193c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C114FAB-374E-4D69-AF5D-9B2220D8E5BC}, Name: Basic data partition, StartLBA 0x6F850000, BlocksNum 0x3200000

20:40:40.0273 0x193c  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {62BA94D9-7E48-4BD9-AFB4-B35177B7D901}, Name: Basic data partition, StartLBA 0x72A50000, BlocksNum 0x1CB6800

20:40:40.0273 0x193c  MBR partitions:

20:40:40.0273 0x193c  ============================================================

20:40:40.0304 0x193c  C: <-> \Device\Harddisk0\DR0\Partition5

20:40:40.0343 0x193c  D: <-> \Device\Harddisk0\DR0\Partition6

20:40:40.0343 0x193c  ============================================================

20:40:40.0343 0x193c  Initialize success

20:40:40.0343 0x193c  ============================================================

20:40:41.0572 0x187c  ============================================================

20:40:41.0572 0x187c  Scan started

20:40:41.0572 0x187c  Mode: Manual; 

20:40:41.0572 0x187c  ============================================================

20:40:41.0572 0x187c  KSN ping started

20:40:41.0791 0x187c  KSN ping finished: true

20:40:44.0196 0x187c  ================ Scan system memory ========================

20:40:44.0196 0x187c  System memory - ok

20:40:44.0197 0x187c  ================ Scan services =============================

20:40:44.0393 0x187c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys

20:40:44.0401 0x187c  1394ohci - ok

20:40:44.0433 0x187c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys

20:40:44.0436 0x187c  3ware - ok

20:40:44.0484 0x187c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys

20:40:44.0503 0x187c  ACPI - ok

20:40:44.0525 0x187c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys

20:40:44.0528 0x187c  acpiex - ok

20:40:44.0541 0x187c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys

20:40:44.0542 0x187c  acpipagr - ok

20:40:44.0567 0x187c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys

20:40:44.0569 0x187c  AcpiPmi - ok

20:40:44.0577 0x187c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys

20:40:44.0578 0x187c  acpitime - ok

20:40:44.0636 0x187c  [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys

20:40:44.0638 0x187c  ACPIVPC - ok

20:40:44.0706 0x187c  [ 1E16C9A8CFBE5D2317EADA233389928D, F08F65B4170104556BF8F2CD19D553D863DE5E1167CDE433C85DFE78C0F1DD96 ] AdBlockerService C:\Program Files (x86)\AdBlocker\AdBlockerService.exe

20:40:44.0708 0x187c  AdBlockerService - ok

20:40:44.0844 0x187c  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:40:44.0853 0x187c  AdobeFlashPlayerUpdateSvc - ok

20:40:44.0906 0x187c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS

20:40:44.0928 0x187c  ADP80XX - ok

20:40:44.0964 0x187c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll

20:40:44.0971 0x187c  AeLookupSvc - ok

20:40:45.0040 0x187c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys

20:40:45.0055 0x187c  AFD - ok

20:40:45.0077 0x187c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys

20:40:45.0079 0x187c  agp440 - ok

20:40:45.0131 0x187c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys

20:40:45.0133 0x187c  ahcache - ok

20:40:45.0168 0x187c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe

20:40:45.0171 0x187c  ALG - ok

20:40:45.0209 0x187c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys

20:40:45.0213 0x187c  AmdK8 - ok

20:40:45.0225 0x187c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys

20:40:45.0229 0x187c  AmdPPM - ok

20:40:45.0245 0x187c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys

20:40:45.0248 0x187c  amdsata - ok

20:40:45.0277 0x187c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys

20:40:45.0285 0x187c  amdsbs - ok

20:40:45.0304 0x187c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys

20:40:45.0305 0x187c  amdxata - ok

20:40:45.0333 0x187c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys

20:40:45.0335 0x187c  AppID - ok

20:40:45.0359 0x187c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll

20:40:45.0361 0x187c  AppIDSvc - ok

20:40:45.0416 0x187c  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll

20:40:45.0423 0x187c  Appinfo - ok

20:40:45.0550 0x187c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:40:45.0554 0x187c  Apple Mobile Device Service - ok

20:40:45.0603 0x187c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll

20:40:45.0621 0x187c  AppReadiness - ok

20:40:45.0701 0x187c  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll

20:40:45.0733 0x187c  AppXSvc - ok

20:40:45.0798 0x187c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys

20:40:45.0802 0x187c  arcsas - ok

20:40:45.0843 0x187c  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:40:45.0844 0x187c  AsyncMac - ok

20:40:45.0856 0x187c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

20:40:45.0858 0x187c  atapi - ok

20:40:45.0913 0x187c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

20:40:45.0919 0x187c  AudioEndpointBuilder - ok

20:40:45.0960 0x187c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll

20:40:45.0981 0x187c  Audiosrv - ok

20:40:46.0006 0x187c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll

20:40:46.0010 0x187c  AxInstSV - ok

20:40:46.0048 0x187c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys

20:40:46.0063 0x187c  b06bdrv - ok

20:40:46.0094 0x187c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys

20:40:46.0095 0x187c  BasicDisplay - ok

20:40:46.0108 0x187c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys

20:40:46.0110 0x187c  BasicRender - ok

20:40:46.0134 0x187c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys

20:40:46.0135 0x187c  bcmfn2 - ok

20:40:46.0196 0x187c  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll

20:40:46.0206 0x187c  BDESVC - ok

20:40:46.0223 0x187c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

20:40:46.0224 0x187c  Beep - ok

20:40:46.0285 0x187c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll

20:40:46.0305 0x187c  BFE - ok

20:40:46.0372 0x187c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll

20:40:46.0399 0x187c  BITS - ok

20:40:46.0486 0x187c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:40:46.0497 0x187c  Bonjour Service - ok

20:40:46.0524 0x187c  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys

20:40:46.0527 0x187c  bowser - ok

20:40:46.0569 0x187c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

20:40:46.0576 0x187c  BrokerInfrastructure - ok

20:40:46.0608 0x187c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll

20:40:46.0613 0x187c  Browser - ok

20:40:46.0661 0x187c  [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys

20:40:46.0666 0x187c  BthA2DP - ok

20:40:46.0693 0x187c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

20:40:46.0695 0x187c  BthAvrcpTg - ok

20:40:46.0727 0x187c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys

20:40:46.0731 0x187c  BthEnum - ok

20:40:46.0760 0x187c  [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys

20:40:46.0762 0x187c  BthHFAud - ok

20:40:46.0810 0x187c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys

20:40:46.0812 0x187c  BthHFEnum - ok

20:40:46.0832 0x187c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys

20:40:46.0833 0x187c  bthhfhid - ok

20:40:46.0868 0x187c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll

20:40:46.0878 0x187c  BthHFSrv - ok

20:40:46.0916 0x187c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys

20:40:46.0924 0x187c  BthLEEnum - ok

20:40:46.0944 0x187c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys

20:40:46.0946 0x187c  BTHMODEM - ok

20:40:46.0974 0x187c  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys

20:40:46.0978 0x187c  BthPan - ok

20:40:47.0064 0x187c  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys

20:40:47.0103 0x187c  BTHPORT - ok

20:40:47.0123 0x187c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll

20:40:47.0127 0x187c  bthserv - ok

20:40:47.0173 0x187c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys

20:40:47.0176 0x187c  BTHUSB - ok

20:40:47.0206 0x187c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys

20:40:47.0209 0x187c  cdfs - ok

20:40:47.0229 0x187c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys

20:40:47.0236 0x187c  cdrom - ok

20:40:47.0272 0x187c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll

20:40:47.0277 0x187c  CertPropSvc - ok

20:40:47.0292 0x187c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys

20:40:47.0294 0x187c  circlass - ok

20:40:47.0364 0x187c  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys

20:40:47.0374 0x187c  CLFS - ok

20:40:47.0635 0x187c  [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

20:40:47.0723 0x187c  ClickToRunSvc - ok

20:40:47.0757 0x187c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys

20:40:47.0758 0x187c  CmBatt - ok

20:40:47.0825 0x187c  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys

20:40:47.0840 0x187c  CNG - ok

20:40:47.0915 0x187c  [ 38FB50952621B66F64CE8478293D9181, 74C615117404393ED8249196907477CF5954E7CA99DA18844619C9587B721351 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys

20:40:47.0957 0x187c  CnxtHdAudService - ok

20:40:47.0992 0x187c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys

20:40:47.0994 0x187c  CompositeBus - ok

20:40:47.0999 0x187c  COMSysApp - ok

20:40:48.0004 0x187c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys

20:40:48.0006 0x187c  condrv - ok

20:40:48.0080 0x187c  [ AE49702BBAB1497DF5D9B2B7B101FE0E, 4E98C8185B0552F0B529B8052AE7010458E912172CF8D869C15B72AF6E46CF5F ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

20:40:48.0109 0x187c  cphs - ok

20:40:48.0151 0x187c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll

20:40:48.0154 0x187c  CryptSvc - ok

20:40:48.0180 0x187c  [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe

20:40:48.0186 0x187c  CxAudMsg - ok

20:40:48.0205 0x187c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys

20:40:48.0207 0x187c  dam - ok

20:40:48.0211 0x187c  dbx - ok

20:40:48.0256 0x187c  [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe

20:40:48.0258 0x187c  DbxSvc - ok

20:40:48.0327 0x187c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

20:40:48.0348 0x187c  DcomLaunch - ok

20:40:48.0401 0x187c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll

20:40:48.0415 0x187c  defragsvc - ok

20:40:48.0460 0x187c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

20:40:48.0472 0x187c  DeviceAssociationService - ok

20:40:48.0498 0x187c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll

20:40:48.0503 0x187c  DeviceInstall - ok

20:40:48.0560 0x187c  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys

20:40:48.0565 0x187c  Dfsc - ok

20:40:48.0606 0x187c  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys

20:40:48.0611 0x187c  dg_ssudbus - ok

20:40:48.0644 0x187c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll

20:40:48.0653 0x187c  Dhcp - ok

20:40:48.0726 0x187c  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll

20:40:48.0768 0x187c  DiagTrack - ok

20:40:48.0901 0x187c  [ 465949FD7AF3931B415D3FE2193DB782, 4EE3881F62183EF4F9A32EBADC019DD1FB70A2FE009503130146343FA7915E36 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

20:40:48.0911 0x187c  DigitalWave.Update.Service - ok

20:40:48.0973 0x187c  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys

20:40:48.0980 0x187c  disk - ok

20:40:49.0010 0x187c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys

20:40:49.0012 0x187c  dmvsc - ok

20:40:49.0090 0x187c  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

20:40:49.0104 0x187c  Dnscache - ok

20:40:49.0156 0x187c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll

20:40:49.0174 0x187c  dot3svc - ok

20:40:49.0209 0x187c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll

20:40:49.0214 0x187c  DPS - ok

20:40:49.0259 0x187c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

20:40:49.0260 0x187c  drmkaud - ok

20:40:49.0296 0x187c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll

20:40:49.0302 0x187c  DsmSvc - ok

20:40:49.0399 0x187c  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys

20:40:49.0440 0x187c  DXGKrnl - ok

20:40:49.0485 0x187c  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys

20:40:49.0499 0x187c  e1iexpress - ok

20:40:49.0529 0x187c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll

20:40:49.0533 0x187c  Eaphost - ok

20:40:49.0653 0x187c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys

20:40:49.0739 0x187c  ebdrv - ok

20:40:49.0776 0x187c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe

20:40:49.0778 0x187c  EFS - ok

20:40:49.0792 0x187c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys

20:40:49.0795 0x187c  EhStorClass - ok

20:40:49.0818 0x187c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

20:40:49.0822 0x187c  EhStorTcgDrv - ok

20:40:49.0837 0x187c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys

20:40:49.0838 0x187c  ErrDev - ok

20:40:49.0870 0x187c  [ C9EC31F59DF549819862E8DA83E5E9B0, 5F53AEF5276D495C095CD05CC8A598CD364A16DE058F0DF46FD3C3D6446244D5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys

20:40:49.0881 0x187c  ETD - ok

20:40:49.0947 0x187c  [ BFFD4F272773F73F9A17A54469EF1B40, FF2981D15BB5A6B83D320BAC20D29E1906397026B8DDD4DBB5F948577E9DC4EF ] ETDService      C:\Program Files\Elantech\ETDService.exe

20:40:49.0950 0x187c  ETDService - ok

20:40:50.0009 0x187c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll

20:40:50.0022 0x187c  EventSystem - ok

20:40:50.0115 0x187c  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe

20:40:50.0130 0x187c  EvtEng - ok

20:40:50.0170 0x187c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys

20:40:50.0176 0x187c  exfat - ok

20:40:50.0196 0x187c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys

20:40:50.0203 0x187c  fastfat - ok

20:40:50.0250 0x187c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe

20:40:50.0270 0x187c  Fax - ok

20:40:50.0307 0x187c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys

20:40:50.0308 0x187c  fdc - ok

20:40:50.0336 0x187c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll

20:40:50.0338 0x187c  fdPHost - ok

20:40:50.0353 0x187c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll

20:40:50.0356 0x187c  FDResPub - ok

20:40:50.0377 0x187c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll

20:40:50.0382 0x187c  fhsvc - ok

20:40:50.0403 0x187c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys

20:40:50.0405 0x187c  FileInfo - ok

20:40:50.0427 0x187c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys

20:40:50.0428 0x187c  Filetrace - ok

20:40:50.0442 0x187c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys

20:40:50.0443 0x187c  flpydisk - ok

20:40:50.0474 0x187c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

20:40:50.0484 0x187c  FltMgr - ok

20:40:50.0580 0x187c  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\WINDOWS\system32\FntCache.dll

20:40:50.0613 0x187c  FontCache - ok

20:40:50.0688 0x187c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:40:50.0689 0x187c  FontCache3.0.0.0 - ok

20:40:50.0721 0x187c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys

20:40:50.0723 0x187c  FsDepends - ok

20:40:50.0742 0x187c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:40:50.0744 0x187c  Fs_Rec - ok

20:40:50.0813 0x187c  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys

20:40:50.0832 0x187c  fvevol - ok

20:40:50.0856 0x187c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys

20:40:50.0858 0x187c  FxPPM - ok

20:40:50.0872 0x187c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys

20:40:50.0874 0x187c  gagp30kx - ok

20:40:50.0906 0x187c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys

20:40:50.0907 0x187c  gencounter - ok

20:40:50.0942 0x187c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys

20:40:50.0947 0x187c  GPIOClx0101 - ok

20:40:51.0033 0x187c  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll

20:40:51.0072 0x187c  gpsvc - ok

20:40:51.0180 0x187c  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:40:51.0184 0x187c  gupdate - ok

20:40:51.0191 0x187c  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:40:51.0194 0x187c  gupdatem - ok

20:40:51.0237 0x187c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys

20:40:51.0252 0x187c  HdAudAddService - ok

20:40:51.0289 0x187c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys

20:40:51.0293 0x187c  HDAudBus - ok

20:40:51.0311 0x187c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys

20:40:51.0312 0x187c  HidBatt - ok

20:40:51.0361 0x187c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys

20:40:51.0365 0x187c  HidBth - ok

20:40:51.0380 0x187c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys

20:40:51.0382 0x187c  hidi2c - ok

20:40:51.0395 0x187c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys

20:40:51.0397 0x187c  HidIr - ok

20:40:51.0425 0x187c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll

20:40:51.0427 0x187c  hidserv - ok

20:40:51.0485 0x187c  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys

20:40:51.0486 0x187c  HidUsb - ok

20:40:51.0522 0x187c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll

20:40:51.0526 0x187c  hkmsvc - ok

20:40:51.0567 0x187c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

20:40:51.0577 0x187c  HomeGroupListener - ok

20:40:51.0621 0x187c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

20:40:51.0633 0x187c  HomeGroupProvider - ok

20:40:51.0663 0x187c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys

20:40:51.0665 0x187c  HpSAMD - ok

20:40:51.0745 0x187c  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys

20:40:51.0773 0x187c  HTTP - ok

20:40:51.0812 0x187c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys

20:40:51.0813 0x187c  hwpolicy - ok

20:40:51.0835 0x187c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys

20:40:51.0836 0x187c  hyperkbd - ok

20:40:51.0851 0x187c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

20:40:51.0852 0x187c  HyperVideo - ok

20:40:51.0908 0x187c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys

20:40:51.0911 0x187c  i8042prt - ok

20:40:51.0932 0x187c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

20:40:51.0934 0x187c  iaLPSSi_GPIO - ok

20:40:51.0953 0x187c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

20:40:51.0956 0x187c  iaLPSSi_I2C - ok

20:40:51.0997 0x187c  [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys

20:40:52.0013 0x187c  iaStorA - ok

20:40:52.0068 0x187c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys

20:40:52.0086 0x187c  iaStorAV - ok

20:40:52.0160 0x187c  [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

20:40:52.0161 0x187c  IAStorDataMgrSvc - ok

20:40:52.0193 0x187c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys

20:40:52.0203 0x187c  iaStorV - ok

20:40:52.0294 0x187c  [ 351282A1CA1D8921028C3F653746FA20, F0C256880C6B638AF8F0EBC5D281C432090FC1DCA98E0A8F908C98EF446EF627 ] ibtsiva.exe     C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe

20:40:52.0297 0x187c  ibtsiva.exe - ok

20:40:52.0332 0x187c  [ 9C8AB34D88A61878D4A72FD55ED65674, CC109CDA60A0CE5E31509B02D4BB8F8906C405089D84D4A8570C42E0D6DC8E49 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys

