Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: web.de Spam Email an alle Kontakte

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.09.2015, 19:53   #1
ryuhoshi
 
web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Hallo zusammen,

ich habe zunächst seit paar Monaten gemerkt dass mein Postfach deutlich mehr spam als sonst bekommt und kürzlich mir mehrere Freunde angeschrieben haben dass sie eine spam Email von mir erhalten haben mit folgenden Inhalt

Hey friend!

Check this out hxxp://csmais.net/spot.php?6


Diese Email ging an alle meine Kontakte in web.de welche ich mal angeschrieben habe. Das Passwort bei web.de habe ich nun zur Sicherheit geändert. Habe ich ein Virus bzw. was denkt ihr was ich machen sollte?

Gruss
ryu

Alt 20.09.2015, 20:59   #2
schrauber
/// the machine
/// TB-Ausbilder
 

web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.09.2015, 22:26   #3
ryuhoshi
 
web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



FRST


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Wowa (Administrator) auf WOWA-PC (22-09-2015 23:19:10)
Gestartet von C:\Users\Wowa\Downloads
Geladene Profile: Wowa (Verfügbare Profile: Wowa & Natascha)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Ascora GmbH) C:\Program Files (x86)\CheckDrive\CheckDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\system\HsMgr64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(Spotify Ltd) C:\Users\Wowa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
() C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptrstub.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe [1470464 2012-02-07] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-31] (Raptr, Inc)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2000-01-01] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Run: [Spotify Web Helper] => C:\Users\Wowa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2022968 2015-05-23] (Spotify Ltd)
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1015104 2015-03-24] (Samsung)
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [2410760 2014-08-25] ()
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
IFEO\divxcontrolpanellauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\divxconverterlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Startup: C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-07-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{04C95033-AD3E-494D-AAC9-023921E1A61A}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1C209E39-988B-44DD-BB66-03CEE17C74EC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BFD522E2-509F-47E3-AF03-D6D292682918}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {15763330-6A51-43D2-9FF9-9F081B984AC4} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {15763330-6A51-43D2-9FF9-9F081B984AC4} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> DefaultScope {FB892E84-7B07-4660-9166-C115F43E4BA4} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> {15763330-6A51-43D2-9FF9-9F081B984AC4} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> {964659C7-401C-4B7A-9957-2075BB2CC448} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> {A5287561-7B31-4F54-AB7D-600CE160159A} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> {B223570E-9D7B-4D84-8C34-B82357A592D0} URL = hxxp://www.amazon.de/gp/search?search-alias=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001 -> {FB892E84-7B07-4660-9166-C115F43E4BA4} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-19] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Wowa\AppData\Roaming\Mozilla\Firefox\Profiles\5jfral8j.default
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/-bfr-sw__alt__ddc_dsssyc_bd_com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-04-08] (Citrix Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-08-05] (DivX, LLC)
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [2014-05-14] (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: TorchVLC -> C:\Users\Wowa\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin HKU\S-1-5-21-2357912988-3587229749-1939242390-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Wowa\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-2357912988-3587229749-1939242390-1001: ubisoft.com/uplaypc -> D:\PC\uplay\Ubisoft Game Launcher\npuplaypc.dll [2014-11-21] ()
FF user.js: detected! => C:\Users\Wowa\AppData\Roaming\Mozilla\Firefox\Profiles\5jfral8j.default\user.js [2015-08-03]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Session Manager - C:\Users\Wowa\AppData\Roaming\Mozilla\Firefox\Profiles\5jfral8j.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-07-13]
FF Extension: Adblock Plus - C:\Users\Wowa\AppData\Roaming\Mozilla\Firefox\Profiles\5jfral8j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-01]

Chrome: 
=======
CHR Profile: C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-14]
CHR Extension: (Google Drive) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-14]
CHR Extension: (YouTube) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-13]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-14]
CHR Extension: (Google Mail) - C:\Users\Wowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-14]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S4 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-01] (Kaspersky Lab ZAO)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 TorchCrashHandler; C:\Users\Wowa\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2015-07-16] (TorchMedia Inc.) <==== ACHTUNG
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2000-01-01] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-11-28] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 23:18 - 2015-09-22 23:16 - 00064192 _____ C:\Users\Wowa\Desktop\FRST.txt
2015-09-22 23:04 - 2015-09-22 23:19 - 00030181 _____ C:\Users\Wowa\Downloads\FRST.txt
2015-09-22 23:03 - 2015-09-22 23:19 - 00000000 ____D C:\FRST
2015-09-22 23:02 - 2015-09-22 23:03 - 02191360 _____ (Farbar) C:\Users\Wowa\Downloads\FRST64.exe
2015-09-14 20:55 - 2015-09-14 20:55 - 00000000 ____D C:\Users\Wowa\AppData\Local\TempTaskUpdateDetectionFF51B2AF-DF05-4D0C-B617-EDC68DAFB75C
2015-09-13 11:13 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-13 11:13 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-13 11:13 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-13 11:13 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-13 11:13 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-13 11:13 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-13 11:13 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-13 11:13 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-13 11:13 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-13 11:03 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-13 11:03 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-13 11:03 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-13 11:03 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-13 11:03 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-13 11:03 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-13 11:03 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-13 11:03 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-13 11:02 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-13 11:02 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-13 11:01 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-13 11:01 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-13 11:01 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-13 11:01 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-13 11:01 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-13 11:01 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-13 11:01 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-13 11:01 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-13 11:01 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-13 11:01 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-13 11:01 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-13 11:01 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-13 11:01 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-13 11:01 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-13 11:01 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-13 11:01 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-13 11:01 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-13 11:01 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-13 11:01 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-13 11:01 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-13 11:01 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-13 11:01 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-13 11:01 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-13 11:01 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-13 11:01 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-13 11:01 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-13 11:01 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-13 11:01 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-13 11:01 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-13 11:01 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-13 11:01 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-13 11:01 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-13 11:01 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-13 11:01 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-13 11:01 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-13 11:00 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-13 11:00 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-13 11:00 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-13 11:00 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-13 11:00 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-13 11:00 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-13 11:00 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-13 11:00 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-13 10:59 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-13 10:59 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-13 10:59 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-13 10:59 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-13 10:59 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-13 10:59 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-13 10:59 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-13 10:59 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-13 10:54 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-13 10:54 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-13 10:54 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-13 10:54 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-13 10:54 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-13 10:54 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-13 10:54 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-13 10:54 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-13 10:54 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-13 10:54 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-13 10:54 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-13 10:54 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-13 10:54 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-13 10:54 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-13 10:54 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-13 10:54 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-13 10:54 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-13 10:54 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-13 10:54 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-13 10:54 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-13 10:54 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 23:19 - 2015-09-22 23:19 - 00000911 _____ C:\Windows\Tasks\EPSON XP-520 Series Update {F02D13BE-EA95-4BD3-A49A-2DB91DD898A8}.job
2015-09-08 23:19 - 2015-09-08 23:19 - 00003978 _____ C:\Windows\System32\Tasks\EPSON XP-520 Series Update {F02D13BE-EA95-4BD3-A49A-2DB91DD898A8}
2015-09-08 22:32 - 2015-09-08 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-09-08 22:32 - 2015-09-08 22:32 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-09-08 22:31 - 2015-09-13 14:21 - 00000000 ____D C:\ProgramData\EPSON
2015-09-08 22:31 - 2013-12-06 04:05 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBNPE.DLL
2015-09-08 22:31 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BNPE.DLL
2015-09-08 22:31 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-09-08 22:28 - 2015-09-08 22:43 - 29167616 _____ C:\Users\Wowa\Downloads\epson378884eu.exe
2015-09-08 21:59 - 2015-09-08 22:00 - 00018159 _____ C:\Windows\AVMInstall.Log
2015-09-08 21:59 - 2015-09-08 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-09-08 21:59 - 2015-09-08 22:00 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2015-09-08 21:59 - 2015-09-08 21:59 - 00022828 _____ C:\Windows\avmfwlanci.log
2015-09-08 21:58 - 2015-09-08 22:00 - 00025153 _____ C:\Windows\avmacc.log
2015-09-08 21:58 - 2015-09-08 22:00 - 00010503 _____ C:\Windows\avmsetup.log
2015-09-08 21:58 - 2015-09-08 22:00 - 00002655 _____ C:\Windows\avmadd32.log
2015-09-08 21:58 - 2015-09-08 21:58 - 00000000 ____D C:\Program Files (x86)\AVM_update
2015-09-08 21:50 - 2015-09-08 21:50 - 00000000 ____D C:\Users\Wowa\AVM_Driver
2015-09-07 15:14 - 2015-09-07 15:14 - 00000000 ____D C:\Users\Natascha\AppData\Local\TempTaskUpdateDetection7C05DCE7-46C0-4EFF-9F40-705D87036B84
2015-09-06 13:42 - 2015-09-06 13:42 - 00000000 ____D C:\Users\Natascha\AppData\Local\TempTaskUpdateDetectionE6C65715-79E0-43FB-9E42-6677C5D0B64A
2015-09-06 13:33 - 2015-09-06 13:33 - 00000000 ____D C:\Users\Natascha\AppData\Local\TempTaskUpdateDetectionDFB4F002-0C18-4D97-84D0-8C47C76C3997
2015-09-04 21:13 - 2015-09-04 21:13 - 00000000 ____D C:\Users\Natascha\AppData\Local\TempTaskUpdateDetection50C65FC8-79C1-492F-B84A-2E6DED27DB46
2015-09-04 21:03 - 2015-09-04 21:03 - 00000000 ____D C:\Users\Natascha\AppData\Roaming\de.devolo.dLAN.Cockpit
2015-09-02 16:54 - 2015-09-02 16:54 - 00002450 _____ C:\Users\Natascha\Desktop\Sicherer Zahlungsverkehr.lnk
2015-09-01 23:37 - 2015-09-01 23:37 - 00002450 _____ C:\Users\Wowa\Desktop\Sicherer Zahlungsverkehr.lnk
2015-09-01 23:21 - 2015-09-01 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-09-01 23:21 - 2015-09-01 23:18 - 00002140 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-09-01 23:09 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-09-01 23:09 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-09-01 23:09 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-09-01 23:04 - 2015-09-01 23:07 - 173986008 _____ (Kaspersky Lab) C:\Users\Wowa\Downloads\kis16.0.0.614de-de.exe
2015-08-25 00:04 - 2015-08-25 00:04 - 00000000 ____D C:\Users\Wowa\Downloads\Soul of Forgery
2015-08-24 22:52 - 2015-08-24 23:08 - 500576000 _____ C:\Users\Wowa\Downloads\Soul of Forgery.part2.rar
2015-08-24 22:52 - 2015-08-24 22:58 - 129185195 _____ C:\Users\Wowa\Downloads\Soul of Forgery.part3.rar
2015-08-24 22:51 - 2015-08-24 23:08 - 500576000 _____ C:\Users\Wowa\Downloads\Soul of Forgery.part1.rar
2015-08-24 22:31 - 2015-08-24 22:31 - 00002944 _____ C:\Windows\System32\Tasks\{2B6AE9B4-4353-480B-A2D4-3BB654CC0FE4}
2015-08-24 22:29 - 2015-08-24 22:29 - 00002944 _____ C:\Windows\System32\Tasks\{11AAB80E-8638-41AD-B7D4-C25D500F5431}
2015-08-24 22:22 - 2015-08-24 22:22 - 00000103 _____ C:\Users\Wowa\Downloads\Password_SOF.txt
2015-08-23 21:48 - 2015-08-23 21:48 - 01341108 _____ C:\Users\Wowa\Downloads\duravit_mydownloads_20150823_214756.zip
2015-08-23 14:01 - 2015-08-23 14:01 - 01460227 _____ C:\Users\Wowa\Downloads\duravit_mydownloads_20150823_135533.zip
2015-08-23 12:40 - 2015-08-23 12:40 - 00000000 ____D C:\Users\Wowa\AppData\Roaming\innoplus
2015-08-23 12:39 - 2015-08-23 12:39 - 00000000 ____D C:\Program Files (x86)\innoplus

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 23:15 - 2014-07-13 13:08 - 01728338 _____ C:\Windows\WindowsUpdate.log
2015-09-22 23:14 - 2014-07-20 23:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-22 23:12 - 2014-07-13 18:35 - 00000000 ____D C:\Users\Wowa\AppData\Roaming\Raptr
2015-09-22 23:11 - 2014-09-21 00:45 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-22 23:11 - 2014-07-14 23:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 23:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-22 23:11 - 2009-07-14 06:51 - 00124166 _____ C:\Windows\setupact.log
2015-09-22 23:10 - 2009-07-14 06:45 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-22 23:10 - 2009-07-14 06:45 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-22 23:09 - 2012-06-04 00:25 - 00000000 ____D C:\Users\Wowa\Documents\Outlook-Dateien
2015-09-22 22:59 - 2014-07-13 18:41 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0126F9F1-8F1A-45AC-8E1B-B2A4F6ECE425}
2015-09-20 20:49 - 2014-07-14 23:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-20 20:46 - 2014-07-13 19:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-20 20:34 - 2015-02-23 16:15 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2357912988-3587229749-1939242390-1001.job
2015-09-20 20:08 - 2015-06-19 20:55 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2357912988-3587229749-1939242390-1001.job
2015-09-13 15:26 - 2009-07-14 19:58 - 00717310 _____ C:\Windows\system32\perfh007.dat
2015-09-13 15:26 - 2009-07-14 19:58 - 00154870 _____ C:\Windows\system32\perfc007.dat
2015-09-13 15:26 - 2009-07-14 07:13 - 01656100 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-13 15:14 - 2009-07-14 06:45 - 00444240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 15:13 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 12:23 - 2014-07-13 13:48 - 00000000 ____D C:\Windows\system32\MRT
2015-09-13 12:13 - 2014-07-13 16:56 - 01629444 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-13 11:37 - 2014-07-14 22:35 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{581BF969-458E-4B21-9CDD-1FDB739A7AFA}
2015-09-13 11:23 - 2014-07-14 23:10 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-13 10:43 - 2014-12-23 10:30 - 00000000 ___RD C:\Users\Natascha\iCloudDrive
2015-09-08 22:44 - 2014-07-13 19:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 22:44 - 2014-07-13 15:55 - 00234662 _____ C:\Windows\PFRO.log
2015-09-08 22:36 - 2015-01-26 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-08 21:50 - 2014-07-13 13:13 - 00000000 ____D C:\Users\Wowa
2015-09-04 21:01 - 2014-07-14 22:25 - 00000000 ____D C:\Windows\Minidump
2015-09-02 18:05 - 2012-09-24 21:25 - 00000000 ____D C:\Users\Natascha\Documents\Outlook-Dateien
2015-09-02 00:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-02 00:03 - 2014-12-16 23:05 - 00007601 _____ C:\Users\Wowa\AppData\Local\Resmon.ResmonCfg
2015-09-01 23:21 - 2014-09-20 23:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-30 19:44 - 2014-07-14 23:09 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 19:44 - 2014-07-14 23:09 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-30 15:43 - 2014-07-13 15:02 - 00000000 ____D C:\Program Files (x86)\DivX
2015-08-30 15:43 - 2014-07-13 15:01 - 00000000 ____D C:\ProgramData\DivX
2015-08-30 15:42 - 2014-10-19 21:23 - 00001611 _____ C:\Users\Wowa\Desktop\DivX Movies.lnk
2015-08-28 21:45 - 2015-02-08 15:48 - 00000000 ____D C:\Users\Wowa\Desktop\Hausbau
2015-08-26 18:37 - 2014-07-13 13:48 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-23 16:05 - 2015-06-08 09:00 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-08-23 16:05 - 2014-07-13 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-08-23 12:20 - 2015-06-19 20:55 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2357912988-3587229749-1939242390-1001
2015-08-23 12:20 - 2015-02-23 16:15 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2357912988-3587229749-1939242390-1001
2015-08-23 11:35 - 2015-05-11 20:16 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-16 00:40 - 2015-08-16 00:40 - 0008550 _____ () C:\Users\Wowa\AppData\Local\recently-used.xbel
2014-12-16 23:05 - 2015-09-02 00:03 - 0007601 _____ () C:\Users\Wowa\AppData\Local\Resmon.ResmonCfg
2015-01-07 00:42 - 2015-01-07 00:42 - 0000000 _____ () C:\Users\Wowa\AppData\Local\{84BBD742-A5A8-4B02-A14F-E0251EE13910}
2014-07-13 17:20 - 2014-07-13 17:20 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Natascha\AppData\Local\Temp\DivXSetup.exe
C:\Users\Natascha\AppData\Local\Temp\ubi8BFA.tmp.exe
C:\Users\Wowa\AppData\Local\Temp\DivXSetup.exe
C:\Users\Wowa\AppData\Local\Temp\tmp510C.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-13 13:39

==================== Ende von FRST.txt ============================
         
--- --- ---

[/CODE]


Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Wowa (2015-09-22 23:20:01)
Gestartet von C:\Users\Wowa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-07-13 11:13:54)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2357912988-3587229749-1939242390-500 - Administrator - Disabled)
Gast (S-1-5-21-2357912988-3587229749-1939242390-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2357912988-3587229749-1939242390-1002 - Limited - Enabled)
Natascha (S-1-5-21-2357912988-3587229749-1939242390-1003 - Limited - Enabled) => C:\Users\Natascha
Wowa (S-1-5-21-2357912988-3587229749-1939242390-1001 - Administrator - Enabled) => C:\Users\Wowa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3D-Viewer-innoplus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 14.00.302 - INNOVA-engineering GmbH)
3DXChat (HKLM-x32\...\3DXChat_is1) (Version:  - SexGameDevil)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audials (HKLM-x32\...\{356DC986-755B-471C-83C7-49BD0CB1614F}) (Version: 11.0.55900.0 - Audials AG)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.02 - Abelssoft)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.100.14 - Citrix Systems, Inc.)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version:  - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free Video to iPod Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to iPod Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.66.000 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GoToMeeting 7.2.4.3277 (HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\GoToMeeting) (Version: 7.2.4.3277 - CitrixOnline)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KUDOS RS Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version:  - )
Lernkartei Mathe Grundschule (HKLM-x32\...\Lernkartei Mathe Grundschule) (Version:  - )
Lern-Karteikasten Englisch Grundschule (HKLM-x32\...\Lern-Karteikasten Englisch Grundschule) (Version:  - )
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.25 - PasswdFinder)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mathe Klasse 1 - 4 (HKLM-x32\...\Mathe Klasse 1 - 4) (Version:  - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\MyFreeCodec) (Version:  - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.2.100.14 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Remo Convert OST to PST (HKLM\...\{17520B79-9D56-4107-891F-5207F2B5B4D8}_is1) (Version: 1.0.0.1 - Remo Software)
Remo Recover 4.0 (HKLM\...\{A573D759-F894-448D-A420-3A9C31879F88}_is1) (Version: 4.0.0.34 - Remo Software)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Self-Service Plug-in (x32 Version: 4.2.100.5943 - Citrix Systems, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15064.11 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15064.11 - Samsung Electronics Co., Ltd.) Hidden
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Spotify (HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
TAXMAN 2014 (HKLM-x32\...\{4A1C559D-38F6-49CF-BDA5-CF354FFE04E4}) (Version: 20.06.00.0001 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Torch (HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\Torch) (Version: 42.0.0.9895 - Torch Media, Inc) <==== ACHTUNG
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
WGW Deutsch 3 (HKLM-x32\...\{6B56E0F8-762D-46F8-846D-D9609116997E}) (Version: 1.00.0000 - TOPOS)
WGW Deutsch 4 (HKLM-x32\...\{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}) (Version: 1.00.0000 - TOPOS)
WGW Heimat- und Sachkunde 3 und 4 (HKLM-x32\...\{8E17C794-618A-4258-B817-5C81821B0CCA}) (Version: 1.00.0000 - TOPOS)
Windows Home Server-CD zum Wiederherstellen von Heimcomputern (Dual-Boot-Version) (HKLM-x32\...\{E98E2A33-05D1-476B-B81B-40F4BD957056}) (Version: 1 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Wowa\AppData\Local\Citrix\GoToMeeting\1669\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Wiederherstellungspunkte =========================