20:40:52.0338 0x187c  ibtusb - ok

20:40:52.0342 0x187c  IEEtwCollectorService - ok

20:40:52.0480 0x187c  [ 540E8D8F386F38F9609572FE92997DA1, DF8DACC88437B6A97FD184C8813784FB6710461623242F45D1E6B5C23DB34D2D ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

20:40:52.0580 0x187c  igfx - ok

20:40:52.0623 0x187c  [ 2C1A1DB9ED1BEEC1CE6632225A7CDFA9, 93553F5FBDF88046E44FBADD2732ABC10C19098C9E338450FD69D1D216504562 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe

20:40:52.0631 0x187c  igfxCUIService1.0.0.0 - ok

20:40:52.0714 0x187c  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll

20:40:52.0742 0x187c  IKEEXT - ok

20:40:52.0771 0x187c  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

20:40:52.0773 0x187c  intaud_WaveExtensible - ok

20:40:52.0819 0x187c  [ 5F6F8E55DDB25BC41497DD11A85FC257, 45EF15064644729A776BBF35A790E23246309939A1614369553371EC82786890 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

20:40:52.0832 0x187c  IntcDAud - ok

20:40:52.0887 0x187c  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

20:40:52.0907 0x187c  Intel(R) Capability Licensing Service Interface - ok

20:40:52.0961 0x187c  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

20:40:52.0983 0x187c  Intel(R) Capability Licensing Service TCP IP Interface - ok

20:40:53.0005 0x187c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys

20:40:53.0006 0x187c  intelide - ok

20:40:53.0030 0x187c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

20:40:53.0032 0x187c  intelpep - ok

20:40:53.0048 0x187c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys

20:40:53.0052 0x187c  intelppm - ok

20:40:53.0081 0x187c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:40:53.0084 0x187c  IpFilterDriver - ok

20:40:53.0159 0x187c  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll

20:40:53.0182 0x187c  iphlpsvc - ok

20:40:53.0232 0x187c  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys

20:40:53.0235 0x187c  IPMIDRV - ok

20:40:53.0257 0x187c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys

20:40:53.0261 0x187c  IPNAT - ok

20:40:53.0274 0x187c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

20:40:53.0275 0x187c  IRENUM - ok

20:40:53.0294 0x187c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys

20:40:53.0296 0x187c  isapnp - ok

20:40:53.0334 0x187c  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys

20:40:53.0344 0x187c  iScsiPrt - ok

20:40:53.0365 0x187c  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys

20:40:53.0367 0x187c  iwdbus - ok

20:40:53.0418 0x187c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

20:40:53.0422 0x187c  jhi_service - ok

20:40:53.0446 0x187c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys

20:40:53.0448 0x187c  kbdclass - ok

20:40:53.0490 0x187c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys

20:40:53.0492 0x187c  kbdhid - ok

20:40:53.0506 0x187c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys

20:40:53.0507 0x187c  kdnic - ok

20:40:53.0526 0x187c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe

20:40:53.0529 0x187c  KeyIso - ok

20:40:53.0533 0x187c  KMDFVirtualKbd - ok

20:40:53.0578 0x187c  [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys

20:40:53.0579 0x187c  KMDFVirtualMouse - ok

20:40:53.0639 0x187c  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys

20:40:53.0642 0x187c  KSecDD - ok

20:40:53.0693 0x187c  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys

20:40:53.0699 0x187c  KSecPkg - ok

20:40:53.0724 0x187c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys

20:40:53.0725 0x187c  ksthunk - ok

20:40:53.0842 0x187c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll

20:40:53.0865 0x187c  KtmRm - ok

20:40:53.0912 0x187c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll

20:40:53.0924 0x187c  LanmanServer - ok

20:40:53.0961 0x187c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

20:40:53.0986 0x187c  LanmanWorkstation - ok

20:40:54.0044 0x187c  [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe

20:40:54.0059 0x187c  Lenovo EasyPlus Hotspot - ok

20:40:54.0153 0x187c  [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe

20:40:54.0176 0x187c  Lenovo System Agent Service - ok

20:40:54.0234 0x187c  [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe

20:40:54.0246 0x187c  LenovoWiFiHotspotSvr - ok

20:40:54.0316 0x187c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll

20:40:54.0332 0x187c  lfsvc - ok

20:40:54.0355 0x187c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys

20:40:54.0357 0x187c  lltdio - ok

20:40:54.0394 0x187c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll

20:40:54.0403 0x187c  lltdsvc - ok

20:40:54.0432 0x187c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll

20:40:54.0434 0x187c  lmhosts - ok

20:40:54.0486 0x187c  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

20:40:54.0498 0x187c  LMS - ok

20:40:54.0586 0x187c  [ DB470EC2922A1DA3936CAFD2647B7C52, 2B973A2685031EDD1026B98070699384F11EF7AE574DC429A69B352B18047403 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe

20:40:54.0601 0x187c  LSCWinService - ok

20:40:54.0635 0x187c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys

20:40:54.0639 0x187c  LSI_SAS - ok

20:40:54.0658 0x187c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys

20:40:54.0662 0x187c  LSI_SAS2 - ok

20:40:54.0677 0x187c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys

20:40:54.0680 0x187c  LSI_SAS3 - ok

20:40:54.0707 0x187c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys

20:40:54.0711 0x187c  LSI_SSS - ok

20:40:54.0800 0x187c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll

20:40:54.0826 0x187c  LSM - ok

20:40:54.0846 0x187c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys

20:40:54.0850 0x187c  luafv - ok

20:40:54.0906 0x187c  [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService       C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe

20:40:54.0907 0x187c  LUService - ok

20:40:54.0937 0x187c  [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam         C:\WINDOWS\system32\DRIVERS\mcvidrv.sys

20:40:54.0939 0x187c  ManyCam - ok

20:40:55.0038 0x187c  [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe

20:40:55.0056 0x187c  ManyCam Service - ok

20:40:55.0113 0x187c  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

20:40:55.0114 0x187c  MBAMProtector - ok

20:40:55.0216 0x187c  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

20:40:55.0252 0x187c  MBAMScheduler - ok

20:40:55.0308 0x187c  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

20:40:55.0336 0x187c  MBAMService - ok

20:40:55.0420 0x187c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

20:40:55.0425 0x187c  MBAMSwissArmy - ok

20:40:55.0458 0x187c  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys

20:40:55.0461 0x187c  MBAMWebAccessControl - ok

20:40:55.0480 0x187c  [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys

20:40:55.0482 0x187c  mcaudrv_simple - ok

20:40:55.0507 0x187c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys

20:40:55.0509 0x187c  megasas - ok

20:40:55.0544 0x187c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys

20:40:55.0561 0x187c  megasr - ok

20:40:55.0593 0x187c  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys

20:40:55.0596 0x187c  MEIx64 - ok

20:40:55.0623 0x187c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll

20:40:55.0626 0x187c  MMCSS - ok

20:40:55.0642 0x187c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys

20:40:55.0644 0x187c  Modem - ok

20:40:55.0665 0x187c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys

20:40:55.0666 0x187c  monitor - ok

20:40:55.0687 0x187c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys

20:40:55.0690 0x187c  mouclass - ok

20:40:55.0697 0x187c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys

20:40:55.0699 0x187c  mouhid - ok

20:40:55.0752 0x187c  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys

20:40:55.0755 0x187c  mountmgr - ok

20:40:55.0802 0x187c  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:40:55.0808 0x187c  MozillaMaintenance - ok

20:40:55.0839 0x187c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys

20:40:55.0842 0x187c  mpsdrv - ok

20:40:55.0884 0x187c  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll

20:40:55.0907 0x187c  MpsSvc - ok

20:40:55.0961 0x187c  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys

20:40:55.0966 0x187c  MRxDAV - ok

20:40:56.0017 0x187c  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:40:56.0028 0x187c  mrxsmb - ok

20:40:56.0087 0x187c  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

20:40:56.0095 0x187c  mrxsmb10 - ok

20:40:56.0119 0x187c  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

20:40:56.0124 0x187c  mrxsmb20 - ok

20:40:56.0156 0x187c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys

20:40:56.0159 0x187c  MsBridge - ok

20:40:56.0183 0x187c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

20:40:56.0188 0x187c  MSDTC - ok

20:40:56.0220 0x187c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

20:40:56.0221 0x187c  Msfs - ok

20:40:56.0228 0x187c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys

20:40:56.0230 0x187c  msgpiowin32 - ok

20:40:56.0250 0x187c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys

20:40:56.0251 0x187c  mshidkmdf - ok

20:40:56.0268 0x187c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys

20:40:56.0269 0x187c  mshidumdf - ok

20:40:56.0284 0x187c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

20:40:56.0286 0x187c  msisadrv - ok

20:40:56.0316 0x187c  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll

20:40:56.0321 0x187c  MSiSCSI - ok

20:40:56.0326 0x187c  msiserver - ok

20:40:56.0342 0x187c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:40:56.0343 0x187c  MSKSSRV - ok

20:40:56.0372 0x187c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys

20:40:56.0375 0x187c  MsLldp - ok

20:40:56.0392 0x187c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:40:56.0393 0x187c  MSPCLOCK - ok

20:40:56.0406 0x187c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

20:40:56.0407 0x187c  MSPQM - ok

20:40:56.0452 0x187c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys

20:40:56.0462 0x187c  MsRPC - ok

20:40:56.0472 0x187c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys

20:40:56.0474 0x187c  mssmbios - ok

20:40:56.0485 0x187c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

20:40:56.0486 0x187c  MSTEE - ok

20:40:56.0503 0x187c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys

20:40:56.0504 0x187c  MTConfig - ok

20:40:56.0559 0x187c  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys

20:40:56.0562 0x187c  Mup - ok

20:40:56.0588 0x187c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys

20:40:56.0590 0x187c  mvumis - ok

20:40:56.0638 0x187c  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

20:40:56.0645 0x187c  MyWiFiDHCPDNS - ok

20:40:56.0687 0x187c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll

20:40:56.0699 0x187c  napagent - ok

20:40:56.0741 0x187c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys

20:40:56.0754 0x187c  NativeWifiP - ok

20:40:56.0862 0x187c  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

20:40:56.0881 0x187c  NAUpdate - ok

20:40:56.0938 0x187c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll

20:40:56.0950 0x187c  NcaSvc - ok

20:40:56.0972 0x187c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll

20:40:56.0978 0x187c  NcbService - ok

20:40:57.0004 0x187c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll

20:40:57.0008 0x187c  NcdAutoSetup - ok

20:40:57.0076 0x187c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys

20:40:57.0106 0x187c  NDIS - ok

20:40:57.0128 0x187c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys

20:40:57.0130 0x187c  NdisCap - ok

20:40:57.0164 0x187c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

20:40:57.0168 0x187c  NdisImPlatform - ok

20:40:57.0199 0x187c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:40:57.0200 0x187c  NdisTapi - ok

20:40:57.0222 0x187c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:40:57.0225 0x187c  Ndisuio - ok

20:40:57.0235 0x187c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

20:40:57.0236 0x187c  NdisVirtualBus - ok

20:40:57.0292 0x187c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:40:57.0298 0x187c  NdisWan - ok

20:40:57.0307 0x187c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:40:57.0313 0x187c  NdisWanLegacy - ok

20:40:57.0346 0x187c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

20:40:57.0349 0x187c  NDProxy - ok

20:40:57.0379 0x187c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys

20:40:57.0383 0x187c  Ndu - ok

20:40:57.0412 0x187c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

20:40:57.0414 0x187c  NetBIOS - ok

20:40:57.0462 0x187c  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

20:40:57.0471 0x187c  NetBT - ok

20:40:57.0487 0x187c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe

20:40:57.0490 0x187c  Netlogon - ok

20:40:57.0529 0x187c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll

20:40:57.0537 0x187c  Netman - ok

20:40:57.0585 0x187c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll

20:40:57.0600 0x187c  netprofm - ok

20:40:57.0660 0x187c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:40:57.0666 0x187c  NetTcpPortSharing - ok

20:40:57.0703 0x187c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys

20:40:57.0706 0x187c  netvsc - ok

20:40:57.0848 0x187c  [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64        C:\WINDOWS\system32\DRIVERS\Netwbw02.sys

20:40:57.0937 0x187c  NETwNb64 - ok

20:40:58.0141 0x187c  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\WINDOWS\system32\DRIVERS\NETwew02.sys

20:40:58.0260 0x187c  NETwNe64 - ok

20:40:58.0381 0x187c  [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe

20:40:58.0393 0x187c  NitroDriverReadSpool9 - ok

20:40:58.0445 0x187c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll

20:40:58.0464 0x187c  NlaSvc - ok

20:40:58.0539 0x187c  [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE

20:40:58.0542 0x187c  nlsX86cc - ok

20:40:58.0576 0x187c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

20:40:58.0578 0x187c  Npfs - ok

20:40:58.0592 0x187c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys

20:40:58.0594 0x187c  npsvctrig - ok

20:40:58.0627 0x187c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll

20:40:58.0630 0x187c  nsi - ok

20:40:58.0655 0x187c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

20:40:58.0657 0x187c  nsiproxy - ok

20:40:58.0794 0x187c  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

20:40:58.0847 0x187c  Ntfs - ok

20:40:58.0871 0x187c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys

20:40:58.0872 0x187c  Null - ok

20:40:58.0897 0x187c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys

20:40:58.0902 0x187c  nvraid - ok

20:40:58.0921 0x187c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys

20:40:58.0926 0x187c  nvstor - ok

20:40:58.0941 0x187c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys

20:40:58.0945 0x187c  nv_agp - ok

20:40:59.0032 0x187c  [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:40:59.0039 0x187c  ose - ok

20:40:59.0087 0x187c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll

20:40:59.0098 0x187c  p2pimsvc - ok

20:40:59.0129 0x187c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll

20:40:59.0143 0x187c  p2psvc - ok

20:40:59.0208 0x187c  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\WINDOWS\System32\drivers\parport.sys

20:40:59.0212 0x187c  Parport - ok

20:40:59.0244 0x187c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys

20:40:59.0248 0x187c  partmgr - ok

20:40:59.0324 0x187c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll

20:40:59.0340 0x187c  PcaSvc - ok

20:40:59.0410 0x187c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys

20:40:59.0424 0x187c  pci - ok

20:40:59.0449 0x187c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys

20:40:59.0450 0x187c  pciide - ok

20:40:59.0465 0x187c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys

20:40:59.0470 0x187c  pcmcia - ok

20:40:59.0485 0x187c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys

20:40:59.0488 0x187c  pcw - ok

20:40:59.0515 0x187c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys

20:40:59.0518 0x187c  pdc - ok

20:40:59.0542 0x187c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys

20:40:59.0560 0x187c  PEAUTH - ok

20:40:59.0597 0x187c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe

20:40:59.0599 0x187c  PerfHost - ok

20:40:59.0683 0x187c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll

20:40:59.0724 0x187c  pla - ok

20:40:59.0759 0x187c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll

20:40:59.0764 0x187c  PlugPlay - ok

20:40:59.0797 0x187c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll

20:40:59.0800 0x187c  PNRPAutoReg - ok

20:40:59.0831 0x187c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll

20:40:59.0841 0x187c  PNRPsvc - ok

20:40:59.0896 0x187c  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll

20:40:59.0906 0x187c  PolicyAgent - ok

20:40:59.0937 0x187c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll

20:40:59.0941 0x187c  Power - ok

20:40:59.0961 0x187c  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:40:59.0964 0x187c  PptpMiniport - ok

20:41:00.0131 0x187c  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

20:41:00.0208 0x187c  PrintNotify - ok

20:41:00.0230 0x187c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys

20:41:00.0234 0x187c  Processor - ok

20:41:00.0264 0x187c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll

20:41:00.0272 0x187c  ProfSvc - ok

20:41:00.0301 0x187c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys

20:41:00.0305 0x187c  Psched - ok

20:41:00.0344 0x187c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll

20:41:00.0354 0x187c  QWAVE - ok

20:41:00.0388 0x187c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys

20:41:00.0390 0x187c  QWAVEdrv - ok

20:41:00.0415 0x187c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:41:00.0416 0x187c  RasAcd - ok

20:41:00.0468 0x187c  [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys

20:41:00.0471 0x187c  RasAgileVpn - ok

20:41:00.0511 0x187c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

20:41:00.0515 0x187c  RasAuto - ok

20:41:00.0566 0x187c  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:41:00.0570 0x187c  Rasl2tp - ok

20:41:00.0603 0x187c  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\WINDOWS\System32\rasmans.dll

20:41:00.0620 0x187c  RasMan - ok

20:41:00.0694 0x187c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:41:00.0697 0x187c  RasPppoe - ok

20:41:00.0729 0x187c  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys

20:41:00.0732 0x187c  RasSstp - ok

20:41:00.0806 0x187c  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:41:00.0828 0x187c  rdbss - ok