26-08-2015 15:38:40 Windows Update
30-08-2015 13:51:02 Windows Update
09-09-2015 21:11:49 Windows Update
13-09-2015 10:40:00 Windows Update
13-09-2015 12:05:06 Windows Update
20-09-2015 18:12:53 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {112BE903-7E0A-4008-A4B2-B82FB5A636C7} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [2013-10-08] (Haufe-Lexware GmbH & Co. KG)
Task: {3BA7DF17-9B65-4456-ADDF-20F4E04D5C04} - System32\Tasks\G2MUploadTask-S-1-5-21-2357912988-3587229749-1939242390-1001 => C:\Users\Wowa\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe [2015-08-23] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {400708FC-7EFB-499C-9C5D-F6C871EF7E7C} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2015-06-27] (DivX, LLC)
Task: {40AECC00-6DE5-4D4F-A075-36CF68DBBE7D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {42CDA1FC-BE3C-4389-A893-C917A65D93D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {58864331-4525-4E78-87A9-513257FEC2DF} - System32\Tasks\{8B5E87D4-A94C-4AE9-A3B3-0882809C12B9} => pcalua.exe -a "C:\Users\Wowa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1IN94AF\Audials_One-Setup-11.exe" -d C:\Users\Wowa\Desktop
Task: {695DCFB1-3B74-4035-AAD9-09B10607132F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {6D053458-01B4-4523-B119-28458BA217FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8D823A9E-579C-4B32-A27F-7123C1768305} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {8E6CBE33-1FED-47BF-AF80-DAF1B7190CA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {9E83CCB0-8051-40A3-9B59-8B37652F157B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2015-06-25] (TuneUp Software)
Task: {A35CBB36-FEEF-4EAF-B407-B68A79A638DB} - System32\Tasks\{2B6AE9B4-4353-480B-A2D4-3BB654CC0FE4} => D:\PC\Hentai\Soul Of Forgery\Game\SOF.exe
Task: {B0C6CD26-B1D2-4885-8A58-DE74605F0F10} - System32\Tasks\{11AAB80E-8638-41AD-B7D4-C25D500F5431} => D:\PC\Hentai\Soul Of Forgery\Game\SOF.exe
Task: {BD42957A-0EBC-4734-886B-0889F0CD5D5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C128C6B9-D8BE-4263-8F76-986377A7389A} - System32\Tasks\EPSON XP-520 Series Update {F02D13BE-EA95-4BD3-A49A-2DB91DD898A8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {CF951C94-F308-4592-88C5-7E09DAC76471} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => C:\Program Files (x86)\CheckDrive\CheckDrive.exe [2015-04-27] (Ascora GmbH)
Task: {D5E428AE-A993-4F32-8396-FE34A576C4A3} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {DDDA1E4F-B482-4F90-A24A-DAC420731D2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {DFF8F220-E1BB-46ED-855A-D1293111B9AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {E11C582C-C045-4C88-AC55-07FBECED39DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F927C89F-0204-4843-A94C-29E8446A44B6} - System32\Tasks\G2MUpdateTask-S-1-5-21-2357912988-3587229749-1939242390-1001 => C:\Users\Wowa\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe [2015-08-23] (Citrix Online, a division of Citrix Systems, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-520 Series Update {F02D13BE-EA95-4BD3-A49A-2DB91DD898A8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{F02D13BE-EA95-4BD3-A49A-2DB91DD898A8} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2357912988-3587229749-1939242390-1001.job => C:\Users\Wowa\AppData\Local\Citrix\GoToMeeting\3277\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2357912988-3587229749-1939242390-1001.job => C:\Users\Wowa\AppData\Local\Citrix\GoToMeeting\3277\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-11 20:16 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-11 21:08 - 2015-04-27 10:30 - 00059656 _____ () C:\Program Files (x86)\CheckDrive\AbSettings.dll
2015-04-11 21:08 - 2015-04-27 10:30 - 01432328 _____ () C:\Program Files (x86)\CheckDrive\AbGui.dll
2015-04-11 21:08 - 2015-04-27 10:30 - 00047880 _____ () C:\Program Files (x86)\CheckDrive\AbApi.dll
2015-03-14 20:52 - 2015-04-27 10:30 - 00021256 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2015-03-14 20:52 - 2015-04-27 10:30 - 00014088 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2015-03-14 20:52 - 2015-04-27 10:30 - 00032520 _____ () C:\Program Files (x86)\CheckDrive\Controller.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-07-02 23:54 - 2014-07-02 23:54 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-02 23:59 - 2014-07-02 23:59 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-02 23:54 - 2014-07-02 23:54 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-02 23:59 - 2014-07-02 23:59 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-07-13 19:30 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-07-13 19:30 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-08-25 18:18 - 2014-08-25 18:18 - 02410760 _____ () C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
2012-02-07 01:58 - 2012-02-07 01:58 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
2014-10-13 03:49 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00046080 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_thread-vc90-mt-1_39.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00045056 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_date_time-vc90-mt-1_39.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00545032 _____ () C:\Program Files (x86)\Audials\Audials 11\StreamingClient.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00012800 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_system-vc90-mt-1_39.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00068360 _____ () C:\Program Files (x86)\Audials\Audials 11\CrashRpt.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00409352 _____ () C:\Program Files (x86)\Audials\Audials 11\SQLite3.dll
2014-08-25 18:18 - 2014-08-25 18:18 - 00614912 _____ () C:\Program Files (x86)\Audials\Audials 11\boost_regex-vc90-mt-1_39.dll
2015-09-13 13:14 - 2015-09-13 13:14 - 00286208 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Utils\94444facd6882b42558a0dd32e402ce6\Utils.ni.dll
2015-08-05 22:16 - 2015-08-05 22:16 - 00585728 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\ff418476cb4bf9dd03661e8df8527bb0\ManagedInterfaces.ni.dll
2015-09-13 13:14 - 2015-09-13 13:14 - 02957312 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\AudialsComponents\24b2b60a35e2983577b3d6c3b49c3dbc\AudialsComponents.ni.dll
2015-08-05 22:16 - 2015-08-05 22:16 - 00174592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\fastJSON\83ba8d8f0aa3d057836c56d6164a6578\fastJSON.ni.dll
2014-07-13 19:30 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00017920 _____ () C:\Program Files (x86)\Raptr\win32event.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-10-13 03:49 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-10-13 03:49 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2014-10-13 03:49 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-10-13 03:49 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-10-13 03:49 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-10-13 03:49 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-10-13 03:49 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:429D8433
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9
AlternateDataStreams: C:\Users\Natascha\Downloads\ConvertHelperSetup.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\Firefox Setup 9.0.1.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\FreeVideoToMP3Converter.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\JVDownloader.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\lgs830_x64.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\mb_driver_chipset_intel.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\motherboard_driver_usb3.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\SpywareTerminatorSetup_3.0.0.69.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Downloads\unetbootin-windows-568.exe:BDU
AlternateDataStreams: C:\Users\Natascha\Documents\Modelldarsrellung WBR Natascha.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Modelldarsrellung WBR Natascha.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Modelldarstellung WBR Wowa.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Modelldarstellung WBR Wowa.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa für VB Natascha.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa für VB Natascha.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa für VB Wowa.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa für VB Wowa.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Natascha - Kopie.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Natascha - Kopie.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Natascha.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Natascha.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Wowa - Kopie.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Wowa - Kopie.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Wowa.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Schufa Wowa.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft - Kopie.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft - Kopie.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 1 - Kopie.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 1 - Kopie.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 1.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 2 - Kopie.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 2 - Kopie.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 2.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft 2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Natascha\Documents\Selbsauskunft.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Brief Ombudsmann.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Brief Ombudsmann.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Directline 1.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Directline 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Directline 2.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Directline 2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-1.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-2.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-3.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-3.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-4.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-4.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-5.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-5.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-6.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-6.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-7.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-7.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-8.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Wowa\Documents\Rente-8.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\fossil.com -> hxxps://mobile.fossil.com
IE trusted site: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\google.com -> google.com
IE trusted site: HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\...\google.de -> local.google.de


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2357912988-3587229749-1939242390-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wowa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AVP16.0.0 => 2
MSCONFIG\startupreg: EPLTarget => 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D0B36479-3E9F-490B-96E3-10FA70FF026B}] => (Allow) C:\Users\Wowa\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{6E492DBA-CC53-4823-B5F0-EC054713E386}] => (Allow) C:\Program Files\Soluto\SolutoRemoteDirect.exe
FirewallRules: [{F3A3E60E-24EE-425D-AF75-95C7A7CEF699}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{FAE4857F-CD92-4CA3-B2D2-29D4C92AD1E3}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{95704AA8-C352-4D40-A339-9B2E75D9BC11}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{FFD36510-C633-47B8-AC72-5F9EFB3D73CA}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{66D53DA2-0BEA-4211-B1A9-DB00639B7A12}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{D206B900-0B8A-4E8A-9F17-7C9BDCE82980}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D687335A-056E-4B59-8CFE-BC20DF2B6AE8}] => (Allow) D:\PC\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{16B34619-5A7D-486E-B341-8A6D77BBC091}] => (Allow) D:\PC\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{C6FE0260-4394-489E-9CCA-B9E9C7902EA7}] => (Allow) D:\PC\StarCraft II\StarCraft II.exe
FirewallRules: [{FADE2B2F-0205-42FB-9377-D11BF505C98A}] => (Allow) D:\PC\StarCraft II\StarCraft II.exe
FirewallRules: [{B0632929-565F-4221-8D82-A610D8F0E442}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{1A3F5D44-0267-4153-803C-61C589B0C4C8}] => (Allow) LPort=12972
FirewallRules: [{3C6A1756-ADFD-403E-A567-76E36AE67227}] => (Allow) LPort=14714
FirewallRules: [{95D4F34F-2B0B-47E0-A6D3-EA49D7753448}] => (Allow) LPort=31931
FirewallRules: [{90981134-35C6-40CE-83D2-89B9BA9DF249}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{37B09749-CB19-42BA-8A86-B2DB079C7FC8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{369C7E7B-04C0-4CBC-958F-064B3D8D44D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A911FDB-3BE9-4154-A9CD-18EB46330BFE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D23D516-2DBF-4A43-850E-3F05521101BD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{36A6D1CA-1C2B-486C-93DB-2EA672695BFE}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E845CF5-C040-4F0F-954C-8EC47FC8342C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EBFC46AF-96B3-4B32-A8CF-474A45CAF2B8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7BC913D0-8B70-46E9-B7F2-4A7BD9618F0B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8336747C-E1A6-4BE5-B749-F12B3596D5CE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{DBC1E622-549A-445C-BA3D-33131C1642D6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{73A94AB5-A439-44B4-B71E-DBF1A78D7D95}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D32B80F2-C549-4D7C-A696-904381A4F52C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{58642E22-41E1-49FF-85A2-C9DB1D722690}C:\users\wowa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\wowa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{52CB2C7D-2FFF-4E45-8804-C180E2C7EF19}C:\users\wowa\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\wowa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{80B9F0FD-6AD1-402B-A583-3FBC156263B2}C:\users\wowa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wowa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C0D958E6-7732-4AED-95CD-AC23CFB279E2}C:\users\wowa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wowa\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C02AE824-0A68-4404-B0A2-4A76475F8A8B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F28FBD1F-39A8-487F-906D-507EACA64000}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{06220E76-17CF-4E97-93B2-4EB986B8382D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C7C1C9F7-239D-49B2-A78E-47F92C7589ED}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{11E45B00-8ADD-437B-B8C6-C247D86C3258}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{28F26F90-2A1C-4EA2-BF30-C71DAD1182C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0617221-18AA-4140-A598-0DDDA37ACA79}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A2C7380-86C5-48C9-90ED-7C8F0978C963}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C8FEF3C0-1AC0-4C96-9D03-C415D8CB33D1}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{084D2DB6-AB26-4ABB-B143-86BA1AF0E48A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{F4FA7945-EFCB-4473-810C-C43C23B14B5A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BE3898B8-3490-4F20-8E5A-FC4F6E24A817}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/02/2015 05:54:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 15.0.4745.1000, Zeitstempel: 0x55a4b496
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x12f4
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (09/02/2015 05:54:21 PM) (Source: Outlook) (EventID: 1000) (User: )
Description: Fehler bei der Ausführung des Add-Ins. Outlook ist während des Rückrufs 'Read' der Schnittstelle 'ItemEvents_10' beim Aufrufen des Add-Ins 'Kaspersky Outlook Anti-Virus Addin' abgestürzt.

Error: (09/02/2015 05:09:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avp.exe, Version: 16.0.0.625, Zeitstempel: 0x55b134f0
Name des fehlerhaften Moduls: kas_product.dll, Version: 5.5.3.8, Zeitstempel: 0x555499e2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002d475
ID des fehlerhaften Prozesses: 0x17c4
Startzeit der fehlerhaften Anwendung: 0xavp.exe0
Pfad der fehlerhaften Anwendung: avp.exe1
Pfad des fehlerhaften Moduls: avp.exe2
Berichtskennung: avp.exe3

Error: (09/01/2015 10:18:54 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Alle in der Sicherung enthaltenen Laufwerke wurden ausgelassen. Vergewissern Sie sich, dass die Laufwerke angeschlossen und funktionsfähig sind. (0x810000FF)"

Error: (09/01/2015 01:45:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8782

Error: (09/01/2015 01:45:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8782

Error: (09/01/2015 01:45:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/01/2015 01:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7534

Error: (09/01/2015 01:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7534

Error: (09/01/2015 01:45:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (09/22/2015 11:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Soluto" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (09/22/2015 11:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Soluto" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (09/22/2015 11:12:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/22/2015 11:12:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Soluto

Error: (09/22/2015 11:12:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Soluto PCGenome Core Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/22/2015 11:12:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Soluto PCGenome Core Service erreicht.

Error: (09/22/2015 11:08:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/22/2015 11:08:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/22/2015 11:00:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Soluto" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (09/22/2015 11:00:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Soluto" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31


CodeIntegrity:
===================================
  Date: 2015-04-25 11:49:40.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\netbt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-10 17:07:17.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 17:07:17.060
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 16:33:32.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 16:33:32.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 16:33:32.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 16:33:32.309
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-10 16:33:32.070
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-08 12:34:15.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-08 12:34:15.648
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 4087.43 MB
Verfügbarer physikalischer RAM: 2142.63 MB
Summe virtueller Speicher: 8173.06 MB
Verfügbarer virtueller Speicher: 5951.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:647.89 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:244.14 GB) (Free:177.12 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (Daten) (Fixed) (Total:687.37 GB) (Free:51.44 GB) NTFS
Drive l: (Backup Platte) (Fixed) (Total:465.76 GB) (Free:236.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C9E1FAA2)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3C6F7084)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 340070C0)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Was mir auch nicht gefällt ist dass Kaspersky seit kurzem deaktiviert ist nicht, das ist verdächtig...
__________________

Alt 23.09.2015, 18:45   #4
schrauber
/// the machine
/// TB-Ausbilder
 

web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Torch


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.09.2015, 20:01   #5
ryuhoshi
 
web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Hallo Schrauber,

danke für deine Anleitung.

Warum musste Torch entfernt werden? Ist es an sich ein riskantes Programm oder hast du in meinem Fall etwas verdächtiges gesehen?

Ich habe Torch jedenfalls entfernt.

Hier die Posts der beiden Programme (Malwarebytes antimalware hatte nichts gefunden und Kasperksy fand meine Maussoftware verdächtig).

Malwarebytes Anti-Rootkit

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17207

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, L:\ DRIVE_FIXED
CPU speed: 2.798000 GHz
Memory total: 4285980672, free: 1980907520

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17207

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, L:\ DRIVE_FIXED
CPU speed: 2.798000 GHz
Memory total: 4285980672, free: 1802629120

Downloaded database version: v2015.09.27.04
Downloaded database version: v2015.09.22.01
Downloaded database version: v2015.09.16.01
=======================================
Initializing...
------------ Kernel report ------------
     09/27/2015 20:02:25
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\cm_km.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\jraid.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\klbackupdisk.sys
\SystemRoot\system32\DRIVERS\FLTMGR.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klbackupflt.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\klhk.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\RrNetCapFilterDriver.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\klwtp.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\??\C:\Windows\system32\drivers\rsdrvx64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\cmudaxp.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\tbhsd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\kldisk.sys
\SystemRoot\sysWOW64\drivers\npf_devolo.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mwac.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\drivers\AtihdW76.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\user32.dll
\Windows\System32\psapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\normaliz.dll
\Windows\System32\lpk.dll
\Windows\System32\ole32.dll
\Windows\System32\urlmon.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\imm32.dll
\Windows\System32\msctf.dll
\Windows\System32\clbcatq.dll
\Windows\System32\Wldap32.dll
\Windows\System32\iertutil.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.09.27.04
  rootkit: v2015.09.22.01

<<<2>>>
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800480d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800480db90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800480d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80044d1670, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004585060, DeviceName: \Device\Ide\IdeDeviceP1T1L0-5\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800480c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800480cb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800480c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004584520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80044df680, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C9E1FAA2

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 512000000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 512002048  Numsec = 1441517568
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Drive 1
This is a System drive
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3C6F7084

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800480e060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800480eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800480e060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040b27f0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80044e7060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 340070C0

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 976768002
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005254790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80036f5210, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005254790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005e65b60, DeviceName: \Device\0000007f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa80036f9790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005e30b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80036f9790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80036f5b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8005217060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005217b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005217060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800370a610, DeviceName: \Device\00000081\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 6, DevicePointer: 0xfffffa8007795060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007795b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007795060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003742320, DeviceName: \Device\00000082\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-62DE3A1790712D1A035F12A2F3EE079D9A28404B.bin.83" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-512002048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
         
Kaspersky folgt im nächsten post


Alt 28.09.2015, 16:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Weil es ne Adware Schleuder sein kann. Wenn es mit Absicht installiert war kannste es gerne wieder installieren.

Ich warte dann noch auf das andere Log
__________________
--> web.de Spam Email an alle Kontakte

Alt 28.09.2015, 21:48   #7
ryuhoshi
 
web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Stimmt es war zu gross für einen Beitrag und ich musste warten um zweiten Beitrag schreiben zu dürfen und habs dann vergessen. Habe neu laufen gelassen