20:41:00.0846 0x187c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

20:41:00.0848 0x187c  rdpbus - ok

20:41:00.0872 0x187c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

20:41:00.0879 0x187c  RDPDR - ok

20:41:00.0951 0x187c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

20:41:00.0953 0x187c  RdpVideoMiniport - ok

20:41:00.0966 0x187c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

20:41:00.0975 0x187c  rdyboost - ok

20:41:01.0050 0x187c  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys

20:41:01.0076 0x187c  ReFS - ok

20:41:01.0165 0x187c  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

20:41:01.0174 0x187c  RegSrvc - ok

20:41:01.0228 0x187c  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

20:41:01.0236 0x187c  RemoteAccess - ok

20:41:01.0275 0x187c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

20:41:01.0282 0x187c  RemoteRegistry - ok

20:41:01.0339 0x187c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys

20:41:01.0345 0x187c  RFCOMM - ok

20:41:01.0457 0x187c  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe

20:41:01.0468 0x187c  RichVideo64 - ok

20:41:01.0499 0x187c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

20:41:01.0504 0x187c  RpcEptMapper - ok

20:41:01.0535 0x187c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe

20:41:01.0537 0x187c  RpcLocator - ok

20:41:01.0610 0x187c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

20:41:01.0631 0x187c  RpcSs - ok

20:41:01.0659 0x187c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

20:41:01.0662 0x187c  rspndr - ok

20:41:01.0702 0x187c  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys

20:41:01.0711 0x187c  RSUSBVSTOR - ok

20:41:01.0754 0x187c  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

20:41:01.0777 0x187c  RTL8168 - ok

20:41:02.0126 0x187c  [ 6EA6AC66600E01E55FFB69AE53EE1553, 81ADE4CA618C5229DC241F10711578633093E1E43739AA6726923D9E6D27A0BE ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys

20:41:02.0459 0x187c  rtsuvc - ok

20:41:02.0507 0x187c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

20:41:02.0509 0x187c  s3cap - ok

20:41:02.0547 0x187c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe

20:41:02.0552 0x187c  SamSs - ok

20:41:02.0559 0x187c  SAService - ok

20:41:02.0587 0x187c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

20:41:02.0593 0x187c  sbp2port - ok

20:41:02.0626 0x187c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

20:41:02.0635 0x187c  SCardSvr - ok

20:41:02.0671 0x187c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

20:41:02.0677 0x187c  ScDeviceEnum - ok

20:41:02.0708 0x187c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

20:41:02.0710 0x187c  scfilter - ok

20:41:02.0777 0x187c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

20:41:02.0808 0x187c  Schedule - ok

20:41:02.0826 0x187c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

20:41:02.0831 0x187c  SCPolicySvc - ok

20:41:02.0860 0x187c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

20:41:02.0869 0x187c  sdbus - ok

20:41:02.0901 0x187c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

20:41:02.0904 0x187c  sdstor - ok

20:41:02.0921 0x187c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys

20:41:02.0922 0x187c  secdrv - ok

20:41:02.0960 0x187c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll

20:41:02.0963 0x187c  seclogon - ok

20:41:02.0995 0x187c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll

20:41:02.0999 0x187c  SENS - ok

20:41:03.0109 0x187c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

20:41:03.0124 0x187c  SensrSvc - ok

20:41:03.0161 0x187c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

20:41:03.0213 0x187c  SerCx - ok

20:41:03.0292 0x187c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

20:41:03.0298 0x187c  SerCx2 - ok

20:41:03.0343 0x187c  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

20:41:03.0345 0x187c  Serenum - ok

20:41:03.0371 0x187c  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\WINDOWS\System32\drivers\serial.sys

20:41:03.0375 0x187c  Serial - ok

20:41:03.0425 0x187c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

20:41:03.0428 0x187c  sermouse - ok

20:41:03.0476 0x187c  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

20:41:03.0487 0x187c  SessionEnv - ok

20:41:03.0506 0x187c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

20:41:03.0507 0x187c  sfloppy - ok

20:41:03.0559 0x187c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

20:41:03.0573 0x187c  SharedAccess - ok

20:41:03.0624 0x187c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

20:41:03.0641 0x187c  ShellHWDetection - ok

20:41:03.0669 0x187c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

20:41:03.0671 0x187c  SiSRaid2 - ok

20:41:03.0691 0x187c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

20:41:03.0695 0x187c  SiSRaid4 - ok

20:41:03.0805 0x187c  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

20:41:03.0823 0x187c  SkypeUpdate - ok

20:41:03.0855 0x187c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll

20:41:03.0883 0x187c  smphost - ok

20:41:03.0919 0x187c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

20:41:03.0921 0x187c  SNMPTRAP - ok

20:41:03.0982 0x187c  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

20:41:03.0997 0x187c  spaceport - ok

20:41:04.0019 0x187c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

20:41:04.0020 0x187c  SpbCx - ok

20:41:04.0096 0x187c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe

20:41:04.0124 0x187c  Spooler - ok

20:41:04.0411 0x187c  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

20:41:04.0564 0x187c  sppsvc - ok

20:41:04.0626 0x187c  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

20:41:04.0638 0x187c  srv - ok

20:41:04.0911 0x187c  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

20:41:04.0934 0x187c  srv2 - ok

20:41:04.0983 0x187c  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

20:41:04.0990 0x187c  srvnet - ok

20:41:05.0022 0x187c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

20:41:05.0031 0x187c  SSDPSRV - ok

20:41:05.0064 0x187c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

20:41:05.0070 0x187c  SstpSvc - ok

20:41:05.0106 0x187c  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

20:41:05.0113 0x187c  ssudmdm - ok

20:41:05.0143 0x187c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

20:41:05.0145 0x187c  stexstor - ok

20:41:05.0196 0x187c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

20:41:05.0215 0x187c  stisvc - ok

20:41:05.0251 0x187c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

20:41:05.0254 0x187c  storahci - ok

20:41:05.0291 0x187c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys

20:41:05.0293 0x187c  storflt - ok

20:41:05.0343 0x187c  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

20:41:05.0348 0x187c  stornvme - ok

20:41:05.0377 0x187c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

20:41:05.0382 0x187c  StorSvc - ok

20:41:05.0407 0x187c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

20:41:05.0411 0x187c  storvsc - ok

20:41:05.0445 0x187c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll

20:41:05.0452 0x187c  svsvc - ok

20:41:05.0474 0x187c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

20:41:05.0476 0x187c  swenum - ok

20:41:05.0549 0x187c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll

20:41:05.0572 0x187c  swprv - ok

20:41:05.0650 0x187c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll

20:41:05.0680 0x187c  SysMain - ok

20:41:05.0732 0x187c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

20:41:05.0740 0x187c  SystemEventsBroker - ok

20:41:05.0770 0x187c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

20:41:05.0777 0x187c  TabletInputService - ok

20:41:05.0818 0x187c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

20:41:05.0828 0x187c  TapiSrv - ok

20:41:05.0956 0x187c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

20:41:06.0019 0x187c  Tcpip - ok

20:41:06.0092 0x187c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:41:06.0149 0x187c  TCPIP6 - ok

20:41:06.0196 0x187c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

20:41:06.0199 0x187c  tcpipreg - ok

20:41:06.0254 0x187c  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

20:41:06.0258 0x187c  tdx - ok

20:41:06.0607 0x187c  [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

20:41:06.0782 0x187c  TeamViewer - ok

20:41:06.0841 0x187c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

20:41:06.0844 0x187c  terminpt - ok

20:41:06.0925 0x187c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll

20:41:06.0959 0x187c  TermService - ok

20:41:06.0985 0x187c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll

20:41:06.0989 0x187c  Themes - ok

20:41:07.0016 0x187c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll

20:41:07.0019 0x187c  THREADORDER - ok

20:41:07.0047 0x187c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll

20:41:07.0055 0x187c  TimeBroker - ok

20:41:07.0109 0x187c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys

20:41:07.0115 0x187c  TPM - ok

20:41:07.0145 0x187c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

20:41:07.0150 0x187c  TrkWks - ok

20:41:07.0215 0x187c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

20:41:07.0221 0x187c  TrustedInstaller - ok

20:41:07.0247 0x187c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys

20:41:07.0250 0x187c  TsUsbFlt - ok

20:41:07.0288 0x187c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

20:41:07.0315 0x187c  TsUsbGD - ok

20:41:07.0363 0x187c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys

20:41:07.0368 0x187c  tunnel - ok

20:41:07.0396 0x187c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys

20:41:07.0400 0x187c  uagp35 - ok

20:41:07.0424 0x187c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

20:41:07.0429 0x187c  UASPStor - ok

20:41:07.0473 0x187c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys

20:41:07.0482 0x187c  UCX01000 - ok

20:41:07.0546 0x187c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

20:41:07.0564 0x187c  udfs - ok

20:41:07.0602 0x187c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

20:41:07.0604 0x187c  UEFI - ok

20:41:07.0629 0x187c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

20:41:07.0633 0x187c  UI0Detect - ok

20:41:07.0654 0x187c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys

20:41:07.0657 0x187c  uliagpkx - ok

20:41:07.0671 0x187c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

20:41:07.0673 0x187c  umbus - ok

20:41:07.0697 0x187c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

20:41:07.0698 0x187c  UmPass - ok

20:41:07.0736 0x187c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

20:41:07.0747 0x187c  UmRdpService - ok

20:41:07.0789 0x187c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll

20:41:07.0805 0x187c  upnphost - ok

20:41:07.0868 0x187c  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

20:41:07.0873 0x187c  usbaudio - ok

20:41:07.0912 0x187c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

20:41:07.0919 0x187c  usbccgp - ok

20:41:07.0958 0x187c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

20:41:07.0963 0x187c  usbcir - ok

20:41:08.0019 0x187c  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

20:41:08.0026 0x187c  usbehci - ok

20:41:08.0098 0x187c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

20:41:08.0119 0x187c  usbhub - ok

20:41:08.0190 0x187c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

20:41:08.0210 0x187c  USBHUB3 - ok

20:41:08.0267 0x187c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

20:41:08.0269 0x187c  usbohci - ok

20:41:08.0293 0x187c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

20:41:08.0294 0x187c  usbprint - ok

20:41:08.0342 0x187c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:41:08.0345 0x187c  usbscan - ok

20:41:08.0414 0x187c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

20:41:08.0424 0x187c  USBSTOR - ok

20:41:08.0445 0x187c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

20:41:08.0449 0x187c  usbuhci - ok

20:41:08.0515 0x187c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

20:41:08.0530 0x187c  usbvideo - ok

20:41:08.0590 0x187c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

20:41:08.0600 0x187c  USBXHCI - ok

20:41:08.0615 0x187c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe

20:41:08.0617 0x187c  VaultSvc - ok

20:41:08.0647 0x187c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

20:41:08.0649 0x187c  vdrvroot - ok

20:41:08.0716 0x187c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe

20:41:08.0765 0x187c  vds - ok

20:41:08.0846 0x187c  [ E28127C422E5E0C91A0EC040C9838A0B, 1D881AE97138829E40847796972FE32F267DCD21B0BC83899AF9D6144FA0709B ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe

20:41:08.0849 0x187c  VeriFaceSrv - ok

20:41:08.0857 0x187c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

20:41:08.0863 0x187c  VerifierExt - ok

20:41:08.0933 0x187c  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

20:41:08.0953 0x187c  vhdmp - ok

20:41:09.0004 0x187c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys

20:41:09.0005 0x187c  viaide - ok

20:41:09.0033 0x187c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

20:41:09.0037 0x187c  vmbus - ok

20:41:09.0058 0x187c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

20:41:09.0060 0x187c  VMBusHID - ok

20:41:09.0100 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

20:41:09.0115 0x187c  vmicguestinterface - ok

20:41:09.0133 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll

20:41:09.0146 0x187c  vmicheartbeat - ok

20:41:09.0163 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

20:41:09.0177 0x187c  vmickvpexchange - ok

20:41:09.0194 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll

20:41:09.0208 0x187c  vmicrdv - ok

20:41:09.0225 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll

20:41:09.0239 0x187c  vmicshutdown - ok

20:41:09.0256 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll

20:41:09.0269 0x187c  vmictimesync - ok

20:41:09.0286 0x187c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll

20:41:09.0300 0x187c  vmicvss - ok

20:41:09.0353 0x187c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

20:41:09.0360 0x187c  volmgr - ok

20:41:09.0393 0x187c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

20:41:09.0404 0x187c  volmgrx - ok

20:41:09.0472 0x187c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

20:41:09.0484 0x187c  volsnap - ok

20:41:09.0511 0x187c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

20:41:09.0515 0x187c  vpci - ok

20:41:09.0536 0x187c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

20:41:09.0542 0x187c  vsmraid - ok

20:41:09.0626 0x187c  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe

20:41:09.0665 0x187c  VSS - ok

20:41:09.0689 0x187c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

20:41:09.0699 0x187c  VSTXRAID - ok

20:41:09.0742 0x187c  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

20:41:09.0745 0x187c  vwifibus - ok

20:41:09.0771 0x187c  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys

20:41:09.0776 0x187c  vwififlt - ok

20:41:09.0791 0x187c  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys

20:41:09.0794 0x187c  vwifimp - ok

20:41:09.0838 0x187c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll

20:41:09.0853 0x187c  W32Time - ok

20:41:09.0872 0x187c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

20:41:09.0873 0x187c  WacomPen - ok

20:41:09.0909 0x187c  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:41:09.0911 0x187c  Wanarp - ok

20:41:09.0918 0x187c  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:41:09.0921 0x187c  Wanarpv6 - ok

20:41:10.0013 0x187c  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\WINDOWS\system32\wbengine.exe

20:41:10.0056 0x187c  wbengine - ok

20:41:10.0098 0x187c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

20:41:10.0111 0x187c  WbioSrvc - ok

20:41:10.0151 0x187c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

20:41:10.0161 0x187c  Wcmsvc - ok

20:41:10.0211 0x187c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

20:41:10.0226 0x187c  wcncsvc - ok

20:41:10.0259 0x187c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

20:41:10.0262 0x187c  WcsPlugInService - ok

20:41:10.0303 0x187c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

20:41:10.0304 0x187c  WdBoot - ok

20:41:10.0357 0x187c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

20:41:10.0380 0x187c  Wdf01000 - ok

20:41:10.0439 0x187c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

20:41:10.0447 0x187c  WdFilter - ok

20:41:10.0480 0x187c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

20:41:10.0484 0x187c  WdiServiceHost - ok

20:41:10.0490 0x187c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

20:41:10.0494 0x187c  WdiSystemHost - ok

20:41:10.0518 0x187c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

20:41:10.0522 0x187c  WdNisDrv - ok

20:41:10.0554 0x187c  WdNisSvc - ok

20:41:10.0610 0x187c  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll

20:41:10.0618 0x187c  WebClient - ok

20:41:10.0657 0x187c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

20:41:10.0665 0x187c  Wecsvc - ok

20:41:10.0690 0x187c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

20:41:10.0693 0x187c  WEPHOSTSVC - ok

20:41:10.0709 0x187c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

20:41:10.0713 0x187c  wercplsupport - ok

20:41:10.0742 0x187c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

20:41:10.0747 0x187c  WerSvc - ok

20:41:10.0781 0x187c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

20:41:10.0785 0x187c  WFPLWFS - ok

20:41:10.0822 0x187c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

20:41:10.0826 0x187c  WiaRpc - ok

20:41:10.0856 0x187c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

20:41:10.0857 0x187c  WIMMount - ok

20:41:10.0860 0x187c  WinDefend - ok

20:41:10.0937 0x187c  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

20:41:10.0958 0x187c  WinHttpAutoProxySvc - ok

20:41:11.0021 0x187c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

20:41:11.0028 0x187c  Winmgmt - ok

20:41:11.0138 0x187c  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

20:41:11.0211 0x187c  WinRM - ok

20:41:11.0236 0x187c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys

20:41:11.0239 0x187c  WinUsb - ok

20:41:11.0311 0x187c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

20:41:11.0349 0x187c  WlanSvc - ok

20:41:11.0436 0x187c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

20:41:11.0476 0x187c  wlidsvc - ok

20:41:11.0512 0x187c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

20:41:11.0513 0x187c  WmiAcpi - ok

20:41:11.0539 0x187c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

20:41:11.0544 0x187c  wmiApSrv - ok

20:41:11.0568 0x187c  WMPNetworkSvc - ok

20:41:11.0586 0x187c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

20:41:11.0591 0x187c  Wof - ok

20:41:11.0715 0x187c  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

20:41:11.0761 0x187c  workfolderssvc - ok

20:41:11.0793 0x187c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

20:41:11.0795 0x187c  wpcfltr - ok

20:41:11.0818 0x187c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll

20:41:11.0820 0x187c  WPCSvc - ok

20:41:11.0839 0x187c  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

20:41:11.0843 0x187c  WPDBusEnum - ok

20:41:11.0862 0x187c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

20:41:11.0864 0x187c  WpdUpFltr - ok

20:41:11.0881 0x187c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

20:41:11.0882 0x187c  ws2ifsl - ok

20:41:11.0938 0x187c  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

20:41:11.0944 0x187c  wscsvc - ok

20:41:11.0948 0x187c  WSearch - ok

20:41:12.0084 0x187c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll

20:41:12.0166 0x187c  WSService - ok

20:41:12.0197 0x187c  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys

20:41:12.0200 0x187c  wsvd - ok

20:41:12.0366 0x187c  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

20:41:12.0453 0x187c  wuauserv - ok

20:41:12.0487 0x187c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

20:41:12.0491 0x187c  WudfPf - ok

20:41:12.0512 0x187c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

20:41:12.0519 0x187c  WUDFRd - ok

20:41:12.0535 0x187c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

20:41:12.0541 0x187c  WUDFSensorLP - ok

20:41:12.0575 0x187c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

20:41:12.0579 0x187c  wudfsvc - ok

20:41:12.0590 0x187c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys

20:41:12.0595 0x187c  WUDFWpdFs - ok

20:41:12.0604 0x187c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys

20:41:12.0610 0x187c  WUDFWpdMtp - ok

20:41:12.0656 0x187c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

20:41:12.0672 0x187c  WwanSvc - ok

20:41:12.0883 0x187c  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

20:41:12.0976 0x187c  ZeroConfigService - ok

20:41:12.0995 0x187c  ================ Scan global ===============================

20:41:13.0076 0x187c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll

20:41:13.0098 0x187c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll

20:41:13.0138 0x187c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll

20:41:13.0202 0x187c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe

20:41:13.0213 0x187c  [ Global ] - ok

20:41:13.0213 0x187c  ================ Scan MBR ==================================