Code:
ATTFilter
22:44:23.0886 0x1720  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
22:44:27.0926 0x1720  ============================================================
22:44:27.0926 0x1720  Current date / time: 2015/09/28 22:44:27.0926
22:44:27.0926 0x1720  SystemInfo:
22:44:27.0926 0x1720  
22:44:27.0926 0x1720  OS Version: 6.1.7601 ServicePack: 1.0
22:44:27.0926 0x1720  Product type: Workstation
22:44:27.0928 0x1720  ComputerName: WOWA-PC
22:44:27.0928 0x1720  UserName: Wowa
22:44:27.0928 0x1720  Windows directory: C:\Windows
22:44:27.0928 0x1720  System windows directory: C:\Windows
22:44:27.0928 0x1720  Running under WOW64
22:44:27.0928 0x1720  Processor architecture: Intel x64
22:44:27.0928 0x1720  Number of processors: 4
22:44:27.0928 0x1720  Page size: 0x1000
22:44:27.0928 0x1720  Boot type: Normal boot
22:44:27.0928 0x1720  ============================================================
22:44:30.0086 0x1720  KLMD registered as C:\Windows\system32\drivers\16964040.sys
22:44:30.0486 0x1720  System UUID: {06028A0B-30A8-83EB-6DD7-98DFFC783C44}
22:44:31.0225 0x1720  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:44:31.0231 0x1720  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:44:31.0241 0x1720  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:44:31.0269 0x1720  ============================================================
22:44:31.0269 0x1720  \Device\Harddisk0\DR0:
22:44:31.0270 0x1720  MBR partitions:
22:44:31.0270 0x1720  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E848000
22:44:31.0270 0x1720  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBD000
22:44:31.0270 0x1720  \Device\Harddisk1\DR1:
22:44:31.0270 0x1720  MBR partitions:
22:44:31.0270 0x1720  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:44:31.0270 0x1720  \Device\Harddisk2\DR2:
22:44:31.0270 0x1720  MBR partitions:
22:44:31.0270 0x1720  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:44:31.0270 0x1720  ============================================================
22:44:31.0306 0x1720  C: <-> \Device\Harddisk1\DR1\Partition1
22:44:31.0336 0x1720  E: <-> \Device\Harddisk0\DR0\Partition2
22:44:31.0356 0x1720  L: <-> \Device\Harddisk2\DR2\Partition1
22:44:31.0390 0x1720  D: <-> \Device\Harddisk0\DR0\Partition1
22:44:31.0390 0x1720  ============================================================
22:44:31.0390 0x1720  Initialize success
22:44:31.0390 0x1720  ============================================================
22:44:39.0594 0x0490  ============================================================
22:44:39.0594 0x0490  Scan started
22:44:39.0594 0x0490  Mode: Manual; SigCheck; TDLFS; 
22:44:39.0594 0x0490  ============================================================
22:44:39.0594 0x0490  KSN ping started
22:44:54.0469 0x0490  KSN ping finished: true
22:44:56.0032 0x0490  ================ Scan system memory ========================
22:44:56.0032 0x0490  System memory - ok
22:44:56.0033 0x0490  ================ Scan services =============================
22:44:56.0113 0x0490  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:44:56.0287 0x0490  1394ohci - ok
22:44:56.0354 0x0490  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
22:44:56.0369 0x0490  AAV UpdateService - ok
22:44:56.0407 0x0490  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:44:56.0427 0x0490  ACPI - ok
22:44:56.0437 0x0490  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:44:56.0769 0x0490  AcpiPmi - ok
22:44:56.0799 0x0490  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:44:56.0824 0x0490  AdobeARMservice - ok
22:44:56.0902 0x0490  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:44:56.0919 0x0490  AdobeFlashPlayerUpdateSvc - ok
22:44:56.0957 0x0490  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:44:56.0980 0x0490  adp94xx - ok
22:44:57.0004 0x0490  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:44:57.0024 0x0490  adpahci - ok
22:44:57.0043 0x0490  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:44:57.0060 0x0490  adpu320 - ok
22:44:57.0088 0x0490  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:44:57.0187 0x0490  AeLookupSvc - ok
22:44:57.0233 0x0490  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:44:57.0327 0x0490  AFD - ok
22:44:57.0347 0x0490  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:44:57.0363 0x0490  agp440 - ok
22:44:57.0395 0x0490  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:44:57.0493 0x0490  ALG - ok
22:44:57.0515 0x0490  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:44:57.0528 0x0490  aliide - ok
22:44:57.0589 0x0490  [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:44:57.0642 0x0490  AMD External Events Utility - ok
22:44:57.0683 0x0490  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:44:57.0697 0x0490  amdide - ok
22:44:57.0712 0x0490  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:44:57.0797 0x0490  AmdK8 - ok
22:44:57.0816 0x0490  amdkmdag - ok
22:44:57.0861 0x0490  [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:44:57.0918 0x0490  amdkmdap - ok
22:44:57.0952 0x0490  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:44:57.0969 0x0490  AmdPPM - ok
22:44:57.0997 0x0490  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:44:58.0012 0x0490  amdsata - ok
22:44:58.0034 0x0490  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:44:58.0053 0x0490  amdsbs - ok
22:44:58.0057 0x0490  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:44:58.0072 0x0490  amdxata - ok
22:44:58.0106 0x0490  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID           C:\Windows\system32\drivers\appid.sys
22:44:58.0176 0x0490  AppID - ok
22:44:58.0196 0x0490  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:44:58.0238 0x0490  AppIDSvc - ok
22:44:58.0288 0x0490  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
22:44:58.0378 0x0490  Appinfo - ok
22:44:58.0484 0x0490  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:44:58.0497 0x0490  Apple Mobile Device Service - ok
22:44:58.0516 0x0490  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:44:58.0532 0x0490  arc - ok
22:44:58.0546 0x0490  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:44:58.0561 0x0490  arcsas - ok
22:44:58.0661 0x0490  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:44:58.0711 0x0490  aspnet_state - ok
22:44:58.0723 0x0490  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:44:58.0866 0x0490  AsyncMac - ok
22:44:58.0887 0x0490  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:44:58.0899 0x0490  atapi - ok
22:44:58.0938 0x0490  [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:44:59.0006 0x0490  AtiHDAudioService - ok
22:44:59.0048 0x0490  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:44:59.0149 0x0490  AudioEndpointBuilder - ok
22:44:59.0167 0x0490  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:44:59.0194 0x0490  AudioSrv - ok
22:44:59.0251 0x0490  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
22:44:59.0304 0x0490  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
22:45:03.0371 0x0490  Detect skipped due to KSN trusted
22:45:03.0371 0x0490  AVM WLAN Connection Service - ok
22:45:03.0417 0x0490  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
22:45:03.0447 0x0490  avmeject - ok
22:45:03.0621 0x0490  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
22:45:03.0657 0x0490  AVP16.0.0 - ok
22:45:03.0687 0x0490  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:45:03.0752 0x0490  AxInstSV - ok
22:45:03.0822 0x0490  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:45:03.0908 0x0490  b06bdrv - ok
22:45:03.0964 0x0490  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:45:04.0043 0x0490  b57nd60a - ok
22:45:04.0093 0x0490  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:45:04.0184 0x0490  BDESVC - ok
22:45:04.0222 0x0490  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:45:04.0317 0x0490  Beep - ok
22:45:04.0404 0x0490  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:45:04.0507 0x0490  BFE - ok
22:45:04.0689 0x0490  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:45:05.0555 0x0490  BITS - ok
22:45:05.0574 0x0490  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:45:05.0655 0x0490  blbdrive - ok
22:45:05.0885 0x0490  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:45:05.0904 0x0490  Bonjour Service - ok
22:45:05.0975 0x0490  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:45:06.0115 0x0490  bowser - ok
22:45:06.0217 0x0490  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:45:06.0449 0x0490  BrFiltLo - ok
22:45:06.0479 0x0490  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:45:06.0535 0x0490  BrFiltUp - ok
22:45:06.0585 0x0490  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:45:06.0672 0x0490  Browser - ok
22:45:06.0687 0x0490  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:45:06.0832 0x0490  Brserid - ok
22:45:06.0877 0x0490  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:45:06.0984 0x0490  BrSerWdm - ok
22:45:07.0018 0x0490  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:45:07.0082 0x0490  BrUsbMdm - ok
22:45:07.0157 0x0490  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:45:07.0258 0x0490  BrUsbSer - ok
22:45:07.0289 0x0490  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:45:07.0434 0x0490  BTHMODEM - ok
22:45:07.0573 0x0490  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:45:07.0644 0x0490  bthserv - ok
22:45:08.0123 0x0490  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
22:45:08.0179 0x0490  c2cautoupdatesvc - ok
22:45:08.0218 0x0490  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:45:08.0293 0x0490  cdfs - ok
22:45:08.0395 0x0490  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:45:08.0463 0x0490  cdrom - ok
22:45:08.0500 0x0490  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:45:08.0533 0x0490  CertPropSvc - ok
22:45:08.0570 0x0490  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:45:08.0630 0x0490  circlass - ok
22:45:08.0747 0x0490  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:45:08.0770 0x0490  CLFS - ok
22:45:09.0450 0x0490  [ 55C892763A614BA39BA956A0323C65F3, 3A4FFB6140D8390CBA67ADEB459C71B0B6B5720D17E30E2677CC9AB603D43016 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
22:45:09.0515 0x0490  ClickToRunSvc - ok
22:45:09.0654 0x0490  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:45:09.0670 0x0490  clr_optimization_v2.0.50727_32 - ok
22:45:09.0803 0x0490  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:45:09.0839 0x0490  clr_optimization_v2.0.50727_64 - ok
22:45:10.0028 0x0490  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:45:10.0429 0x0490  clr_optimization_v4.0.30319_32 - ok
22:45:10.0462 0x0490  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:45:10.0563 0x0490  clr_optimization_v4.0.30319_64 - ok
22:45:10.0577 0x0490  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:10.0647 0x0490  CmBatt - ok
22:45:10.0713 0x0490  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:45:10.0744 0x0490  cmdide - ok
22:45:11.0153 0x0490  [ A22223EBADA0DA435D82FF97067E9CC5, 2974145532F7ABAA66E897289379B676FBB19757B84CFE2D4967CEB9961B1157 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
22:45:11.0219 0x0490  cmudaxp - ok
22:45:11.0392 0x0490  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
22:45:11.0414 0x0490  cm_km - ok
22:45:11.0584 0x0490  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:45:11.0639 0x0490  CNG - ok
22:45:11.0672 0x0490  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:45:11.0684 0x0490  Compbatt - ok
22:45:11.0735 0x0490  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:45:11.0754 0x0490  CompositeBus - ok
22:45:11.0757 0x0490  COMSysApp - ok
22:45:11.0799 0x0490  cpuz136 - ok
22:45:11.0815 0x0490  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:45:11.0844 0x0490  crcdisk - ok
22:45:11.0898 0x0490  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:45:11.0978 0x0490  CryptSvc - ok
22:45:12.0025 0x0490  [ 46373C2A6873A436C9569B433F45C76A, 685A9F5D005136B0B31B64BBB4BCF760C7FE53A3606D4BB70EF7922BE791C1A4 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
22:45:12.0054 0x0490  ctxusbm - ok
22:45:12.0178 0x0490  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:45:12.0254 0x0490  DcomLaunch - ok
22:45:12.0358 0x0490  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:45:12.0435 0x0490  defragsvc - ok
22:45:12.0797 0x0490  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
22:45:12.0925 0x0490  DevoloNetworkService - ok
22:45:12.0957 0x0490  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:45:13.0044 0x0490  DfsC - ok
22:45:13.0128 0x0490  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
22:45:13.0209 0x0490  dg_ssudbus - ok
22:45:13.0343 0x0490  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:45:13.0532 0x0490  Dhcp - ok
22:45:13.0682 0x0490  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:45:13.0805 0x0490  DiagTrack - ok
22:45:13.0853 0x0490  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:45:13.0970 0x0490  discache - ok
22:45:14.0008 0x0490  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:45:14.0089 0x0490  Disk - ok
22:45:14.0148 0x0490  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:45:14.0226 0x0490  Dnscache - ok
22:45:14.0311 0x0490  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:45:14.0368 0x0490  dot3svc - ok
22:45:14.0432 0x0490  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:45:14.0493 0x0490  DPS - ok
22:45:14.0528 0x0490  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:45:14.0622 0x0490  drmkaud - ok
22:45:14.0899 0x0490  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:45:14.0939 0x0490  DXGKrnl - ok
22:45:14.0994 0x0490  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:45:15.0027 0x0490  EapHost - ok
22:45:15.0916 0x0490  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:45:16.0013 0x0490  ebdrv - ok
22:45:16.0048 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS             C:\Windows\System32\lsass.exe
22:45:16.0167 0x0490  EFS - ok
22:45:16.0428 0x0490  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:45:16.0512 0x0490  ehRecvr - ok
22:45:16.0581 0x0490  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:45:16.0782 0x0490  ehSched - ok
22:45:16.0849 0x0490  [ 4778EEECB75C6FB419745BEED3530B9D, 8683639FF5CC4DB9955C61C28922637D10BB9CDAA20AD260292F8E90DE198205 ] ElRawDisk       C:\Windows\system32\drivers\rsdrvx64.sys
22:45:16.0871 0x0490  ElRawDisk - ok
22:45:17.0032 0x0490  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:45:17.0061 0x0490  elxstor - ok
22:45:17.0116 0x0490  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:45:17.0178 0x0490  ErrDev - ok
22:45:17.0377 0x0490  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:45:17.0453 0x0490  EventSystem - ok
22:45:17.0509 0x0490  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:45:17.0609 0x0490  exfat - ok
22:45:17.0684 0x0490  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:45:17.0819 0x0490  fastfat - ok
22:45:18.0167 0x0490  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:45:18.0321 0x0490  Fax - ok
22:45:18.0404 0x0490  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:45:18.0529 0x0490  fdc - ok
22:45:18.0569 0x0490  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:45:18.0662 0x0490  fdPHost - ok
22:45:18.0706 0x0490  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:45:18.0814 0x0490  FDResPub - ok
22:45:18.0839 0x0490  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:45:18.0882 0x0490  FileInfo - ok
22:45:18.0902 0x0490  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:45:18.0996 0x0490  Filetrace - ok
22:45:19.0049 0x0490  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:19.0156 0x0490  flpydisk - ok
22:45:19.0324 0x0490  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:45:19.0343 0x0490  FltMgr - ok
22:45:19.0429 0x0490  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
22:45:19.0551 0x0490  FontCache - ok
22:45:19.0642 0x0490  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:45:19.0656 0x0490  FontCache3.0.0.0 - ok
22:45:19.0673 0x0490  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:45:19.0691 0x0490  FsDepends - ok
22:45:19.0716 0x0490  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:45:19.0729 0x0490  Fs_Rec - ok
22:45:19.0763 0x0490  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:45:19.0783 0x0490  fvevol - ok
22:45:19.0817 0x0490  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
22:45:19.0857 0x0490  FWLANUSB - ok
22:45:19.0869 0x0490  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:45:19.0884 0x0490  gagp30kx - ok
22:45:19.0907 0x0490  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:45:19.0918 0x0490  GEARAspiWDM - ok
22:45:20.0086 0x0490  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:45:20.0161 0x0490  gpsvc - ok
22:45:20.0311 0x0490  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:20.0349 0x0490  gupdate - ok
22:45:20.0356 0x0490  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:45:20.0369 0x0490  gupdatem - ok
22:45:20.0421 0x0490  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:45:20.0558 0x0490  hcw85cir - ok
22:45:20.0673 0x0490  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:45:20.0724 0x0490  HdAudAddService - ok
22:45:20.0814 0x0490  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:45:20.0875 0x0490  HDAudBus - ok
22:45:20.0957 0x0490  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:45:21.0013 0x0490  HidBatt - ok
22:45:21.0042 0x0490  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:45:21.0105 0x0490  HidBth - ok
22:45:21.0119 0x0490  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:45:21.0163 0x0490  HidIr - ok
22:45:21.0222 0x0490  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:45:21.0359 0x0490  hidserv - ok
22:45:21.0444 0x0490  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:45:21.0551 0x0490  HidUsb - ok
22:45:21.0622 0x0490  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:45:21.0710 0x0490  hkmsvc - ok
22:45:21.0854 0x0490  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:45:21.0967 0x0490  HomeGroupListener - ok
22:45:22.0085 0x0490  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:45:22.0189 0x0490  HomeGroupProvider - ok
22:45:22.0282 0x0490  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:45:22.0335 0x0490  HpSAMD - ok
22:45:22.0598 0x0490  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:45:22.0728 0x0490  HTTP - ok
22:45:22.0807 0x0490  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:45:22.0835 0x0490  hwpolicy - ok
22:45:22.0893 0x0490  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:45:22.0926 0x0490  i8042prt - ok
22:45:23.0163 0x0490  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:45:23.0203 0x0490  iaStorV - ok
22:45:23.0361 0x0490  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:45:23.0405 0x0490  idsvc - ok
22:45:23.0409 0x0490  IEEtwCollectorService - ok
22:45:23.0443 0x0490  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:45:23.0456 0x0490  iirsp - ok
22:45:23.0497 0x0490  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:45:23.0549 0x0490  IKEEXT - ok
22:45:25.0089 0x0490  [ 1747CAA9AB414DEC0FF38CDEBD3A7418, 0B647EF6FFF1E02DAD8B4C764A4A00430898BD089304D52BC05E0D99E80F1236 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:45:25.0177 0x0490  IntcAzAudAddService - ok
22:45:25.0244 0x0490  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:45:25.0288 0x0490  intelide - ok
22:45:25.0380 0x0490  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:45:25.0411 0x0490  intelppm - ok
22:45:25.0472 0x0490  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:45:25.0591 0x0490  IPBusEnum - ok
22:45:25.0753 0x0490  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:25.0874 0x0490  IpFilterDriver - ok
22:45:26.0074 0x0490  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:45:26.0297 0x0490  iphlpsvc - ok
22:45:26.0368 0x0490  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:45:26.0483 0x0490  IPMIDRV - ok
22:45:26.0552 0x0490  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:45:26.0705 0x0490  IPNAT - ok
22:45:26.0955 0x0490  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:45:26.0978 0x0490  iPod Service - ok
22:45:27.0044 0x0490  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:45:27.0624 0x0490  IRENUM - ok
22:45:27.0647 0x0490  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:45:27.0668 0x0490  isapnp - ok
22:45:27.0758 0x0490  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:45:27.0782 0x0490  iScsiPrt - ok
22:45:27.0818 0x0490  [ 73A968D4A85BB2552DDCF72CB15F06D2, 9614AA873F761206D725327499C63A6D83FF4FF1740D046C483A2676E35A2280 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
22:45:27.0842 0x0490  JRAID - ok
22:45:27.0862 0x0490  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:45:27.0884 0x0490  kbdclass - ok
22:45:27.0985 0x0490  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:45:28.0053 0x0490  kbdhid - ok
22:45:28.0079 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
22:45:28.0096 0x0490  KeyIso - ok
22:45:28.0341 0x0490  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
22:45:28.0398 0x0490  kl1 - ok
22:45:28.0451 0x0490  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
22:45:28.0511 0x0490  klbackupdisk - ok
22:45:28.0567 0x0490  [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
22:45:28.0607 0x0490  klbackupflt - ok
22:45:28.0646 0x0490  [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
22:45:28.0667 0x0490  kldisk - ok
22:45:28.0869 0x0490  [ 6D3F864756213A589A86B2E93EBEB3F9, 19B1F21B92E206CAE48AE29EDCFCCA7346E5C8C8F93CA798576D90F112A8B990 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
22:45:28.0909 0x0490  klflt - ok
22:45:29.0039 0x0490  [ FA4108F8C8067E4CDF01CD33BF372280, 69317362032BC353851A1696689FA4A7CA343737B8C3E4D2799BC0CD7079376F ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
22:45:29.0066 0x0490  klhk - ok
22:45:29.0358 0x0490  [ D4EAEEF7BCB49EC1DF1BFA55C9D68ABC, 7546B7DB9EB8743D976CC0F4C567F367361138168F4A751EA461E81A2D66985E ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
22:45:29.0413 0x0490  KLIF - ok
22:45:29.0535 0x0490  [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
22:45:29.0593 0x0490  KLIM6 - ok
22:45:29.0637 0x0490  [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
22:45:29.0665 0x0490  klkbdflt - ok
22:45:29.0679 0x0490  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
22:45:29.0705 0x0490  klmouflt - ok
22:45:29.0753 0x0490  [ 55C46046D2EED16C05B237BA2C881207, 91569E97E2F1FC6B74A1D46168E91F5279A1419A4A51DD28A27520C0B59E5285 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
22:45:29.0785 0x0490  klpd - ok
22:45:29.0803 0x0490  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
22:45:29.0845 0x0490  kltdi - ok
22:45:29.0894 0x0490  [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
22:45:29.0921 0x0490  Klwtp - ok
22:45:29.0981 0x0490  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
22:45:30.0009 0x0490  kneps - ok
22:45:30.0144 0x0490  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:45:30.0188 0x0490  KSecDD - ok
22:45:30.0264 0x0490  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:45:30.0317 0x0490  KSecPkg - ok
22:45:30.0363 0x0490  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:45:30.0497 0x0490  ksthunk - ok
22:45:30.0703 0x0490  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:45:30.0771 0x0490  KtmRm - ok
22:45:30.0909 0x0490  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:45:31.0023 0x0490  LanmanServer - ok
22:45:31.0070 0x0490  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:45:31.0103 0x0490  LanmanWorkstation - ok
22:45:31.0182 0x0490  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:45:31.0243 0x0490  LGBusEnum - ok
22:45:31.0333 0x0490  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:45:31.0346 0x0490  LGVirHid - ok
22:45:31.0402 0x0490  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:45:31.0533 0x0490  lltdio - ok
22:45:31.0708 0x0490  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:45:31.0840 0x0490  lltdsvc - ok
22:45:31.0870 0x0490  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:45:31.0935 0x0490  lmhosts - ok
22:45:31.0976 0x0490  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:45:32.0017 0x0490  LSI_FC - ok
22:45:32.0051 0x0490  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:45:32.0069 0x0490  LSI_SAS - ok
22:45:32.0123 0x0490  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:45:32.0137 0x0490  LSI_SAS2 - ok
22:45:32.0216 0x0490  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:45:32.0233 0x0490  LSI_SCSI - ok
22:45:32.0274 0x0490  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:45:32.0365 0x0490  luafv - ok
22:45:32.0457 0x0490  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:45:32.0477 0x0490  LVRS64 - ok
22:45:33.0837 0x0490  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:45:33.0988 0x0490  LVUVC64 - ok
22:45:34.0137 0x0490  [ E681CE4AE5C09651D53CB4387CA3560E, F8503DB901FE65191AE0229BA44F0BB417626224DEC0743BFC771914D4EEDFDD ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
22:45:34.0153 0x0490  mbamchameleon - ok
22:45:34.0197 0x0490  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:45:34.0211 0x0490  MBAMProtector - ok
22:45:35.0364 0x0490  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:45:35.0451 0x0490  MBAMScheduler - ok
22:45:35.0782 0x0490  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:45:35.0815 0x0490  MBAMService - ok
22:45:35.0901 0x0490  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:45:35.0916 0x0490  MBAMSwissArmy - ok
22:45:35.0944 0x0490  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:45:35.0957 0x0490  MBAMWebAccessControl - ok
22:45:35.0987 0x0490  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:45:36.0007 0x0490  Mcx2Svc - ok
22:45:36.0040 0x0490  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:45:36.0074 0x0490  megasas - ok
22:45:36.0107 0x0490  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:45:36.0127 0x0490  MegaSR - ok
22:45:36.0155 0x0490  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:45:36.0215 0x0490  MMCSS - ok
22:45:36.0259 0x0490  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:45:36.0320 0x0490  Modem - ok
22:45:36.0383 0x0490  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:45:36.0427 0x0490  monitor - ok