20:41:13.0230 0x187c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

20:41:13.0240 0x187c  \Device\Harddisk0\DR0 - ok

20:41:13.0241 0x187c  ================ Scan VBR ==================================

20:41:13.0243 0x187c  [ C307F981B085B939E9144D2BA8D35BFB ] \Device\Harddisk0\DR0\Partition1

20:41:13.0245 0x187c  \Device\Harddisk0\DR0\Partition1 - ok

20:41:13.0258 0x187c  [ DBD7E31BB7C36769AF538F5940AB8FE5 ] \Device\Harddisk0\DR0\Partition2

20:41:13.0259 0x187c  \Device\Harddisk0\DR0\Partition2 - ok

20:41:13.0272 0x187c  [ 27CF5568853A0D8392A39E65E6EA7437 ] \Device\Harddisk0\DR0\Partition3

20:41:13.0273 0x187c  \Device\Harddisk0\DR0\Partition3 - ok

20:41:13.0292 0x187c  [ 84833E3E69F2AA95FF524F3C579ABBA8 ] \Device\Harddisk0\DR0\Partition4

20:41:13.0292 0x187c  \Device\Harddisk0\DR0\Partition4 - ok

20:41:13.0298 0x187c  [ ABD4AE5CC8E81AB7F1813CBBA8F6C8A5 ] \Device\Harddisk0\DR0\Partition5

20:41:13.0300 0x187c  \Device\Harddisk0\DR0\Partition5 - ok

20:41:13.0326 0x187c  [ E6B4D91E07A89FD54CAE04B996A8087E ] \Device\Harddisk0\DR0\Partition6

20:41:13.0327 0x187c  \Device\Harddisk0\DR0\Partition6 - ok

20:41:13.0341 0x187c  [ 5519F2C2D861C7E302FD2DCC21547517 ] \Device\Harddisk0\DR0\Partition7

20:41:13.0342 0x187c  \Device\Harddisk0\DR0\Partition7 - ok

20:41:13.0343 0x187c  ================ Scan generic autorun ======================

20:41:13.0413 0x187c  [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe

20:41:13.0415 0x187c  IAStorIcon - ok

20:41:13.0453 0x187c  [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe

20:41:13.0455 0x187c  ForteConfig - ok

20:41:13.0557 0x187c  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe

20:41:13.0602 0x187c  SmartAudio - ok

20:41:13.0668 0x187c  [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

20:41:13.0693 0x187c  cAudioFilterAgent - ok

20:41:13.0695 0x187c  ETDCtrl - ok

20:41:13.0931 0x187c  [ 0E2427CF7B8BFC002795159AB55564C1, F4DAEEC6CD7580621C3411ADC5EAA8BE1927924EC2FEDA05E223E6580D8FA9B7 ] C:\WINDOWS\RTFTrack.exe

20:41:14.0075 0x187c  RtsFT - ok

20:41:14.0726 0x187c  [ 6DB938E782F688C788441AB389B9FC78, 195875E58457FE5CD6E81AD48576186060D4B44FD415DAF881541199808C1BCE ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe

20:41:15.0088 0x187c  Energy Manager - ok

20:41:15.0540 0x187c  [ E3D9352D2EE0A4343FE2A4A99FCBCB06, 886D243B569BF11118D19B27DE39DE1E42D471B3DA0C9A397E301E17519C6C42 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe

20:41:15.0786 0x187c  Lenovo Utility - ok

20:41:15.0892 0x187c  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe

20:41:15.0897 0x187c  UpdateP2GShortCut - ok

20:41:16.0008 0x187c  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

20:41:16.0023 0x187c  SunJavaUpdateSched - ok

20:41:16.0058 0x187c  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe

20:41:16.0061 0x187c  Pokki - ok

20:41:16.0174 0x187c  [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe

20:41:16.0209 0x187c  FreeAC - ok

20:41:16.0247 0x187c  Skype - ok

20:41:16.0673 0x187c  [ 1E53BE3B241C27D42F753EEE7E0751B7, 8237E8ECBB332AA0098024313F4452EFE66FECAC1878E07A46A6F817DC1AF453 ] C:\Program Files (x86)\ManyCam\ManyCam.exe

20:41:16.0908 0x187c  ManyCam - ok

20:41:16.0966 0x187c  Chromium - ok

20:41:17.0106 0x187c  [ 0C2D8CBA28E12D170FC5343F03E6D20C, 73A66AEF5D89E69E6B19172328AC043542FD7628DD44A569B23625261A0B56FB ] C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe

20:41:17.0140 0x187c  Spotify Web Helper - ok

20:41:17.0259 0x187c  [ 309A0390822194B835DBBF1374718354, BE1021B9D5EA4C4180E752F21191BD21010298BB2545F3D725E71E913DB14808 ] C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

20:41:17.0304 0x187c  uTorrent - ok

20:41:17.0583 0x187c  [ C654101E928F9C1EC19A3C3AA78D4482, 925C51A2B1DD082EA5F7035CDAD481F6017DD943B005042703CCE1D5F9572AF2 ] C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

20:41:17.0760 0x187c  Spotify - ok

20:41:17.0773 0x187c  Waiting for KSN requests completion. In queue: 174

20:41:18.0611 0x1088  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc

20:41:18.0774 0x187c  Waiting for KSN requests completion. In queue: 150

20:41:18.0991 0x1088  Object send P2P result: true

20:41:19.0874 0x187c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )

20:41:19.0888 0x187c  Win FW state via NFP2: enabled ( trusted )

20:41:20.0037 0x187c  ============================================================

20:41:20.0037 0x187c  Scan finished

20:41:20.0037 0x187c  ============================================================

20:41:20.0054 0x1960  Detected object count: 0

20:41:20.0055 0x1960  Actual detected object count: 0

20:41:39.0956 0x1874  Deinitialize success

Zitat:

Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01

Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01

Hast du die Anleitung überhaupt nicht gelesen? :wtf:

MBAR hatte alte Signaturen, tdsskiller wurde falsch eingestellt!

Zitat:

Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01

Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01

Hast du die Anleitung überhaupt nicht gelesen? :wtf:

MBAR hatte alte Signaturen, tdsskiller wurde falsch eingestellt!

Ich bitte um Entschuldigung...
Hier nun das richtige Log, Teil 1:

Code:

16:32:33.0199 0x23c8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01

16:32:33.0199 0x23c8  UEFI system

16:32:37.0466 0x23c8  ============================================================

16:32:37.0466 0x23c8  Current date / time: 2017/01/27 16:32:37.0466

16:32:37.0466 0x23c8  SystemInfo:

16:32:37.0466 0x23c8  

16:32:37.0466 0x23c8  OS Version: 6.3.9600 ServicePack: 0.0

16:32:37.0466 0x23c8  Product type: Workstation

16:32:37.0466 0x23c8  ComputerName: SUPERPARCHITA

16:32:37.0466 0x23c8  UserName: Phil

16:32:37.0466 0x23c8  Windows directory: C:\WINDOWS

16:32:37.0466 0x23c8  System windows directory: C:\WINDOWS

16:32:37.0466 0x23c8  Running under WOW64

16:32:37.0466 0x23c8  Processor architecture: Intel x64

16:32:37.0466 0x23c8  Number of processors: 2

16:32:37.0466 0x23c8  Page size: 0x1000

16:32:37.0466 0x23c8  Boot type: Normal boot

16:32:37.0466 0x23c8  CodeIntegrityOptions = 0x00000001

16:32:37.0466 0x23c8  ============================================================

16:32:38.0198 0x23c8  KLMD registered as C:\WINDOWS\system32\drivers\71995046.sys

16:32:38.0199 0x23c8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19

16:32:47.0190 0x23c8  System UUID: {C334BC4C-398D-93C8-1075-E5F506D16C21}

16:32:49.0393 0x23c8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:32:49.0397 0x23c8  ============================================================

16:32:49.0397 0x23c8  \Device\Harddisk0\DR0:

16:32:49.0397 0x23c8  GPT partitions:

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D7E0B6FB-E275-449D-AD2B-34F0539C091F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {91CC3BA4-D96F-416D-A9B0-EA3F4AE89923}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {99D1CE56-F334-46DB-A809-EAD15CCD76C8}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E6A679AB-B102-46B6-8B6E-4AD991123CD9}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9DE476CF-8629-4F88-8CA2-2DF199D7C690}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3A5800

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C114FAB-374E-4D69-AF5D-9B2220D8E5BC}, Name: Basic data partition, StartLBA 0x6F850000, BlocksNum 0x3200000

16:32:49.0398 0x23c8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {62BA94D9-7E48-4BD9-AFB4-B35177B7D901}, Name: Basic data partition, StartLBA 0x72A50000, BlocksNum 0x1CB6800

16:32:49.0398 0x23c8  MBR partitions:

16:32:49.0398 0x23c8  ============================================================

16:32:49.0429 0x23c8  C: <-> \Device\Harddisk0\DR0\Partition5

16:32:49.0514 0x23c8  D: <-> \Device\Harddisk0\DR0\Partition6

16:32:49.0514 0x23c8  ============================================================

16:32:49.0514 0x23c8  Initialize success

16:32:49.0514 0x23c8  ============================================================

16:33:19.0820 0x1c8c  ============================================================

16:33:19.0820 0x1c8c  Scan started

16:33:19.0820 0x1c8c  Mode: Manual; SigCheck; TDLFS; 

16:33:19.0820 0x1c8c  ============================================================

16:33:19.0820 0x1c8c  KSN ping started

16:33:19.0959 0x1c8c  KSN ping finished: true

16:33:21.0855 0x1c8c  ================ Scan system memory ========================

16:33:21.0855 0x1c8c  System memory - ok

16:33:21.0856 0x1c8c  ================ Scan services =============================

16:33:21.0986 0x1c8c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys

16:33:22.0201 0x1c8c  1394ohci - ok

16:33:22.0227 0x1c8c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys

16:33:22.0242 0x1c8c  3ware - ok

16:33:22.0288 0x1c8c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys

16:33:22.0345 0x1c8c  ACPI - ok

16:33:22.0374 0x1c8c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys

16:33:22.0391 0x1c8c  acpiex - ok

16:33:22.0413 0x1c8c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys

16:33:22.0461 0x1c8c  acpipagr - ok

16:33:22.0485 0x1c8c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys

16:33:22.0630 0x1c8c  AcpiPmi - ok

16:33:22.0649 0x1c8c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys

16:33:22.0697 0x1c8c  acpitime - ok

16:33:22.0741 0x1c8c  [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys

16:33:22.0847 0x1c8c  ACPIVPC - ok

16:33:22.0933 0x1c8c  [ 1E16C9A8CFBE5D2317EADA233389928D, F08F65B4170104556BF8F2CD19D553D863DE5E1167CDE433C85DFE78C0F1DD96 ] AdBlockerService C:\Program Files (x86)\AdBlocker\AdBlockerService.exe

16:33:22.0961 0x1c8c  AdBlockerService - detected UnsignedFile.Multi.Generic ( 1 )

16:33:23.0217 0x1c8c  AdBlockerService ( UnsignedFile.Multi.Generic ) - warning

16:33:23.0217 0x1c8c  Force sending object to P2P due to detect: AdBlockerService

16:33:23.0492 0x1c8c  Object send P2P result: true

16:33:23.0746 0x1c8c  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:33:23.0776 0x1c8c  AdobeFlashPlayerUpdateSvc - ok

16:33:23.0837 0x1c8c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS

16:33:23.0895 0x1c8c  ADP80XX - ok

16:33:23.0923 0x1c8c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll

16:33:24.0033 0x1c8c  AeLookupSvc - ok

16:33:24.0132 0x1c8c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys

16:33:24.0329 0x1c8c  AFD - ok

16:33:24.0346 0x1c8c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys

16:33:24.0362 0x1c8c  agp440 - ok

16:33:24.0412 0x1c8c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys

16:33:24.0501 0x1c8c  ahcache - ok

16:33:24.0533 0x1c8c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe

16:33:24.0630 0x1c8c  ALG - ok

16:33:24.0667 0x1c8c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys

16:33:24.0771 0x1c8c  AmdK8 - ok

16:33:24.0797 0x1c8c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys

16:33:24.0857 0x1c8c  AmdPPM - ok

16:33:24.0880 0x1c8c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys

16:33:24.0894 0x1c8c  amdsata - ok

16:33:24.0912 0x1c8c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys

16:33:24.0934 0x1c8c  amdsbs - ok

16:33:24.0951 0x1c8c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys

16:33:24.0962 0x1c8c  amdxata - ok

16:33:25.0057 0x1c8c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys

16:33:25.0219 0x1c8c  AppID - ok

16:33:25.0254 0x1c8c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll

16:33:25.0286 0x1c8c  AppIDSvc - ok

16:33:25.0333 0x1c8c  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll

16:33:25.0514 0x1c8c  Appinfo - ok

16:33:25.0716 0x1c8c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:33:25.0744 0x1c8c  Apple Mobile Device Service - ok

16:33:25.0797 0x1c8c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll

16:33:25.0923 0x1c8c  AppReadiness - ok

16:33:26.0169 0x1c8c  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll

16:33:26.0303 0x1c8c  AppXSvc - ok

16:33:26.0343 0x1c8c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys

16:33:26.0381 0x1c8c  arcsas - ok

16:33:26.0433 0x1c8c  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:33:26.0562 0x1c8c  AsyncMac - ok

16:33:26.0580 0x1c8c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

16:33:26.0593 0x1c8c  atapi - ok

16:33:26.0713 0x1c8c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

16:33:26.0869 0x1c8c  AudioEndpointBuilder - ok

16:33:26.0982 0x1c8c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll

16:33:27.0044 0x1c8c  Audiosrv - ok

16:33:27.0090 0x1c8c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll

16:33:27.0161 0x1c8c  AxInstSV - ok

16:33:27.0202 0x1c8c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys

16:33:27.0257 0x1c8c  b06bdrv - ok

16:33:27.0292 0x1c8c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys

16:33:27.0414 0x1c8c  BasicDisplay - ok

16:33:27.0430 0x1c8c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys

16:33:27.0522 0x1c8c  BasicRender - ok

16:33:27.0567 0x1c8c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys

16:33:27.0576 0x1c8c  bcmfn2 - ok

16:33:27.0669 0x1c8c  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll

16:33:27.0792 0x1c8c  BDESVC - ok

16:33:27.0811 0x1c8c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

16:33:27.0910 0x1c8c  Beep - ok

16:33:27.0980 0x1c8c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll

16:33:28.0255 0x1c8c  BFE - ok

16:33:28.0331 0x1c8c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll

16:33:28.0676 0x1c8c  BITS - ok

16:33:28.0840 0x1c8c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:33:28.0863 0x1c8c  Bonjour Service - ok

16:33:28.0899 0x1c8c  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys

16:33:29.0366 0x1c8c  bowser - ok

16:33:29.0524 0x1c8c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

16:33:29.0734 0x1c8c  BrokerInfrastructure - ok

16:33:29.0760 0x1c8c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll

16:33:29.0867 0x1c8c  Browser - ok

16:33:29.0957 0x1c8c  [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys

16:33:30.0088 0x1c8c  BthA2DP - ok

16:33:30.0123 0x1c8c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

16:33:30.0226 0x1c8c  BthAvrcpTg - ok

16:33:30.0268 0x1c8c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys

16:33:30.0387 0x1c8c  BthEnum - ok

16:33:30.0412 0x1c8c  [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys

16:33:30.0463 0x1c8c  BthHFAud - ok

16:33:30.0563 0x1c8c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys

16:33:30.0732 0x1c8c  BthHFEnum - ok

16:33:30.0761 0x1c8c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys

16:33:30.0818 0x1c8c  bthhfhid - ok

16:33:30.0980 0x1c8c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll

16:33:31.0052 0x1c8c  BthHFSrv - ok

16:33:31.0223 0x1c8c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys

16:33:31.0332 0x1c8c  BthLEEnum - ok

16:33:31.0362 0x1c8c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys

16:33:31.0405 0x1c8c  BTHMODEM - ok

16:33:31.0436 0x1c8c  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys

16:33:31.0612 0x1c8c  BthPan - ok

16:33:31.0705 0x1c8c  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys

16:33:31.0833 0x1c8c  BTHPORT - ok

16:33:31.0874 0x1c8c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll

16:33:32.0061 0x1c8c  bthserv - ok

16:33:32.0239 0x1c8c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys

16:33:32.0644 0x1c8c  BTHUSB - ok

16:33:32.0681 0x1c8c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys

16:33:33.0001 0x1c8c  cdfs - ok

16:33:33.0119 0x1c8c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys

16:33:33.0247 0x1c8c  cdrom - ok

16:33:33.0296 0x1c8c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll

16:33:33.0450 0x1c8c  CertPropSvc - ok

16:33:33.0463 0x1c8c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys

16:33:33.0506 0x1c8c  circlass - ok

16:33:33.0557 0x1c8c  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys

16:33:33.0596 0x1c8c  CLFS - ok

16:33:34.0661 0x1c8c  [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

16:33:34.0841 0x1c8c  ClickToRunSvc - ok

16:33:34.0893 0x1c8c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys

16:33:35.0028 0x1c8c  CmBatt - ok

16:33:35.0095 0x1c8c  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys

16:33:35.0205 0x1c8c  CNG - ok

16:33:35.0489 0x1c8c  [ 38FB50952621B66F64CE8478293D9181, 74C615117404393ED8249196907477CF5954E7CA99DA18844619C9587B721351 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys

16:33:35.0552 0x1c8c  CnxtHdAudService - ok

16:33:35.0604 0x1c8c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys

16:33:35.0687 0x1c8c  CompositeBus - ok

16:33:35.0693 0x1c8c  COMSysApp - ok

16:33:35.0716 0x1c8c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys

16:33:35.0862 0x1c8c  condrv - ok

16:33:35.0992 0x1c8c  [ AE49702BBAB1497DF5D9B2B7B101FE0E, 4E98C8185B0552F0B529B8052AE7010458E912172CF8D869C15B72AF6E46CF5F ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

16:33:36.0208 0x1c8c  cphs - ok

16:33:36.0252 0x1c8c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll

16:33:36.0393 0x1c8c  CryptSvc - ok

16:33:36.0425 0x1c8c  [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe

16:33:36.0475 0x1c8c  CxAudMsg - ok

16:33:36.0505 0x1c8c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys

16:33:36.0519 0x1c8c  dam - ok

16:33:36.0524 0x1c8c  dbx - ok

16:33:36.0582 0x1c8c  [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe

16:33:36.0599 0x1c8c  DbxSvc - ok

16:33:36.0729 0x1c8c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

16:33:36.0923 0x1c8c  DcomLaunch - ok

16:33:36.0986 0x1c8c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll

16:33:37.0196 0x1c8c  defragsvc - ok

16:33:37.0259 0x1c8c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

16:33:37.0341 0x1c8c  DeviceAssociationService - ok

16:33:37.0375 0x1c8c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll

16:33:37.0422 0x1c8c  DeviceInstall - ok

16:33:37.0478 0x1c8c  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys

16:33:37.0670 0x1c8c  Dfsc - ok

16:33:37.0717 0x1c8c  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys

16:33:37.0746 0x1c8c  dg_ssudbus - ok

16:33:37.0776 0x1c8c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll

16:33:37.0878 0x1c8c  Dhcp - ok

16:33:38.0024 0x1c8c  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll

16:33:38.0274 0x1c8c  DiagTrack - ok

16:33:38.0423 0x1c8c  [ 465949FD7AF3931B415D3FE2193DB782, 4EE3881F62183EF4F9A32EBADC019DD1FB70A2FE009503130146343FA7915E36 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

16:33:38.0451 0x1c8c  DigitalWave.Update.Service - ok

16:33:38.0526 0x1c8c  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys

16:33:38.0543 0x1c8c  disk - ok

16:33:38.0574 0x1c8c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys

16:33:38.0684 0x1c8c  dmvsc - ok

16:33:38.0748 0x1c8c  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

16:33:38.0926 0x1c8c  Dnscache - ok

16:33:38.0953 0x1c8c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll

16:33:39.0117 0x1c8c  dot3svc - ok

16:33:39.0162 0x1c8c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll

16:33:39.0196 0x1c8c  DPS - ok

16:33:39.0234 0x1c8c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

16:33:39.0246 0x1c8c  drmkaud - ok

16:33:39.0290 0x1c8c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll

16:33:39.0359 0x1c8c  DsmSvc - ok

16:33:39.0470 0x1c8c  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys

16:33:39.0542 0x1c8c  DXGKrnl - ok

16:33:39.0583 0x1c8c  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys

16:33:39.0687 0x1c8c  e1iexpress - ok

16:33:39.0717 0x1c8c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll

16:33:39.0794 0x1c8c  Eaphost - ok

16:33:39.0946 0x1c8c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys

16:33:40.0086 0x1c8c  ebdrv - ok

16:33:40.0139 0x1c8c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe

16:33:40.0153 0x1c8c  EFS - ok

16:33:40.0168 0x1c8c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys

16:33:40.0182 0x1c8c  EhStorClass - ok

16:33:40.0204 0x1c8c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

16:33:40.0220 0x1c8c  EhStorTcgDrv - ok

16:33:40.0234 0x1c8c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys

16:33:40.0287 0x1c8c  ErrDev - ok

16:33:40.0378 0x1c8c  [ C9EC31F59DF549819862E8DA83E5E9B0, 5F53AEF5276D495C095CD05CC8A598CD364A16DE058F0DF46FD3C3D6446244D5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys

16:33:40.0399 0x1c8c  ETD - ok

16:33:40.0510 0x1c8c  [ BFFD4F272773F73F9A17A54469EF1B40, FF2981D15BB5A6B83D320BAC20D29E1906397026B8DDD4DBB5F948577E9DC4EF ] ETDService      C:\Program Files\Elantech\ETDService.exe

16:33:40.0520 0x1c8c  ETDService - ok

16:33:40.0574 0x1c8c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll

16:33:40.0682 0x1c8c  EventSystem - ok

16:33:40.0858 0x1c8c  [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe

16:33:40.0886 0x1c8c  EvtEng - ok

16:33:40.0955 0x1c8c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys

16:33:41.0121 0x1c8c  exfat - ok

16:33:41.0149 0x1c8c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys

16:33:41.0179 0x1c8c  fastfat - ok

16:33:41.0225 0x1c8c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe

16:33:41.0393 0x1c8c  Fax - ok

16:33:41.0424 0x1c8c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys

16:33:41.0466 0x1c8c  fdc - ok

16:33:41.0493 0x1c8c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll

16:33:41.0566 0x1c8c  fdPHost - ok

16:33:41.0587 0x1c8c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll

16:33:41.0621 0x1c8c  FDResPub - ok

16:33:41.0667 0x1c8c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll

16:33:41.0807 0x1c8c  fhsvc - ok

16:33:41.0831 0x1c8c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys

16:33:41.0851 0x1c8c  FileInfo - ok

16:33:41.0866 0x1c8c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys

16:33:41.0924 0x1c8c  Filetrace - ok

16:33:41.0971 0x1c8c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys

16:33:42.0025 0x1c8c  flpydisk - ok

16:33:42.0070 0x1c8c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

16:33:42.0121 0x1c8c  FltMgr - ok

16:33:42.0265 0x1c8c  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\WINDOWS\system32\FntCache.dll

16:33:42.0403 0x1c8c  FontCache - ok

16:33:42.0504 0x1c8c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:33:42.0516 0x1c8c  FontCache3.0.0.0 - ok

16:33:42.0542 0x1c8c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys

16:33:42.0555 0x1c8c  FsDepends - ok

16:33:42.0571 0x1c8c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:33:42.0635 0x1c8c  Fs_Rec - ok

16:33:42.0708 0x1c8c  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys

16:33:42.0742 0x1c8c  fvevol - ok

16:33:42.0762 0x1c8c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys

16:33:42.0817 0x1c8c  FxPPM - ok

16:33:42.0844 0x1c8c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys

16:33:42.0858 0x1c8c  gagp30kx - ok

16:33:42.0889 0x1c8c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys

16:33:42.0944 0x1c8c  gencounter - ok

16:33:42.0981 0x1c8c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys

16:33:43.0004 0x1c8c  GPIOClx0101 - ok

16:33:43.0099 0x1c8c  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll

16:33:43.0210 0x1c8c  gpsvc - ok

16:33:43.0364 0x1c8c  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:33:43.0378 0x1c8c  gupdate - ok

16:33:43.0385 0x1c8c  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:33:43.0398 0x1c8c  gupdatem - ok

16:33:43.0465 0x1c8c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys

16:33:43.0542 0x1c8c  HdAudAddService - ok

16:33:43.0584 0x1c8c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys

16:33:43.0728 0x1c8c  HDAudBus - ok

16:33:43.0750 0x1c8c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys

16:33:43.0865 0x1c8c  HidBatt - ok

16:33:43.0911 0x1c8c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys

16:33:44.0023 0x1c8c  HidBth - ok

16:33:44.0033 0x1c8c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys

16:33:44.0076 0x1c8c  hidi2c - ok

16:33:44.0100 0x1c8c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys

16:33:44.0153 0x1c8c  HidIr - ok

16:33:44.0186 0x1c8c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll

16:33:44.0233 0x1c8c  hidserv - ok

16:33:44.0289 0x1c8c  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys

16:33:44.0454 0x1c8c  HidUsb - ok

16:33:44.0504 0x1c8c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll

16:33:44.0544 0x1c8c  hkmsvc - ok

16:33:44.0581 0x1c8c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

16:33:44.0641 0x1c8c  HomeGroupListener - ok

16:33:44.0680 0x1c8c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

16:33:44.0731 0x1c8c  HomeGroupProvider - ok

16:33:44.0767 0x1c8c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys

16:33:44.0784 0x1c8c  HpSAMD - ok

16:33:44.0874 0x1c8c  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys

16:33:44.0948 0x1c8c  HTTP - ok

16:33:44.0998 0x1c8c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys

16:33:45.0045 0x1c8c  hwpolicy - ok

16:33:45.0243 0x1c8c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys

16:33:45.0360 0x1c8c  hyperkbd - ok

16:33:45.0399 0x1c8c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

16:33:45.0463 0x1c8c  HyperVideo - ok

16:33:45.0520 0x1c8c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys

16:33:45.0861 0x1c8c  i8042prt - ok

16:33:45.0883 0x1c8c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

16:33:46.0033 0x1c8c  iaLPSSi_GPIO - ok

16:33:46.0126 0x1c8c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

16:33:46.0158 0x1c8c  iaLPSSi_I2C - ok

16:33:46.0244 0x1c8c  [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys

16:33:46.0279 0x1c8c  iaStorA - ok

16:33:46.0344 0x1c8c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys

16:33:46.0381 0x1c8c  iaStorAV - ok

16:33:46.0479 0x1c8c  [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

16:33:46.0487 0x1c8c  IAStorDataMgrSvc - ok

16:33:46.0529 0x1c8c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys

16:33:46.0555 0x1c8c  iaStorV - ok

16:33:46.0730 0x1c8c  [ 351282A1CA1D8921028C3F653746FA20, F0C256880C6B638AF8F0EBC5D281C432090FC1DCA98E0A8F908C98EF446EF627 ] ibtsiva.exe     C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe

16:33:46.0741 0x1c8c  ibtsiva.exe - ok

16:33:46.0801 0x1c8c  [ 9C8AB34D88A61878D4A72FD55ED65674, CC109CDA60A0CE5E31509B02D4BB8F8906C405089D84D4A8570C42E0D6DC8E49 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys

16:33:46.0816 0x1c8c  ibtusb - ok

16:33:46.0823 0x1c8c  IEEtwCollectorService - ok

16:33:47.0085 0x1c8c  [ 540E8D8F386F38F9609572FE92997DA1, DF8DACC88437B6A97FD184C8813784FB6710461623242F45D1E6B5C23DB34D2D ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

16:33:47.0298 0x1c8c  igfx - ok

16:33:47.0325 0x1c8c  [ 2C1A1DB9ED1BEEC1CE6632225A7CDFA9, 93553F5FBDF88046E44FBADD2732ABC10C19098C9E338450FD69D1D216504562 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe

16:33:47.0344 0x1c8c  igfxCUIService1.0.0.0 - ok

16:33:47.0520 0x1c8c  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll

16:33:47.0568 0x1c8c  IKEEXT - ok

16:33:47.0595 0x1c8c  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

16:33:47.0604 0x1c8c  intaud_WaveExtensible - ok

16:33:47.0653 0x1c8c  [ 5F6F8E55DDB25BC41497DD11A85FC257, 45EF15064644729A776BBF35A790E23246309939A1614369553371EC82786890 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

16:33:47.0693 0x1c8c  IntcDAud - ok

16:33:47.0778 0x1c8c  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

16:33:47.0829 0x1c8c  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )

16:33:47.0984 0x1c8c  Detect skipped due to KSN trusted

16:33:47.0985 0x1c8c  Intel(R) Capability Licensing Service Interface - ok

16:33:48.0084 0x1c8c  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

16:33:49.0261 0x1c8c  Intel(R) Capability Licensing Service TCP IP Interface - ok

16:33:49.0282 0x1c8c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys

16:33:49.0311 0x1c8c  intelide - ok

16:33:49.0389 0x1c8c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

16:33:49.0562 0x1c8c  intelpep - ok

16:33:49.0602 0x1c8c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys

16:33:49.0677 0x1c8c  intelppm - ok

16:33:49.0714 0x1c8c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:33:49.0928 0x1c8c  IpFilterDriver - ok

16:33:50.0117 0x1c8c  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll

16:33:50.0351 0x1c8c  iphlpsvc - ok

16:33:50.0441 0x1c8c  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys

16:33:50.0737 0x1c8c  IPMIDRV - ok

16:33:50.0799 0x1c8c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys

16:33:50.0916 0x1c8c  IPNAT - ok

16:33:50.0980 0x1c8c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

16:33:51.0053 0x1c8c  IRENUM - ok

16:33:51.0115 0x1c8c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys

16:33:51.0133 0x1c8c  isapnp - ok

16:33:51.0192 0x1c8c  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys

16:33:51.0238 0x1c8c  iScsiPrt - ok

16:33:51.0263 0x1c8c  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys

16:33:51.0280 0x1c8c  iwdbus - ok

16:33:51.0373 0x1c8c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

16:33:51.0392 0x1c8c  jhi_service - ok

16:33:51.0442 0x1c8c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys

16:33:51.0463 0x1c8c  kbdclass - ok

16:33:51.0522 0x1c8c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys

16:33:51.0617 0x1c8c  kbdhid - ok

16:33:51.0649 0x1c8c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys

16:33:51.0859 0x1c8c  kdnic - ok

16:33:51.0877 0x1c8c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe

16:33:51.0930 0x1c8c  KeyIso - ok

16:33:51.0937 0x1c8c  KMDFVirtualKbd - ok

16:33:51.0974 0x1c8c  [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys

16:33:52.0057 0x1c8c  KMDFVirtualMouse - ok

16:33:52.0124 0x1c8c  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys

16:33:52.0139 0x1c8c  KSecDD - ok

16:33:52.0211 0x1c8c  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys

16:33:52.0242 0x1c8c  KSecPkg - ok

16:33:52.0275 0x1c8c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys

16:33:52.0375 0x1c8c  ksthunk - ok

16:33:52.0452 0x1c8c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll

16:33:52.0558 0x1c8c  KtmRm - ok

16:33:52.0671 0x1c8c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll

16:33:52.0752 0x1c8c  LanmanServer - ok

16:33:52.0899 0x1c8c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

16:33:53.0014 0x1c8c  LanmanWorkstation - ok

16:33:53.0231 0x1c8c  [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe

16:33:53.0266 0x1c8c  Lenovo EasyPlus Hotspot - ok

16:33:53.0480 0x1c8c  [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe

16:33:53.0516 0x1c8c  Lenovo System Agent Service - ok

16:33:53.0597 0x1c8c  [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe

16:33:53.0615 0x1c8c  LenovoWiFiHotspotSvr - ok

16:33:53.0674 0x1c8c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll

16:33:53.0832 0x1c8c  lfsvc - ok

16:33:53.0861 0x1c8c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys

16:33:53.0918 0x1c8c  lltdio - ok

16:33:53.0966 0x1c8c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll

16:33:54.0013 0x1c8c  lltdsvc - ok

16:33:54.0046 0x1c8c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll

16:33:54.0122 0x1c8c  lmhosts - ok

16:33:54.0290 0x1c8c  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

16:33:54.0314 0x1c8c  LMS - ok

16:33:54.0436 0x1c8c  [ DB470EC2922A1DA3936CAFD2647B7C52, 2B973A2685031EDD1026B98070699384F11EF7AE574DC429A69B352B18047403 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe

16:33:54.0455 0x1c8c  LSCWinService - ok

16:33:54.0484 0x1c8c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys

16:33:54.0518 0x1c8c  LSI_SAS - ok

16:33:54.0552 0x1c8c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys

16:33:54.0569 0x1c8c  LSI_SAS2 - ok

16:33:54.0596 0x1c8c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys

16:33:54.0613 0x1c8c  LSI_SAS3 - ok

16:33:54.0636 0x1c8c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys

16:33:54.0651 0x1c8c  LSI_SSS - ok

16:33:54.0796 0x1c8c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll

16:33:54.0975 0x1c8c  LSM - ok

16:33:54.0999 0x1c8c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys

16:33:55.0265 0x1c8c  luafv - ok

16:33:55.0332 0x1c8c  [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService       C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe

16:33:55.0341 0x1c8c  LUService - ok

16:33:55.0374 0x1c8c  [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam         C:\WINDOWS\system32\DRIVERS\mcvidrv.sys

16:33:55.0384 0x1c8c  ManyCam - ok

16:33:55.0482 0x1c8c  [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe

16:33:55.0620 0x1c8c  ManyCam Service - ok

16:33:55.0653 0x1c8c  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

16:33:55.0679 0x1c8c  MBAMProtector - ok

16:33:55.0777 0x1c8c  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

16:33:55.0865 0x1c8c  MBAMScheduler - ok

16:33:55.0936 0x1c8c  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

16:33:55.0992 0x1c8c  MBAMService - ok

16:33:56.0116 0x1c8c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

16:33:56.0175 0x1c8c  MBAMSwissArmy - ok

16:33:56.0207 0x1c8c  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys

16:33:56.0221 0x1c8c  MBAMWebAccessControl - ok

16:33:56.0244 0x1c8c  [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys

16:33:56.0275 0x1c8c  mcaudrv_simple - ok

16:33:56.0333 0x1c8c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys

16:33:56.0351 0x1c8c  megasas - ok

16:33:56.0396 0x1c8c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys

16:33:56.0437 0x1c8c  megasr - ok

16:33:56.0509 0x1c8c  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys

16:33:56.0540 0x1c8c  MEIx64 - ok

16:33:56.0572 0x1c8c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll

16:33:56.0693 0x1c8c  MMCSS - ok

16:33:56.0723 0x1c8c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys

16:33:56.0803 0x1c8c  Modem - ok

16:33:56.0837 0x1c8c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys

16:33:56.0992 0x1c8c  monitor - ok

16:33:57.0013 0x1c8c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys

16:33:57.0039 0x1c8c  mouclass - ok

16:33:57.0068 0x1c8c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys

16:33:57.0165 0x1c8c  mouhid - ok

16:33:57.0244 0x1c8c  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys

16:33:57.0264 0x1c8c  mountmgr - ok

16:33:57.0361 0x1c8c  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

16:33:57.0394 0x1c8c  MozillaMaintenance - ok

16:33:57.0431 0x1c8c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys

16:33:57.0626 0x1c8c  mpsdrv - ok

16:33:57.0682 0x1c8c  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll

16:33:57.0771 0x1c8c  MpsSvc - ok

16:33:57.0832 0x1c8c  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys

16:33:58.0138 0x1c8c  MRxDAV - ok

16:33:58.0176 0x1c8c  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:33:58.0292 0x1c8c  mrxsmb - ok

16:33:58.0443 0x1c8c  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

16:33:58.0969 0x1c8c  mrxsmb10 - ok

16:33:58.0997 0x1c8c  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

16:33:59.0157 0x1c8c  mrxsmb20 - ok

16:33:59.0192 0x1c8c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys

16:33:59.0273 0x1c8c  MsBridge - ok

16:33:59.0320 0x1c8c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

16:33:59.0362 0x1c8c  MSDTC - ok

16:33:59.0420 0x1c8c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

16:33:59.0490 0x1c8c  Msfs - ok

16:33:59.0505 0x1c8c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys

16:33:59.0525 0x1c8c  msgpiowin32 - ok

16:33:59.0552 0x1c8c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys

16:33:59.0605 0x1c8c  mshidkmdf - ok

16:33:59.0635 0x1c8c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys

16:33:59.0690 0x1c8c  mshidumdf - ok

16:33:59.0717 0x1c8c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

16:33:59.0731 0x1c8c  msisadrv - ok

16:33:59.0773 0x1c8c  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll

16:33:59.0936 0x1c8c  MSiSCSI - ok

16:33:59.0943 0x1c8c  msiserver - ok

16:34:00.0009 0x1c8c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:34:00.0103 0x1c8c  MSKSSRV - ok

16:34:00.0137 0x1c8c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys

16:34:00.0229 0x1c8c  MsLldp - ok

16:34:00.0246 0x1c8c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:34:00.0282 0x1c8c  MSPCLOCK - ok

16:34:00.0305 0x1c8c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

16:34:00.0369 0x1c8c  MSPQM - ok

16:34:00.0419 0x1c8c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys

16:34:00.0462 0x1c8c  MsRPC - ok

16:34:00.0477 0x1c8c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys

16:34:00.0507 0x1c8c  mssmbios - ok

16:34:00.0529 0x1c8c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

16:34:00.0602 0x1c8c  MSTEE - ok

16:34:00.0624 0x1c8c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys

16:34:00.0684 0x1c8c  MTConfig - ok

16:34:00.0736 0x1c8c  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys

16:34:00.0762 0x1c8c  Mup - ok

16:34:00.0786 0x1c8c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys

16:34:00.0801 0x1c8c  mvumis - ok

16:34:00.0847 0x1c8c  [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

16:34:00.0866 0x1c8c  MyWiFiDHCPDNS - ok

16:34:00.0911 0x1c8c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll

16:34:00.0965 0x1c8c  napagent - ok

16:34:01.0020 0x1c8c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys

16:34:01.0138 0x1c8c  NativeWifiP - ok

16:34:01.0330 0x1c8c  [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

16:34:01.0379 0x1c8c  NAUpdate - ok

16:34:01.0471 0x1c8c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll

16:34:01.0533 0x1c8c  NcaSvc - ok

16:34:01.0553 0x1c8c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll

16:34:01.0649 0x1c8c  NcbService - ok

16:34:01.0681 0x1c8c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll

16:34:01.0811 0x1c8c  NcdAutoSetup - ok

16:34:01.0912 0x1c8c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys

16:34:01.0983 0x1c8c  NDIS - ok

16:34:02.0071 0x1c8c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys

16:34:02.0126 0x1c8c  NdisCap - ok

16:34:02.0176 0x1c8c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

16:34:02.0251 0x1c8c  NdisImPlatform - ok

16:34:02.0285 0x1c8c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:34:02.0371 0x1c8c  NdisTapi - ok

16:34:02.0398 0x1c8c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:34:02.0532 0x1c8c  Ndisuio - ok

16:34:02.0557 0x1c8c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

16:34:02.0640 0x1c8c  NdisVirtualBus - ok

16:34:02.0691 0x1c8c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:34:02.0876 0x1c8c  NdisWan - ok

16:34:02.0885 0x1c8c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:34:02.0950 0x1c8c  NdisWanLegacy - ok

16:34:02.0999 0x1c8c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

16:34:03.0078 0x1c8c  NDProxy - ok

16:34:03.0119 0x1c8c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys

16:34:03.0246 0x1c8c  Ndu - ok

16:34:03.0278 0x1c8c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

16:34:03.0313 0x1c8c  NetBIOS - ok

16:34:03.0411 0x1c8c  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

16:34:03.0584 0x1c8c  NetBT - ok

16:34:03.0616 0x1c8c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe

16:34:03.0631 0x1c8c  Netlogon - ok

16:34:03.0684 0x1c8c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll

16:34:03.0723 0x1c8c  Netman - ok

16:34:03.0852 0x1c8c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll

16:34:03.0926 0x1c8c  netprofm - ok

16:34:04.0000 0x1c8c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:34:04.0058 0x1c8c  NetTcpPortSharing - ok

16:34:04.0099 0x1c8c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys

16:34:04.0472 0x1c8c  netvsc - ok

16:34:04.0815 0x1c8c  [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64        C:\WINDOWS\system32\DRIVERS\Netwbw02.sys

16:34:04.0985 0x1c8c  NETwNb64 - ok

16:34:05.0285 0x1c8c  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\WINDOWS\system32\DRIVERS\NETwew02.sys

16:34:05.0665 0x1c8c  NETwNe64 - ok

16:34:05.0780 0x1c8c  [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe

16:34:05.0796 0x1c8c  NitroDriverReadSpool9 - ok

16:34:05.0852 0x1c8c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll

16:34:05.0971 0x1c8c  NlaSvc - ok

16:34:06.0122 0x1c8c  [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE

16:34:06.0540 0x1c8c  nlsX86cc - ok

16:34:06.0582 0x1c8c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

16:34:06.0649 0x1c8c  Npfs - ok

16:34:06.0674 0x1c8c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys

16:34:06.0844 0x1c8c  npsvctrig - ok

16:34:06.0864 0x1c8c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll

16:34:06.0991 0x1c8c  nsi - ok

16:34:07.0025 0x1c8c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

16:34:07.0084 0x1c8c  nsiproxy - ok

16:34:07.0220 0x1c8c  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

16:34:07.0341 0x1c8c  Ntfs - ok

16:34:07.0363 0x1c8c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys

16:34:07.0415 0x1c8c  Null - ok

16:34:07.0445 0x1c8c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys

16:34:07.0471 0x1c8c  nvraid - ok

16:34:07.0535 0x1c8c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys

16:34:07.0559 0x1c8c  nvstor - ok

16:34:07.0579 0x1c8c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys

16:34:07.0619 0x1c8c  nv_agp - ok

16:34:07.0747 0x1c8c  [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:34:07.0771 0x1c8c  ose - ok

16:34:07.0805 0x1c8c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll

16:34:07.0894 0x1c8c  p2pimsvc - ok

16:34:07.0926 0x1c8c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll

16:34:08.0022 0x1c8c  p2psvc - ok

16:34:08.0066 0x1c8c  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\WINDOWS\System32\drivers\parport.sys

16:34:08.0443 0x1c8c  Parport - ok

16:34:08.0480 0x1c8c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys

16:34:08.0511 0x1c8c  partmgr - ok

16:34:08.0594 0x1c8c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll

16:34:08.0657 0x1c8c  PcaSvc - ok

16:34:08.0701 0x1c8c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys

16:34:08.0733 0x1c8c  pci - ok

16:34:08.0762 0x1c8c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys

16:34:08.0776 0x1c8c  pciide - ok

16:34:08.0801 0x1c8c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys

16:34:08.0821 0x1c8c  pcmcia - ok

16:34:08.0843 0x1c8c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys

16:34:08.0884 0x1c8c  pcw - ok

16:34:08.0927 0x1c8c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys

16:34:08.0952 0x1c8c  pdc - ok

16:34:09.0000 0x1c8c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys

16:34:09.0128 0x1c8c  PEAUTH - ok

16:34:09.0162 0x1c8c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe

16:34:09.0360 0x1c8c  PerfHost - ok

16:34:09.0503 0x1c8c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll

16:34:09.0623 0x1c8c  pla - ok

16:34:09.0672 0x1c8c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll

16:34:09.0691 0x1c8c  PlugPlay - ok

16:34:09.0726 0x1c8c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll

16:34:09.0749 0x1c8c  PNRPAutoReg - ok

16:34:09.0780 0x1c8c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll

16:34:09.0806 0x1c8c  PNRPsvc - ok

16:34:09.0887 0x1c8c  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll

16:34:09.0977 0x1c8c  PolicyAgent - ok

16:34:10.0037 0x1c8c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll

16:34:10.0158 0x1c8c  Power - ok

16:34:10.0196 0x1c8c  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:34:10.0238 0x1c8c  PptpMiniport - ok

16:34:10.0414 0x1c8c  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

16:34:10.0723 0x1c8c  PrintNotify - ok

16:34:10.0785 0x1c8c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys

16:34:10.0850 0x1c8c  Processor - ok

16:34:10.0898 0x1c8c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll

16:34:11.0000 0x1c8c  ProfSvc - ok

16:34:11.0023 0x1c8c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys

16:34:11.0083 0x1c8c  Psched - ok

16:34:11.0210 0x1c8c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll

16:34:11.0314 0x1c8c  QWAVE - ok

16:34:11.0343 0x1c8c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys

16:34:11.0392 0x1c8c  QWAVEdrv - ok

16:34:11.0436 0x1c8c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:34:11.0502 0x1c8c  RasAcd - ok

16:34:11.0545 0x1c8c  [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys

16:34:11.0751 0x1c8c  RasAgileVpn - ok

16:34:11.0786 0x1c8c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

16:34:11.0832 0x1c8c  RasAuto - ok

16:34:11.0890 0x1c8c  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:34:12.0019 0x1c8c  Rasl2tp - ok

16:34:12.0084 0x1c8c  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\WINDOWS\System32\rasmans.dll

16:34:12.0154 0x1c8c  RasMan - ok

16:34:12.0192 0x1c8c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:34:12.0248 0x1c8c  RasPppoe - ok

16:34:12.0294 0x1c8c  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys

16:34:12.0357 0x1c8c  RasSstp - ok

16:34:12.0426 0x1c8c  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:34:12.0602 0x1c8c  rdbss - ok

16:34:12.0622 0x1c8c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

16:34:12.0739 0x1c8c  rdpbus - ok

16:34:12.0774 0x1c8c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

16:34:12.0904 0x1c8c  RDPDR - ok

16:34:12.0961 0x1c8c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

16:34:12.0984 0x1c8c  RdpVideoMiniport - ok

16:34:13.0017 0x1c8c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

16:34:13.0052 0x1c8c  rdyboost - ok

16:34:13.0130 0x1c8c  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys

16:34:13.0185 0x1c8c  ReFS - ok

16:34:13.0340 0x1c8c  [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

16:34:13.0357 0x1c8c  RegSrvc - ok

16:34:13.0410 0x1c8c  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

16:34:13.0452 0x1c8c  RemoteAccess - ok

16:34:13.0501 0x1c8c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

16:34:13.0584 0x1c8c  RemoteRegistry - ok

16:34:13.0664 0x1c8c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys

16:34:13.0726 0x1c8c  RFCOMM - ok

16:34:13.0857 0x1c8c  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe

16:34:13.0881 0x1c8c  RichVideo64 - ok

16:34:13.0931 0x1c8c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

16:34:13.0979 0x1c8c  RpcEptMapper - ok

16:34:14.0025 0x1c8c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe

16:34:14.0111 0x1c8c  RpcLocator - ok

16:34:14.0186 0x1c8c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

16:34:14.0253 0x1c8c  RpcSs - ok

16:34:14.0312 0x1c8c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

16:34:14.0367 0x1c8c  rspndr - ok

16:34:14.0443 0x1c8c  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys

16:34:14.0473 0x1c8c  RSUSBVSTOR - ok

16:34:14.0519 0x1c8c  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

16:34:14.0562 0x1c8c  RTL8168 - ok

16:34:15.0044 0x1c8c  [ 6EA6AC66600E01E55FFB69AE53EE1553, 81ADE4CA618C5229DC241F10711578633093E1E43739AA6726923D9E6D27A0BE ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys

16:34:15.0521 0x1c8c  rtsuvc - ok

16:34:15.0581 0x1c8c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

16:34:15.0630 0x1c8c  s3cap - ok

16:34:15.0677 0x1c8c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe

16:34:15.0692 0x1c8c  SamSs - ok

16:34:15.0698 0x1c8c  SAService - ok

16:34:15.0717 0x1c8c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

16:34:15.0738 0x1c8c  sbp2port - ok

16:34:15.0762 0x1c8c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

16:34:15.0803 0x1c8c  SCardSvr - ok

16:34:15.0840 0x1c8c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

16:34:15.0869 0x1c8c  ScDeviceEnum - ok

16:34:15.0898 0x1c8c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

16:34:15.0947 0x1c8c  scfilter - ok

16:34:16.0053 0x1c8c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

16:34:16.0206 0x1c8c  Schedule - ok

16:34:16.0241 0x1c8c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

16:34:16.0262 0x1c8c  SCPolicySvc - ok

16:34:16.0351 0x1c8c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

16:34:16.0379 0x1c8c  sdbus - ok

16:34:16.0411 0x1c8c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

16:34:16.0447 0x1c8c  sdstor - ok

16:34:16.0483 0x1c8c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys

16:34:16.0631 0x1c8c  secdrv - ok

16:34:16.0690 0x1c8c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll

16:34:16.0792 0x1c8c  seclogon - ok

16:34:16.0821 0x1c8c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll

16:34:16.0883 0x1c8c  SENS - ok

16:34:16.0932 0x1c8c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

16:34:17.0050 0x1c8c  SensrSvc - ok

16:34:17.0111 0x1c8c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

16:34:17.0140 0x1c8c  SerCx - ok

16:34:17.0200 0x1c8c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

16:34:17.0220 0x1c8c  SerCx2 - ok

16:34:17.0282 0x1c8c  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

16:34:17.0316 0x1c8c  Serenum - ok

16:34:17.0370 0x1c8c  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\WINDOWS\System32\drivers\serial.sys

16:34:17.0422 0x1c8c  Serial - ok

16:34:17.0478 0x1c8c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

16:34:17.0551 0x1c8c  sermouse - ok

16:34:17.0598 0x1c8c  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

16:34:17.0759 0x1c8c  SessionEnv - ok

16:34:17.0778 0x1c8c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

16:34:17.0866 0x1c8c  sfloppy - ok

16:34:17.0939 0x1c8c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

16:34:18.0005 0x1c8c  SharedAccess - ok

16:34:18.0064 0x1c8c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:34:18.0160 0x1c8c  ShellHWDetection - ok

16:34:18.0240 0x1c8c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

16:34:18.0258 0x1c8c  SiSRaid2 - ok

16:34:18.0277 0x1c8c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

16:34:18.0292 0x1c8c  SiSRaid4 - ok

16:34:18.0424 0x1c8c  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

16:34:18.0454 0x1c8c  SkypeUpdate - ok

16:34:18.0496 0x1c8c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll

16:34:18.0806 0x1c8c  smphost - ok

16:34:18.0857 0x1c8c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

16:34:18.0893 0x1c8c  SNMPTRAP - ok

16:34:18.0951 0x1c8c  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

16:34:18.0992 0x1c8c  spaceport - ok

16:34:19.0045 0x1c8c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

16:34:19.0073 0x1c8c  SpbCx - ok

16:34:19.0154 0x1c8c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe

16:34:19.0266 0x1c8c  Spooler - ok

16:34:19.0684 0x1c8c  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

16:34:20.0161 0x1c8c  sppsvc - ok

16:34:20.0258 0x1c8c  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

16:34:20.0426 0x1c8c  srv - ok

16:34:20.0562 0x1c8c  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

16:34:20.0660 0x1c8c  srv2 - ok

16:34:20.0764 0x1c8c  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

16:34:20.0877 0x1c8c  srvnet - ok

16:34:21.0016 0x1c8c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

16:34:21.0085 0x1c8c  SSDPSRV - ok

16:34:21.0302 0x1c8c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

16:34:21.0430 0x1c8c  SstpSvc - ok

16:34:21.0590 0x1c8c  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

16:34:21.0645 0x1c8c  ssudmdm - ok

16:34:21.0746 0x1c8c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

16:34:21.0764 0x1c8c  stexstor - ok

16:34:21.0823 0x1c8c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

16:34:21.0964 0x1c8c  stisvc - ok

16:34:21.0986 0x1c8c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

16:34:22.0003 0x1c8c  storahci - ok

16:34:22.0070 0x1c8c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys

16:34:22.0084 0x1c8c  storflt - ok

16:34:22.0142 0x1c8c  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

16:34:22.0166 0x1c8c  stornvme - ok

16:34:22.0191 0x1c8c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

16:34:22.0286 0x1c8c  StorSvc - ok

16:34:22.0318 0x1c8c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

16:34:22.0333 0x1c8c  storvsc - ok

16:34:22.0364 0x1c8c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll

16:34:22.0426 0x1c8c  svsvc - ok

16:34:22.0452 0x1c8c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

16:34:22.0466 0x1c8c  swenum - ok

16:34:22.0546 0x1c8c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll

16:34:22.0616 0x1c8c  swprv - ok

16:34:22.0723 0x1c8c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll

16:34:22.0874 0x1c8c  SysMain - ok

16:34:22.0920 0x1c8c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

16:34:23.0012 0x1c8c  SystemEventsBroker - ok

16:34:23.0036 0x1c8c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

16:34:23.0133 0x1c8c  TabletInputService - ok

16:34:23.0158 0x1c8c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

16:34:23.0255 0x1c8c  TapiSrv - ok

16:34:23.0439 0x1c8c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

16:34:23.0599 0x1c8c  Tcpip - ok

16:34:23.0691 0x1c8c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:34:23.0825 0x1c8c  TCPIP6 - ok