22:45:36.0457 0x0490  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:45:36.0471 0x0490  mouclass - ok
22:45:36.0480 0x0490  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:45:36.0496 0x0490  mouhid - ok
22:45:36.0542 0x0490  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:45:36.0574 0x0490  mountmgr - ok
22:45:36.0642 0x0490  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:45:36.0658 0x0490  MozillaMaintenance - ok
22:45:36.0676 0x0490  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:45:36.0693 0x0490  mpio - ok
22:45:36.0711 0x0490  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:45:36.0744 0x0490  mpsdrv - ok
22:45:36.0783 0x0490  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:45:36.0861 0x0490  MpsSvc - ok
22:45:36.0901 0x0490  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:45:36.0980 0x0490  MRxDAV - ok
22:45:37.0008 0x0490  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:37.0042 0x0490  mrxsmb - ok
22:45:37.0063 0x0490  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:37.0117 0x0490  mrxsmb10 - ok
22:45:37.0124 0x0490  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:37.0180 0x0490  mrxsmb20 - ok
22:45:37.0231 0x0490  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:45:37.0244 0x0490  msahci - ok
22:45:37.0286 0x0490  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:45:37.0307 0x0490  msdsm - ok
22:45:37.0339 0x0490  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:45:37.0393 0x0490  MSDTC - ok
22:45:37.0401 0x0490  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:45:37.0453 0x0490  Msfs - ok
22:45:37.0478 0x0490  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:45:37.0618 0x0490  mshidkmdf - ok
22:45:37.0648 0x0490  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:45:37.0661 0x0490  msisadrv - ok
22:45:37.0692 0x0490  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:45:37.0728 0x0490  MSiSCSI - ok
22:45:37.0732 0x0490  msiserver - ok
22:45:37.0755 0x0490  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:45:37.0823 0x0490  MSKSSRV - ok
22:45:37.0856 0x0490  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:37.0903 0x0490  MSPCLOCK - ok
22:45:37.0922 0x0490  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:45:37.0954 0x0490  MSPQM - ok
22:45:37.0975 0x0490  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:45:38.0018 0x0490  MsRPC - ok
22:45:38.0051 0x0490  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:45:38.0064 0x0490  mssmbios - ok
22:45:38.0114 0x0490  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:45:38.0191 0x0490  MSTEE - ok
22:45:38.0228 0x0490  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:45:38.0271 0x0490  MTConfig - ok
22:45:38.0307 0x0490  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:45:38.0348 0x0490  Mup - ok
22:45:38.0450 0x0490  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:45:38.0490 0x0490  napagent - ok
22:45:38.0612 0x0490  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:45:38.0671 0x0490  NativeWifiP - ok
22:45:38.0908 0x0490  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:45:38.0952 0x0490  NDIS - ok
22:45:39.0000 0x0490  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:45:39.0069 0x0490  NdisCap - ok
22:45:39.0127 0x0490  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:45:39.0211 0x0490  NdisTapi - ok
22:45:39.0264 0x0490  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:45:39.0334 0x0490  Ndisuio - ok
22:45:39.0388 0x0490  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:45:39.0448 0x0490  NdisWan - ok
22:45:39.0493 0x0490  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:45:39.0571 0x0490  NDProxy - ok
22:45:39.0666 0x0490  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
22:45:39.0719 0x0490  Netaapl - ok
22:45:39.0736 0x0490  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:45:39.0812 0x0490  NetBIOS - ok
22:45:39.0904 0x0490  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:45:39.0990 0x0490  NetBT - ok
22:45:40.0044 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
22:45:40.0061 0x0490  Netlogon - ok
22:45:40.0092 0x0490  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:45:40.0176 0x0490  Netman - ok
22:45:40.0268 0x0490  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:40.0635 0x0490  NetMsmqActivator - ok
22:45:40.0656 0x0490  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:40.0674 0x0490  NetPipeActivator - ok
22:45:40.0700 0x0490  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:45:40.0740 0x0490  netprofm - ok
22:45:40.0761 0x0490  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:40.0779 0x0490  NetTcpActivator - ok
22:45:40.0821 0x0490  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:45:40.0837 0x0490  NetTcpPortSharing - ok
22:45:40.0872 0x0490  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:45:40.0895 0x0490  nfrd960 - ok
22:45:40.0928 0x0490  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:45:41.0001 0x0490  NlaSvc - ok
22:45:41.0019 0x0490  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:45:41.0072 0x0490  Npfs - ok
22:45:41.0142 0x0490  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
22:45:41.0155 0x0490  NPF_devolo - ok
22:45:41.0231 0x0490  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:45:41.0262 0x0490  nsi - ok
22:45:41.0296 0x0490  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:45:41.0379 0x0490  nsiproxy - ok
22:45:41.0470 0x0490  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:45:41.0524 0x0490  Ntfs - ok
22:45:41.0539 0x0490  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:45:41.0659 0x0490  Null - ok
22:45:41.0726 0x0490  [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
22:45:41.0784 0x0490  nusb3hub - ok
22:45:41.0838 0x0490  [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:45:41.0936 0x0490  nusb3xhc - ok
22:45:41.0986 0x0490  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:45:42.0047 0x0490  nvraid - ok
22:45:42.0091 0x0490  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:45:42.0145 0x0490  nvstor - ok
22:45:42.0189 0x0490  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:45:42.0212 0x0490  nv_agp - ok
22:45:42.0250 0x0490  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:45:42.0315 0x0490  ohci1394 - ok
22:45:42.0566 0x0490  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:45:42.0591 0x0490  ose - ok
22:45:43.0045 0x0490  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:45:43.0177 0x0490  osppsvc - ok
22:45:43.0212 0x0490  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:45:43.0306 0x0490  p2pimsvc - ok
22:45:43.0416 0x0490  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:45:43.0523 0x0490  p2psvc - ok
22:45:43.0571 0x0490  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:45:43.0649 0x0490  Parport - ok
22:45:43.0714 0x0490  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:45:43.0746 0x0490  partmgr - ok
22:45:43.0821 0x0490  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:45:43.0907 0x0490  PcaSvc - ok
22:45:43.0948 0x0490  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:45:43.0978 0x0490  pci - ok
22:45:44.0042 0x0490  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:45:44.0060 0x0490  pciide - ok
22:45:44.0119 0x0490  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:45:44.0157 0x0490  pcmcia - ok
22:45:44.0165 0x0490  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:45:44.0189 0x0490  pcw - ok
22:45:44.0491 0x0490  [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
22:45:44.0545 0x0490  PDF Architect 2 - ok
22:45:44.0771 0x0490  [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
22:45:44.0801 0x0490  PDF Architect 2 Creator - ok
22:45:44.0987 0x0490  [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
22:45:45.0026 0x0490  pdfforge CrashHandler - ok
22:45:45.0114 0x0490  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:45:45.0161 0x0490  PEAUTH - ok
22:45:45.0222 0x0490  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:45:45.0292 0x0490  PerfHost - ok
22:45:45.0385 0x0490  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:45:45.0482 0x0490  pla - ok
22:45:45.0534 0x0490  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:45:45.0617 0x0490  PlugPlay - ok
22:45:45.0704 0x0490  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:45:45.0813 0x0490  PNRPAutoReg - ok
22:45:45.0895 0x0490  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:45:45.0917 0x0490  PNRPsvc - ok
22:45:46.0006 0x0490  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:45:46.0140 0x0490  PolicyAgent - ok
22:45:46.0214 0x0490  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:45:46.0274 0x0490  Power - ok
22:45:46.0318 0x0490  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:45:46.0378 0x0490  PptpMiniport - ok
22:45:46.0415 0x0490  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:45:46.0456 0x0490  Processor - ok
22:45:46.0532 0x0490  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:45:46.0573 0x0490  ProfSvc - ok
22:45:46.0584 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:45:46.0618 0x0490  ProtectedStorage - ok
22:45:46.0642 0x0490  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:45:46.0675 0x0490  Psched - ok
22:45:46.0710 0x0490  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
22:45:46.0723 0x0490  PSI - ok
22:45:46.0788 0x0490  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:45:46.0857 0x0490  ql2300 - ok
22:45:46.0866 0x0490  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:45:46.0902 0x0490  ql40xx - ok
22:45:46.0926 0x0490  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:45:46.0952 0x0490  QWAVE - ok
22:45:46.0967 0x0490  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:45:47.0010 0x0490  QWAVEdrv - ok
22:45:47.0042 0x0490  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:45:47.0075 0x0490  RasAcd - ok
22:45:47.0099 0x0490  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:45:47.0176 0x0490  RasAgileVpn - ok
22:45:47.0231 0x0490  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:45:47.0291 0x0490  RasAuto - ok
22:45:47.0324 0x0490  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:45:47.0379 0x0490  Rasl2tp - ok
22:45:47.0415 0x0490  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:45:47.0454 0x0490  RasMan - ok
22:45:47.0467 0x0490  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:45:47.0501 0x0490  RasPppoe - ok
22:45:47.0506 0x0490  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:45:47.0540 0x0490  RasSstp - ok
22:45:47.0576 0x0490  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:45:47.0639 0x0490  rdbss - ok
22:45:47.0670 0x0490  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:45:47.0707 0x0490  rdpbus - ok
22:45:47.0727 0x0490  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:45:47.0780 0x0490  RDPCDD - ok
22:45:47.0787 0x0490  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:45:47.0818 0x0490  RDPENCDD - ok
22:45:47.0825 0x0490  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:45:47.0857 0x0490  RDPREFMP - ok
22:45:47.0935 0x0490  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:45:48.0028 0x0490  RdpVideoMiniport - ok
22:45:48.0070 0x0490  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:45:48.0113 0x0490  RDPWD - ok
22:45:48.0139 0x0490  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:45:48.0158 0x0490  rdyboost - ok
22:45:48.0196 0x0490  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:45:48.0258 0x0490  RemoteAccess - ok
22:45:48.0308 0x0490  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:45:48.0394 0x0490  RemoteRegistry - ok
22:45:48.0484 0x0490  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:45:48.0571 0x0490  RpcEptMapper - ok
22:45:48.0648 0x0490  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:45:48.0703 0x0490  RpcLocator - ok
22:45:48.0940 0x0490  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:45:48.0980 0x0490  RpcSs - ok
22:45:49.0116 0x0490  [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys
22:45:49.0172 0x0490  RrNetCapFilterDriver - ok
22:45:49.0315 0x0490  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:45:49.0878 0x0490  rspndr - ok
22:45:49.0882 0x0490  RTHDMIAzAudService - ok
22:45:50.0151 0x0490  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:45:50.0187 0x0490  RTL8167 - ok
22:45:50.0219 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs           C:\Windows\system32\lsass.exe
22:45:50.0250 0x0490  SamSs - ok
22:45:50.0345 0x0490  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:45:50.0381 0x0490  sbp2port - ok
22:45:50.0888 0x0490  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:45:51.0060 0x0490  SCardSvr - ok
22:45:51.0178 0x0490  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:45:51.0348 0x0490  scfilter - ok
22:45:51.0409 0x0490  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
22:45:51.0537 0x0490  Schedule - ok
22:45:51.0563 0x0490  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:45:51.0594 0x0490  SCPolicySvc - ok
22:45:51.0685 0x0490  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:45:51.0743 0x0490  SDRSVC - ok