16:34:23.0864 0x1c8c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

16:34:24.0030 0x1c8c  tcpipreg - ok

16:34:24.0100 0x1c8c  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

16:34:24.0161 0x1c8c  tdx - ok

16:34:24.0595 0x1c8c  [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

16:34:24.0991 0x1c8c  TeamViewer - ok

16:34:25.0039 0x1c8c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

16:34:25.0054 0x1c8c  terminpt - ok

16:34:25.0129 0x1c8c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll

16:34:25.0325 0x1c8c  TermService - ok

16:34:25.0371 0x1c8c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll

16:34:25.0413 0x1c8c  Themes - ok

16:34:25.0473 0x1c8c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll

16:34:25.0510 0x1c8c  THREADORDER - ok

16:34:25.0557 0x1c8c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll

16:34:25.0624 0x1c8c  TimeBroker - ok

16:34:25.0699 0x1c8c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys

16:34:25.0725 0x1c8c  TPM - ok

16:34:25.0773 0x1c8c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

16:34:25.0814 0x1c8c  TrkWks - ok

16:34:25.0967 0x1c8c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

16:34:26.0134 0x1c8c  TrustedInstaller - ok

16:34:26.0157 0x1c8c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys

16:34:26.0310 0x1c8c  TsUsbFlt - ok

16:34:26.0341 0x1c8c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

16:34:26.0426 0x1c8c  TsUsbGD - ok

16:34:26.0503 0x1c8c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys

16:34:26.0665 0x1c8c  tunnel - ok

16:34:26.0705 0x1c8c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys

16:34:26.0743 0x1c8c  uagp35 - ok

16:34:26.0776 0x1c8c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

16:34:26.0793 0x1c8c  UASPStor - ok

16:34:26.0825 0x1c8c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys

16:34:26.0849 0x1c8c  UCX01000 - ok

16:34:26.0963 0x1c8c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

16:34:27.0096 0x1c8c  udfs - ok

16:34:27.0111 0x1c8c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

16:34:27.0127 0x1c8c  UEFI - ok

16:34:27.0164 0x1c8c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

16:34:27.0227 0x1c8c  UI0Detect - ok

16:34:27.0278 0x1c8c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys

16:34:27.0292 0x1c8c  uliagpkx - ok

16:34:27.0312 0x1c8c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

16:34:27.0378 0x1c8c  umbus - ok

16:34:27.0405 0x1c8c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

16:34:27.0452 0x1c8c  UmPass - ok

16:34:27.0519 0x1c8c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

16:34:27.0656 0x1c8c  UmRdpService - ok

16:34:27.0699 0x1c8c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll

16:34:27.0781 0x1c8c  upnphost - ok

16:34:27.0853 0x1c8c  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

16:34:27.0955 0x1c8c  usbaudio - ok

16:34:27.0985 0x1c8c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

16:34:28.0012 0x1c8c  usbccgp - ok

16:34:28.0055 0x1c8c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

16:34:28.0137 0x1c8c  usbcir - ok

16:34:28.0178 0x1c8c  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

16:34:28.0211 0x1c8c  usbehci - ok

16:34:28.0303 0x1c8c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

16:34:28.0346 0x1c8c  usbhub - ok

16:34:28.0386 0x1c8c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

16:34:28.0426 0x1c8c  USBHUB3 - ok

16:34:28.0497 0x1c8c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

16:34:28.0761 0x1c8c  usbohci - ok

16:34:28.0790 0x1c8c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

16:34:28.0882 0x1c8c  usbprint - ok

16:34:28.0926 0x1c8c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:34:29.0039 0x1c8c  usbscan - ok

16:34:29.0094 0x1c8c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

16:34:29.0139 0x1c8c  USBSTOR - ok

16:34:29.0173 0x1c8c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

16:34:29.0223 0x1c8c  usbuhci - ok

16:34:29.0262 0x1c8c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

16:34:29.0349 0x1c8c  usbvideo - ok

16:34:29.0442 0x1c8c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

16:34:29.0474 0x1c8c  USBXHCI - ok

16:34:29.0489 0x1c8c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe

16:34:29.0505 0x1c8c  VaultSvc - ok

16:34:29.0542 0x1c8c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

16:34:29.0570 0x1c8c  vdrvroot - ok

16:34:29.0655 0x1c8c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe

16:34:29.0737 0x1c8c  vds - ok

16:34:29.0853 0x1c8c  [ E28127C422E5E0C91A0EC040C9838A0B, 1D881AE97138829E40847796972FE32F267DCD21B0BC83899AF9D6144FA0709B ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe

16:34:29.0870 0x1c8c  VeriFaceSrv - ok

16:34:29.0893 0x1c8c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

16:34:29.0930 0x1c8c  VerifierExt - ok

16:34:29.0975 0x1c8c  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

16:34:30.0021 0x1c8c  vhdmp - ok

16:34:30.0066 0x1c8c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys

16:34:30.0095 0x1c8c  viaide - ok

16:34:30.0117 0x1c8c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

16:34:30.0134 0x1c8c  vmbus - ok

16:34:30.0166 0x1c8c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

16:34:30.0231 0x1c8c  VMBusHID - ok

16:34:30.0299 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

16:34:30.0406 0x1c8c  vmicguestinterface - ok

16:34:30.0429 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll

16:34:30.0483 0x1c8c  vmicheartbeat - ok

16:34:30.0505 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

16:34:30.0542 0x1c8c  vmickvpexchange - ok

16:34:30.0564 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll

16:34:30.0612 0x1c8c  vmicrdv - ok

16:34:30.0640 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll

16:34:30.0678 0x1c8c  vmicshutdown - ok

16:34:30.0699 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll

16:34:30.0732 0x1c8c  vmictimesync - ok

16:34:30.0761 0x1c8c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll

16:34:30.0829 0x1c8c  vmicvss - ok

16:34:30.0901 0x1c8c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

16:34:30.0918 0x1c8c  volmgr - ok

16:34:30.0956 0x1c8c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

16:34:30.0984 0x1c8c  volmgrx - ok

16:34:31.0111 0x1c8c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

16:34:31.0145 0x1c8c  volsnap - ok

16:34:31.0172 0x1c8c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

16:34:31.0190 0x1c8c  vpci - ok

16:34:31.0223 0x1c8c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

16:34:31.0244 0x1c8c  vsmraid - ok

16:34:31.0376 0x1c8c  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe

16:34:31.0533 0x1c8c  VSS - ok

16:34:31.0562 0x1c8c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

16:34:31.0601 0x1c8c  VSTXRAID - ok

16:34:31.0649 0x1c8c  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

16:34:31.0949 0x1c8c  vwifibus - ok

16:34:31.0974 0x1c8c  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys

16:34:32.0094 0x1c8c  vwififlt - ok

16:34:32.0117 0x1c8c  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys

16:34:32.0149 0x1c8c  vwifimp - ok

16:34:32.0213 0x1c8c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll

16:34:32.0305 0x1c8c  W32Time - ok

16:34:32.0343 0x1c8c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

16:34:32.0404 0x1c8c  WacomPen - ok

16:34:32.0447 0x1c8c  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:34:32.0500 0x1c8c  Wanarp - ok

16:34:32.0506 0x1c8c  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:34:32.0525 0x1c8c  Wanarpv6 - ok

16:34:32.0630 0x1c8c  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\WINDOWS\system32\wbengine.exe

16:34:32.0915 0x1c8c  wbengine - ok

16:34:32.0960 0x1c8c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

16:34:33.0061 0x1c8c  WbioSrvc - ok

16:34:33.0099 0x1c8c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

16:34:33.0130 0x1c8c  Wcmsvc - ok

16:34:33.0177 0x1c8c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

16:34:33.0210 0x1c8c  wcncsvc - ok

16:34:33.0257 0x1c8c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

16:34:33.0321 0x1c8c  WcsPlugInService - ok

16:34:33.0362 0x1c8c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

16:34:33.0381 0x1c8c  WdBoot - ok

16:34:33.0420 0x1c8c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

16:34:33.0466 0x1c8c  Wdf01000 - ok

16:34:33.0541 0x1c8c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

16:34:33.0566 0x1c8c  WdFilter - ok

16:34:33.0602 0x1c8c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

16:34:33.0631 0x1c8c  WdiServiceHost - ok

16:34:33.0641 0x1c8c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

16:34:33.0661 0x1c8c  WdiSystemHost - ok

16:34:33.0678 0x1c8c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

16:34:33.0695 0x1c8c  WdNisDrv - ok

16:34:33.0724 0x1c8c  WdNisSvc - ok

16:34:33.0805 0x1c8c  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll

16:34:33.0944 0x1c8c  WebClient - ok

16:34:33.0981 0x1c8c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

16:34:34.0031 0x1c8c  Wecsvc - ok

16:34:34.0070 0x1c8c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

16:34:34.0137 0x1c8c  WEPHOSTSVC - ok

16:34:34.0162 0x1c8c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

16:34:34.0262 0x1c8c  wercplsupport - ok

16:34:34.0335 0x1c8c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

16:34:34.0375 0x1c8c  WerSvc - ok

16:34:34.0479 0x1c8c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

16:34:34.0499 0x1c8c  WFPLWFS - ok

16:34:34.0533 0x1c8c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

16:34:34.0584 0x1c8c  WiaRpc - ok

16:34:34.0625 0x1c8c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

16:34:34.0650 0x1c8c  WIMMount - ok

16:34:34.0655 0x1c8c  WinDefend - ok

16:34:34.0766 0x1c8c  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

16:34:34.0931 0x1c8c  WinHttpAutoProxySvc - ok

16:34:35.0003 0x1c8c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

16:34:35.0143 0x1c8c  Winmgmt - ok

16:34:35.0425 0x1c8c  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

16:34:35.0630 0x1c8c  WinRM - ok

16:34:35.0673 0x1c8c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys

16:34:35.0893 0x1c8c  WinUsb - ok

16:34:36.0006 0x1c8c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

16:34:36.0139 0x1c8c  WlanSvc - ok

16:34:36.0281 0x1c8c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

16:34:36.0401 0x1c8c  wlidsvc - ok

16:34:36.0446 0x1c8c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

16:34:36.0500 0x1c8c  WmiAcpi - ok

16:34:36.0540 0x1c8c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

16:34:36.0585 0x1c8c  wmiApSrv - ok

16:34:36.0614 0x1c8c  WMPNetworkSvc - ok

16:34:36.0634 0x1c8c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

16:34:36.0671 0x1c8c  Wof - ok

16:34:36.0878 0x1c8c  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

16:34:37.0047 0x1c8c  workfolderssvc - ok

16:34:37.0126 0x1c8c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

16:34:37.0146 0x1c8c  wpcfltr - ok

16:34:37.0191 0x1c8c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll

16:34:37.0266 0x1c8c  WPCSvc - ok

16:34:37.0297 0x1c8c  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

16:34:37.0405 0x1c8c  WPDBusEnum - ok

16:34:37.0445 0x1c8c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

16:34:37.0460 0x1c8c  WpdUpFltr - ok

16:34:37.0481 0x1c8c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

16:34:37.0539 0x1c8c  ws2ifsl - ok

16:34:37.0593 0x1c8c  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

16:34:37.0713 0x1c8c  wscsvc - ok

16:34:37.0720 0x1c8c  WSearch - ok

16:34:37.0931 0x1c8c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll

16:34:38.0118 0x1c8c  WSService - ok

16:34:38.0199 0x1c8c  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys

16:34:38.0237 0x1c8c  wsvd - ok

16:34:38.0504 0x1c8c  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

16:34:38.0752 0x1c8c  wuauserv - ok

16:34:38.0791 0x1c8c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

16:34:38.0906 0x1c8c  WudfPf - ok

16:34:38.0935 0x1c8c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

16:34:39.0002 0x1c8c  WUDFRd - ok

16:34:39.0016 0x1c8c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

16:34:39.0042 0x1c8c  WUDFSensorLP - ok

16:34:39.0100 0x1c8c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

16:34:39.0120 0x1c8c  wudfsvc - ok

16:34:39.0133 0x1c8c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys

16:34:39.0154 0x1c8c  WUDFWpdFs - ok

16:34:39.0165 0x1c8c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys

16:34:39.0186 0x1c8c  WUDFWpdMtp - ok

16:34:39.0312 0x1c8c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

16:34:39.0350 0x1c8c  WwanSvc - ok

16:34:39.0682 0x1c8c  [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

16:34:39.0882 0x1c8c  ZeroConfigService - ok

16:34:39.0920 0x1c8c  ================ Scan global ===============================

16:34:39.0998 0x1c8c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll

16:34:40.0085 0x1c8c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll

16:34:40.0125 0x1c8c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll

16:34:40.0194 0x1c8c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe

16:34:40.0238 0x1c8c  [ Global ] - ok

16:34:40.0240 0x1c8c  ================ Scan MBR ==================================

16:34:40.0260 0x1c8c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

16:34:40.0404 0x1c8c  \Device\Harddisk0\DR0 - ok

16:34:40.0412 0x1c8c  ================ Scan VBR ==================================

16:34:40.0452 0x1c8c  [ C307F981B085B939E9144D2BA8D35BFB ] \Device\Harddisk0\DR0\Partition1

16:34:40.0477 0x1c8c  \Device\Harddisk0\DR0\Partition1 - ok

16:34:40.0494 0x1c8c  [ DBD7E31BB7C36769AF538F5940AB8FE5 ] \Device\Harddisk0\DR0\Partition2

16:34:40.0496 0x1c8c  \Device\Harddisk0\DR0\Partition2 - ok

16:34:40.0517 0x1c8c  [ 27CF5568853A0D8392A39E65E6EA7437 ] \Device\Harddisk0\DR0\Partition3

16:34:40.0541 0x1c8c  \Device\Harddisk0\DR0\Partition3 - ok

16:34:40.0556 0x1c8c  [ 84833E3E69F2AA95FF524F3C579ABBA8 ] \Device\Harddisk0\DR0\Partition4

16:34:40.0556 0x1c8c  \Device\Harddisk0\DR0\Partition4 - ok

16:34:40.0573 0x1c8c  [ ABD4AE5CC8E81AB7F1813CBBA8F6C8A5 ] \Device\Harddisk0\DR0\Partition5

16:34:40.0575 0x1c8c  \Device\Harddisk0\DR0\Partition5 - ok

16:34:40.0612 0x1c8c  [ E6B4D91E07A89FD54CAE04B996A8087E ] \Device\Harddisk0\DR0\Partition6

16:34:40.0614 0x1c8c  \Device\Harddisk0\DR0\Partition6 - ok

16:34:40.0628 0x1c8c  [ 5519F2C2D861C7E302FD2DCC21547517 ] \Device\Harddisk0\DR0\Partition7

16:34:40.0631 0x1c8c  \Device\Harddisk0\DR0\Partition7 - ok

16:34:40.0634 0x1c8c  ================ Scan generic autorun ======================

16:34:40.0700 0x1c8c  [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe

16:34:40.0801 0x1c8c  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )

16:34:40.0958 0x1c8c  Detect skipped due to KSN trusted

16:34:40.0958 0x1c8c  IAStorIcon - ok

16:34:41.0030 0x1c8c  [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe

16:34:41.0083 0x1c8c  ForteConfig - ok

16:34:41.0284 0x1c8c  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe

16:34:41.0386 0x1c8c  SmartAudio - ok

16:34:41.0532 0x1c8c  [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

16:34:41.0600 0x1c8c  cAudioFilterAgent - ok

16:34:41.0602 0x1c8c  ETDCtrl - ok

16:34:41.0977 0x1c8c  [ 0E2427CF7B8BFC002795159AB55564C1, F4DAEEC6CD7580621C3411ADC5EAA8BE1927924EC2FEDA05E223E6580D8FA9B7 ] C:\WINDOWS\RTFTrack.exe

16:34:42.0306 0x1c8c  RtsFT - ok

16:34:44.0836 0x1c8c  [ 6DB938E782F688C788441AB389B9FC78, 195875E58457FE5CD6E81AD48576186060D4B44FD415DAF881541199808C1BCE ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe

16:34:46.0339 0x1c8c  Energy Manager - ok

16:34:46.0636 0x1390  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc

16:34:46.0833 0x1390  Object send P2P result: true

16:34:47.0510 0x1c8c  [ E3D9352D2EE0A4343FE2A4A99FCBCB06, 886D243B569BF11118D19B27DE39DE1E42D471B3DA0C9A397E301E17519C6C42 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe

16:34:48.0202 0x1c8c  Lenovo Utility - ok

16:34:48.0373 0x1c8c  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe

16:34:48.0397 0x1c8c  UpdateP2GShortCut - ok

16:34:48.0484 0x1c8c  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

16:34:48.0523 0x1c8c  SunJavaUpdateSched - ok

16:34:48.0599 0x1c8c  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe

16:34:48.0832 0x1c8c  Pokki - ok

16:34:49.0151 0x1c8c  [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe

16:34:49.0218 0x1c8c  FreeAC - ok

Und Teil 2:

Code:

16:34:49.0302 0x1c8c  Skype - ok

16:34:52.0263 0x1c8c  [ 1E53BE3B241C27D42F753EEE7E0751B7, 8237E8ECBB332AA0098024313F4452EFE66FECAC1878E07A46A6F817DC1AF453 ] C:\Program Files (x86)\ManyCam\ManyCam.exe

16:34:52.0866 0x1c8c  ManyCam - ok

16:34:53.0078 0x1c8c  Chromium - ok

16:34:53.0426 0x1c8c  [ 0C2D8CBA28E12D170FC5343F03E6D20C, 73A66AEF5D89E69E6B19172328AC043542FD7628DD44A569B23625261A0B56FB ] C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe

16:34:53.0510 0x1c8c  Spotify Web Helper - ok

16:34:54.0096 0x1c8c  [ 309A0390822194B835DBBF1374718354, BE1021B9D5EA4C4180E752F21191BD21010298BB2545F3D725E71E913DB14808 ] C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe

16:34:54.0201 0x1c8c  uTorrent - ok

16:34:55.0046 0x1c8c  [ C654101E928F9C1EC19A3C3AA78D4482, 925C51A2B1DD082EA5F7035CDAD481F6017DD943B005042703CCE1D5F9572AF2 ] C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe

16:34:55.0544 0x1c8c  Spotify - ok

16:34:55.0560 0x1c8c  Waiting for KSN requests completion. In queue: 4

16:34:56.0763 0x1c8c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )

16:34:56.0775 0x1c8c  Win FW state via NFP2: enabled ( trusted )

16:34:56.0856 0x1c8c  ============================================================

16:34:56.0856 0x1c8c  Scan finished

16:34:56.0856 0x1c8c  ============================================================

16:34:56.0865 0x208c  Detected object count: 1

16:34:56.0865 0x208c  Actual detected object count: 1

16:35:21.0965 0x208c  AdBlockerService ( UnsignedFile.Multi.Generic ) - skipped by user

16:35:21.0965 0x208c  AdBlockerService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:35:27.0672 0x1dc4  Deinitialize success

Log von MBAR mit aktuellen Signaturen fehlt

Hier MBAR mit aktuellen Einstellungen:

Code:

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org
 

Database version:

  main:    v2017.01.31.01

  rootkit: v2016.11.20.01
 

Windows 8.1 x64 NTFS

Internet Explorer 11.0.9600.18538

Phil :: SUPERPARCHITA [administrator]
 

31.01.2017 04:54:32

mbar-log-2017-01-31 (04-54-32).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 358165

Time elapsed: 1 hour(s), 2 minute(s), 39 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Hallo, cosinus. Entschuldige die späte Antwort, ich lag zwei Wochen mit Magen-Darm im Krankenhaus...
Hier der Log für AdwCleaner:

Code:

# AdwCleaner v6.043 - Bericht erstellt am 15/02/2017 um 21:08:06

# Aktualisiert am 27/01/2017 von Malwarebytes

# Datenbank : 2017-02-13.1 [Lokal]

# Betriebssystem : Windows 8.1  (X64)

# Benutzername : Phil - SUPERPARCHITA

# Gestartet von : C:\Users\Phil\Downloads\AdwCleaner_6.043 (1).exe

# Modus: Suchlauf

# UnterstÃ¼tzung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 

Dienst Gefunden: rtop

Dienst Gefunden: AdBlockerService

Dienst Gefunden: ByteFenceService
 
 

***** [ Ordner ] *****
 

Ordner Gefunden: C:\ProgramData\8abbd5c4

Ordner Gefunden: C:\Users\Phil\AppData\Local\Pokki

Ordner Gefunden: C:\Program Files\ByteFence

Ordner Gefunden: C:\ProgramData\ByteFence

Ordner Gefunden: C:\ProgramData\Pokki

Ordner Gefunden: C:\ProgramData\Application Data\ByteFence

Ordner Gefunden: C:\ProgramData\Application Data\Pokki

Ordner Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware

Ordner Gefunden: C:\Program Files (x86)\adblocker

Ordner Gefunden: C:\Users\Public\Documents\dmp

Ordner Gefunden: C:\Users\Default User\AppData\Local\Pokki

Ordner Gefunden: C:\Users\Default\AppData\Local\Pokki

Ordner Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F

Ordner Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
 
 

***** [ Dateien ] *****
 

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

Datei Gefunden: C:\END

Datei Gefunden: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Datei Gefunden: C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Datei Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk

Datei Gefunden: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

Datei Gefunden: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini

Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml

Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\Search Provided by Bing.xml

Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml

Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\SEARCHPLUGINS\YAHOO! POWERED.XML
 
 

***** [ DLL ] *****
 

Keine infizierten DLLs gefunden.
 
 

***** [ WMI ] *****
 

Keine schÃ¤dlichen SchlÃ¼ssel gefunden.
 
 

***** [ VerknÃ¼pfungen ] *****
 

Keine infizierten VerknÃ¼pfungen gefunden.
 
 

***** [ Aufgabenplanung ] *****
 

Aufgabe Gefunden: {60DAB822-9A31-4A47-B237-1C9C7C366EB7}

Aufgabe Gefunden: Yahoo! Powered locel

Aufgabe Gefunden: ByteFence

Aufgabe Gefunden: ByteFence Scan
 
 

***** [ Registrierungsdatenbank ] *****
 

SchlÃ¼ssel Gefunden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService

SchlÃ¼ssel Gefunden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Classes\pokki

SchlÃ¼ssel Gefunden: HKCU\Software\Classes\pokki

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Classes\pokki

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Brothersoft

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\ByteFence

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Pokki

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\PRODUCTSETUP

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\yahooprovidedsearch

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\csastats

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

SchlÃ¼ssel Gefunden: HKCU\Software\Brothersoft

SchlÃ¼ssel Gefunden: HKCU\Software\ByteFence

SchlÃ¼ssel Gefunden: HKCU\Software\Pokki

SchlÃ¼ssel Gefunden: HKCU\Software\PRODUCTSETUP

SchlÃ¼ssel Gefunden: HKCU\Software\yahooprovidedsearch

SchlÃ¼ssel Gefunden: HKCU\Software\csastats

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\ByteFence

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Lavasoft\Web Companion

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Brothersoft

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\ByteFence

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Pokki

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\PRODUCTSETUP

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\yahooprovidedsearch

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\csastats

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\ByteFence

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

Daten Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17

Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dd

Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dd

Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3

Daten Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3

SchlÃ¼ssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Daten Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}

Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 

SchlÃ¼ssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}

Daten Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com

SchlÃ¼ssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com

Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

Wert Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

Wert Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]

SchlÃ¼ssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan

SchlÃ¼ssel Gefunden: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
 
 

***** [ Internetbrowser ] *****
 

Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.newtabpage.url" -  "hxxp://www.bing.com/?pc=COSP&ptag=D050116-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT33

Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.defaultenginename" -  "Yahoo! Powered"

Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.hiddenOneOffs" -  "Search Provided by Yahoo,Yahoo,Bing,DuckDuckGo,LEO Eng-Deu"

Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.selectedEngine" -  "Yahoo! Powered"

Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "extensions.cliqz_hpn.userPKTest" -  "MIIEoQIBAAKCAQB73LMteefqj4Ff5t+CTmoaYRVu7LrrQoeQQgeGkrnQouH4pOimJTlp5gI4q769Uc

Chrome pref Gefunden: [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM

Chrome pref Gefunden: [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://yoursearching.com/wefavicon.ico
 

*************************
 

C:\AdwCleaner\AdwCleaner[S0].txt - [15159 Bytes] - [15/02/2017 20:56:26]

C:\AdwCleaner\AdwCleaner[S1].txt - [14914 Bytes] - [15/02/2017 21:08:06]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14988 Bytes] ##########

Hier das JRT-log.

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.0 (12.05.2016)

Operating System: Windows 8.1 x64 

Ran by Phil (Administrator) on 16.02.2017 at 16:49:50,79

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 8 
 

Successfully deleted: C:\end (File) 

Successfully deleted: C:\ProgramData\8abbd5c4 (Folder) 

Successfully deleted: C:\ProgramData\pokki (Folder) 

Successfully deleted: C:\Users\Phil\AppData\Local\{FA2E19ED-8733-4AB2-84A0-38F695DAAF4D} (Empty Folder)

Successfully deleted: C:\Users\Phil\AppData\Local\pokki (Folder) 

Successfully deleted: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\staged (Folder) 

Successfully deleted: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\staged (Folder) 

Successfully deleted: C:\Program Files (x86)\Common Files\17FA6306-BE4D-DD02-4098-6CB5B72BDEC6 (Folder) 
 

Deleted the following from C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js

user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
 
 
 

Registry: 2 
 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16.02.2017 at 16:53:48,20

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Anleitung bitte lesen; du hast die Funde mit dem adwCleaner nicht entfernt.

Bin anscheinend echt zu dumm zum Lesen *augenroll*

AdwCleaner - nach dem Löschen:

Code:

# AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 20:30:33

# Aktualisiert am 27/01/2017 von Malwarebytes

# Datenbank : 2017-02-13.1 [Lokal]

# Betriebssystem : Windows 8.1  (X64)

# Benutzername : Phil - SUPERPARCHITA

# Gestartet von : C:\Users\Phil\Downloads\AdwCleaner_6.043.exe

# Modus: LÃ¶schen

# UnterstÃ¼tzung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 
 
 

***** [ Ordner ] *****
 

[-] Ordner gelÃ¶scht: C:\Program Files\ByteFence

[-] Ordner gelÃ¶scht: C:\ProgramData\ByteFence

[#] Ordner mit Neustart gelÃ¶scht: C:\ProgramData\Application Data\ByteFence

[-] Ordner gelÃ¶scht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware

[-] Ordner gelÃ¶scht: C:\Program Files (x86)\adblocker

[-] Ordner gelÃ¶scht: C:\Users\Public\Documents\dmp

[-] Ordner gelÃ¶scht: C:\Users\Default User\AppData\Local\Pokki

[#] Ordner mit Neustart gelÃ¶scht: C:\Users\Default\AppData\Local\Pokki

[-] Ordner gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F

[-] Ordner gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
 
 

***** [ Dateien ] *****
 

[-] Datei gelÃ¶scht: C:\WINDOWS\SysNative\LavasoftTcpService64.dll

[-] Datei gelÃ¶scht: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

[-] Datei gelÃ¶scht: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

[#] Datei gelÃ¶scht: C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

[-] Datei gelÃ¶scht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk

[-] Datei gelÃ¶scht: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

[-] Datei gelÃ¶scht: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini

[-] Datei gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml

[-] Datei gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\Search Provided by Bing.xml

[-] Datei gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml

[#] Datei gelÃ¶scht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\SEARCHPLUGINS\YAHOO! POWERED.XML
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ VerknÃ¼pfungen ] *****
 
 
 

***** [ Aufgabenplanung ] *****
 

[-] Aufgabe gelÃ¶scht: {60DAB822-9A31-4A47-B237-1C9C7C366EB7}

[-] Aufgabe gelÃ¶scht: Yahoo! Powered locel

[-] Aufgabe gelÃ¶scht: ByteFence

[-] Aufgabe gelÃ¶scht: ByteFence Scan
 
 

***** [ Registrierungsdatenbank ] *****
 

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Classes\pokki

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Classes\pokki

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Classes\pokki

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Brothersoft

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\ByteFence

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Pokki

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\PRODUCTSETUP

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\yahooprovidedsearch

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\csastats

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Brothersoft

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\ByteFence

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Pokki

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\PRODUCTSETUP

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\yahooprovidedsearch

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\csastats

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\ByteFence

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Lavasoft\Web Companion

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Brothersoft

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\ByteFence

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Pokki

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\PRODUCTSETUP

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\yahooprovidedsearch

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\csastats

[-] SchlÃ¼ssel gelÃ¶scht: [x64] HKLM\SOFTWARE\ByteFence

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

[-] Daten  wiederhergestellt: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 

[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 

[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Daten  wiederhergestellt: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}

[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] SchlÃ¼ssel gelÃ¶scht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}

[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com

[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com

[-] Wert gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

[-] Wert gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

[-] Wert gelÃ¶scht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]

[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
 
 

***** [ Browser ] *****
 

[-] Firefox Einstellungen bereinigt: "browser.newtabpage.url" -  "hxxp://www.bing.com/?pc=COSP&ptag=D050116-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962"

[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" -  "Yahoo! Powered"

[-] Firefox Einstellungen bereinigt: "browser.search.hiddenOneOffs" -  "Search Provided by Yahoo,Yahoo,Bing,DuckDuckGo,LEO Eng-Deu"

[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Yahoo! Powered"

[-] Firefox Einstellungen bereinigt: "extensions.cliqz_hpn.userPKTest" -  "MIIEoQIBAAKCAQB73LMteefqj4Ff5t+CTmoaYRVu7LrrQoeQQgeGkrnQouH4pOimJTlp5gI4q769Uce6Oz9isshSu0+DOrztNa7jZhR8K7YFR4Nq81VPeBJlB+zIyKcKnnvT87p5nuopehPi9/d29rYNQpRDt0DgnSYbg1vwGJCYZurnJ3bADSlzahdl/X1j6xmap+X8vAXpoz3Z2Og/Z23vjNbixPKuN0SI0xlHneQhlSM1Tasn9fhBVEr6/xDFwstwLsKamEFg4+2Fyq6UtNbK+vrI8vglEAYq2edRFZg/z5CwdGTziP9gniPAhOuJNBsnhqKAYjDZtYLfWfQJGo8j7JO6FFLVssePAgMBAAECggEAAl482sC662QlABVk7pPbOXfjtgQ2qqrR9rMce7kwbkm+8kcM36hUia7JGhZGhk4a+HeLhbKPW+2S3ppv5EUje9uGxrz7NOyiGZhfaC6Og3n8T/ZuIyjWiz3csdiU94gK+0rsY0ziPCyqswS86851XQ9M4bFGinNlSFgb0B4wTbGRtTc+xOSmeuYLySD65mYAanPAVhJnhRW+5FcqlonFKqFJ9yfJIIxq5K7JhsveDCmNg63S0YXed0ARvRtDLx/pkw5XeRr6/5bZLoMPXFVAF59u2cybHpFCcvbvoChsEg8D+F6IRMnPuRMSCKNejB030VOPVQQm4TBLJtpwRN/gmQKBgQDKqZPQtNkhvIJ6o+xmS7vfz1hzOOiLfB71ys0oUFrOXauDSw4+GVM8BKvx2xPdcPvWKkqYJ/bu+7AQC1/D6Mbh7Slsr3ZscG/tEP/fz7jMOVgGoUOdlnbxzs0PJcWYKwlShU/VecQExSTNKK1k9iJlSBzBU0EZA98EyAsv0WMeawKBgQCcde+AHbhng1M/yxFnw1ADB8/Fw4j6qez27+lMkn/4O2gGrLoWVZRamrvVK+isr1Q7W1y4fpnOve/jJjSMgk8potzOxx4dAhvAaneDhAC3alnwx6GTCoUoIbprcP84Hq5ZoasL+87IXH/YQzFjLwNLp01oh8fpfZdl2WXeTgl8bQKBgHZ+xnW+eEKYhTYOCJgbagNHqfDc8mM0NKoEZQZQTXfiHvmKdg5rIlayaJLmRGwytp0XZzwmCeTb9qq668iRn0/UKmdpBHYNG/Rh/youu191m/lsayuGIY/rGczkie8aIr5EQlSQeMNNPeJTCWdB3wSXMHD9K8/jio+yI5BW/nx3AoGAd0BQdkawyXzH0+ST9JFiB51JmINLgTpI2YHMQMecb/ffds7p2qIJu/EZ3wVjh1LvEXq2NgyQcIpGL8xr2vhrG+H9CEGtyxBTVJoRU5Ul8qZFvQZ7ORaYnRjv/HoYnI6N9tUJCM45Mm+GJbA5EU7A5UWz80sibO2DmmZThVfXVRUCgYAbVAOnkh3Plhw3DyZsLuGLQ67mL0meBh6l99cPcEPsRLridNS/ajm6/F17AMemjCIAQufsI2aMNAK7aFl9ohz4K82LWgEHmi24HJ6ENk2l+oMW0BZGROhTxBXm7V9zJdmHldQ2ZtswSVOHYUIBlymyDUvEo9rYMxg6f1cgsyoOFA=="

[-] [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] GelÃ¶scht: hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM024XHN-M101MBB_S30YJ9EG212330

[-] [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] GelÃ¶scht: hxxp://yoursearching.com/wefavicon.ico
 
 

*************************
 

:: "Tracing" SchlÃ¼ssel gelÃ¶scht

:: Winsock Einstellungen zurÃ¼ckgesetzt

:: Proxy Einstellungen zurÃ¼ckgesetzt

:: Internet Explorer Richtlinien gelÃ¶scht

:: Chrome Richtlinien gelÃ¶scht
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [16720 Bytes] - [16/02/2017 20:30:33]

C:\AdwCleaner\AdwCleaner[S0].txt - [15159 Bytes] - [15/02/2017 20:56:26]

C:\AdwCleaner\AdwCleaner[S1].txt - [15232 Bytes] - [15/02/2017 21:08:06]

C:\AdwCleaner\AdwCleaner[S2].txt - [15089 Bytes] - [16/02/2017 20:08:50]

C:\AdwCleaner\AdwCleaner[S3].txt - [15108 Bytes] - [16/02/2017 20:22:45]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [17090 Bytes] ##########

Und JRT-Log:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.0 (12.05.2016)

Operating System: Windows 8.1 x64 

Ran by Phil (Administrator) on 16.02.2017 at 20:50:00,04

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 0 
 
 

Deleted the following from C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js

user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
 
 
 

Registry: 0 
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16.02.2017 at 20:53:36,73

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.