22:45:51.0753 0x0490  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:45:51.0795 0x0490  secdrv - ok
22:45:51.0813 0x0490  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:45:51.0844 0x0490  seclogon - ok
22:45:52.0157 0x0490  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
22:45:52.0209 0x0490  Secunia PSI Agent - ok
22:45:52.0247 0x0490  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
22:45:52.0271 0x0490  Secunia Update Agent - ok
22:45:52.0294 0x0490  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:45:52.0353 0x0490  SENS - ok
22:45:52.0379 0x0490  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:45:52.0479 0x0490  SensrSvc - ok
22:45:52.0494 0x0490  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:45:52.0509 0x0490  Serenum - ok
22:45:52.0523 0x0490  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:45:52.0567 0x0490  Serial - ok
22:45:52.0614 0x0490  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:45:52.0659 0x0490  sermouse - ok
22:45:52.0715 0x0490  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:45:52.0778 0x0490  SessionEnv - ok
22:45:52.0805 0x0490  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:45:52.0864 0x0490  sffdisk - ok
22:45:52.0889 0x0490  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:45:52.0905 0x0490  sffp_mmc - ok
22:45:52.0917 0x0490  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:45:52.0937 0x0490  sffp_sd - ok
22:45:52.0960 0x0490  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:45:52.0977 0x0490  sfloppy - ok
22:45:53.0029 0x0490  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:45:53.0069 0x0490  SharedAccess - ok
22:45:53.0137 0x0490  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:45:53.0176 0x0490  ShellHWDetection - ok
22:45:53.0192 0x0490  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:45:53.0207 0x0490  SiSRaid2 - ok
22:45:53.0241 0x0490  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:45:53.0278 0x0490  SiSRaid4 - ok
22:45:53.0383 0x0490  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:45:53.0430 0x0490  SkypeUpdate - ok
22:45:53.0466 0x0490  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:45:53.0501 0x0490  Smb - ok
22:45:53.0553 0x0490  [ B6EBAD9D72DA681E1976AD51DE1B73F5, 59C9E2EB3340D9A28B9EB06379975B79D62F8239C1F0B24B3BF2D3756C58A512 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:45:53.0567 0x0490  SmbDrvI - ok
22:45:53.0612 0x0490  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:45:53.0651 0x0490  SNMPTRAP - ok
22:45:53.0693 0x0490  [ F9369327409492097B0BB7CE86BD29DE, 7E9B7A9659A6971029E491C702C306E2078B8F5547FCF874FDA8BAD5898D5E25 ] Soluto          C:\Windows\system32\DRIVERS\Soluto.sys
22:45:53.0708 0x0490  Soluto - ok
22:45:53.0736 0x0490  [ D56C85099CA6D7A5CED861FE920D2DB6, D6D003B660E5F9B2AA5546C96283D76833A6CDD16DEFC46D7225348192F47655 ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
22:45:53.0751 0x0490  SolutoLauncherService - ok
22:45:53.0804 0x0490  [ 92875E1EE2915A165C5E86089197E94B, 65BCE5670A9A7A98A59F48043AD61475FB85AC7A5DCC72C6DFC12305FC308A53 ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe
22:45:53.0848 0x0490  SolutoRemoteService - detected UnsignedFile.Multi.Generic ( 1 )
22:46:03.0902 0x0490  SolutoRemoteService ( UnsignedFile.Multi.Generic ) - warning
22:46:03.0902 0x0490  Force sending object to P2P due to detect: SolutoRemoteService
22:46:07.0902 0x0490  Object send P2P result: true
22:46:09.0339 0x08e0  Object required for P2P: [ 55C892763A614BA39BA956A0323C65F3 ] ClickToRunSvc
22:46:10.0900 0x0490  [ 7B35E1FFBF3B3A8763122BC34FEAEA3C, 8E3DCA135759FFD7ED1032CCCE5D562D60E4BDFE6C4C3AEC50F893C2657CC810 ] SolutoService   C:\Program Files\Soluto\SolutoService.exe
22:46:10.0928 0x0490  SolutoService - ok
22:46:10.0963 0x0490  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:46:10.0977 0x0490  spldr - ok
22:46:11.0013 0x0490  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:46:11.0100 0x0490  Spooler - ok
22:46:11.0217 0x0490  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:46:11.0363 0x0490  sppsvc - ok
22:46:11.0420 0x0490  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:46:11.0452 0x0490  sppuinotify - ok
22:46:11.0487 0x0490  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:46:11.0619 0x0490  srv - ok
22:46:11.0632 0x0490  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:46:11.0684 0x0490  srv2 - ok
22:46:11.0693 0x0490  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:46:11.0715 0x0490  srvnet - ok
22:46:11.0747 0x0490  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:46:11.0811 0x0490  SSDPSRV - ok
22:46:11.0839 0x0490  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:46:11.0873 0x0490  SstpSvc - ok
22:46:11.0926 0x0490  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
22:46:11.0946 0x0490  ssudmdm - ok
22:46:12.0034 0x0490  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
22:46:12.0060 0x0490  ss_conn_service - ok
22:46:12.0075 0x0490  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:46:12.0091 0x0490  stexstor - ok
22:46:12.0126 0x0490  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:46:12.0189 0x0490  stisvc - ok
22:46:12.0219 0x08e0  Object send P2P result: true
22:46:12.0221 0x0490  [ 9CFEFD62D86DABFAC12D1C5ED72BA6A4, 1FFE4371450F53FD774CA0349CC28F559695761C18759CEB04933FDF2FD98F65 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
22:46:12.0240 0x0490  SWDUMon - ok
22:46:12.0258 0x0490  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:46:12.0273 0x0490  swenum - ok
22:46:12.0301 0x0490  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:46:12.0347 0x0490  swprv - ok
22:46:12.0412 0x0490  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
22:46:12.0518 0x0490  SysMain - ok
22:46:12.0554 0x0490  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:46:12.0597 0x0490  TabletInputService - ok
22:46:12.0648 0x0490  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:46:12.0719 0x0490  TapiSrv - ok
22:46:12.0757 0x0490  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
22:46:12.0770 0x0490  tbhsd - ok
22:46:12.0794 0x0490  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:46:12.0827 0x0490  TBS - ok
22:46:12.0893 0x0490  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:46:12.0952 0x0490  Tcpip - ok
22:46:12.0999 0x0490  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:46:13.0046 0x0490  TCPIP6 - ok
22:46:13.0077 0x0490  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:46:13.0094 0x0490  tcpipreg - ok
22:46:13.0139 0x0490  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:46:13.0187 0x0490  TDPIPE - ok
22:46:13.0231 0x0490  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:46:13.0277 0x0490  TDTCP - ok
22:46:13.0323 0x0490  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:46:13.0361 0x0490  tdx - ok
22:46:13.0600 0x0490  [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
22:46:13.0737 0x0490  TeamViewer9 - ok
22:46:13.0761 0x0490  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:46:13.0777 0x0490  TermDD - ok
22:46:13.0820 0x0490  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:46:13.0900 0x0490  TermService - ok
22:46:13.0917 0x0490  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:46:13.0938 0x0490  Themes - ok
22:46:13.0961 0x0490  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:46:13.0992 0x0490  THREADORDER - ok
22:46:14.0005 0x0490  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:46:14.0070 0x0490  TrkWks - ok
22:46:14.0132 0x0490  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:46:14.0166 0x0490  TrustedInstaller - ok
22:46:14.0192 0x0490  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:46:14.0209 0x0490  tssecsrv - ok
22:46:14.0226 0x0490  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:46:14.0303 0x0490  TsUsbFlt - ok
22:46:14.0394 0x0490  [ 82B220AAC7079DBD34F014589E5A5886, F5F82C0C9BB13F041CA3750A478E2062BCF1A64AC901655413A61A719DFC34F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:46:14.0451 0x0490  TuneUp.UtilitiesSvc - ok
22:46:14.0476 0x0490  [ DB3C912A851FCA6358FED4D53DAA7E91, B35375EC9AF61D829489D9B278605E2098D6402419E79EB24C65D3B65816AEBC ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:46:14.0493 0x0490  TuneUpUtilitiesDrv - ok
22:46:14.0521 0x0490  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:46:14.0578 0x0490  tunnel - ok
22:46:14.0605 0x0490  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:46:14.0620 0x0490  uagp35 - ok
22:46:14.0651 0x0490  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:46:14.0720 0x0490  udfs - ok
22:46:14.0759 0x0490  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:46:14.0800 0x0490  UI0Detect - ok
22:46:14.0823 0x0490  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:46:14.0839 0x0490  uliagpkx - ok
22:46:14.0858 0x0490  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:46:14.0906 0x0490  umbus - ok
22:46:14.0948 0x0490  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:46:14.0996 0x0490  UmPass - ok
22:46:15.0051 0x0490  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:46:15.0158 0x0490  upnphost - ok
22:46:15.0301 0x0490  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:46:15.0806 0x0490  USBAAPL64 - ok
22:46:16.0332 0x0490  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:46:16.0370 0x0490  usbaudio - ok
22:46:16.0394 0x0490  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:46:16.0424 0x0490  usbccgp - ok
22:46:16.0445 0x0490  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:46:16.0507 0x0490  usbcir - ok
22:46:16.0521 0x0490  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:46:16.0561 0x0490  usbehci - ok
22:46:16.0573 0x0490  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:46:16.0606 0x0490  usbhub - ok
22:46:16.0642 0x0490  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:46:16.0697 0x0490  usbohci - ok
22:46:16.0721 0x0490  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:46:16.0740 0x0490  usbprint - ok
22:46:16.0754 0x0490  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
22:46:16.0782 0x0490  usbscan - ok
22:46:16.0817 0x0490  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:46:16.0843 0x0490  USBSTOR - ok
22:46:16.0857 0x0490  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:46:16.0874 0x0490  usbuhci - ok
22:46:16.0898 0x0490  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:46:16.0948 0x0490  usbvideo - ok
22:46:16.0979 0x0490  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:46:17.0033 0x0490  UxSms - ok
22:46:17.0191 0x0490  [ F64EACAD95ED83179EBC1F1B1434027C, 86D2A1A3444EBE4453CE7F27C9F0A1514D980499C7E6534BEE65A40D66C90C16 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
22:46:17.0216 0x0490  UxTuneUp - ok
22:46:17.0244 0x0490  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
22:46:17.0336 0x0490  VaultSvc - ok
22:46:17.0384 0x0490  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:46:17.0398 0x0490  vdrvroot - ok
22:46:17.0441 0x0490  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:46:17.0514 0x0490  vds - ok
22:46:17.0550 0x0490  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:46:17.0569 0x0490  vga - ok
22:46:17.0583 0x0490  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:46:17.0640 0x0490  VgaSave - ok
22:46:17.0691 0x0490  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:46:17.0709 0x0490  vhdmp - ok
22:46:17.0727 0x0490  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:46:17.0742 0x0490  viaide - ok
22:46:17.0756 0x0490  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:46:17.0771 0x0490  volmgr - ok
22:46:17.0787 0x0490  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:46:17.0809 0x0490  volmgrx - ok
22:46:17.0833 0x0490  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:46:17.0853 0x0490  volsnap - ok
22:46:17.0868 0x0490  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:46:17.0886 0x0490  vsmraid - ok
22:46:17.0941 0x0490  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:46:18.0010 0x0490  VSS - ok
22:46:18.0107 0x0490  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
22:46:18.0123 0x0490  vssbrigde64 - ok
22:46:18.0141 0x0490  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:46:18.0183 0x0490  vwifibus - ok
22:46:18.0233 0x0490  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:46:18.0272 0x0490  W32Time - ok
22:46:18.0297 0x0490  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:46:18.0336 0x0490  WacomPen - ok
22:46:18.0373 0x0490  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:46:18.0435 0x0490  WANARP - ok
22:46:18.0440 0x0490  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:46:18.0471 0x0490  Wanarpv6 - ok
22:46:18.0546 0x0490  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:46:18.0606 0x0490  wbengine - ok
22:46:18.0635 0x0490  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:46:18.0682 0x0490  WbioSrvc - ok
22:46:18.0732 0x0490  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:46:18.0800 0x0490  wcncsvc - ok
22:46:18.0825 0x0490  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:46:18.0855 0x0490  WcsPlugInService - ok
22:46:18.0871 0x0490  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:46:18.0885 0x0490  Wd - ok
22:46:18.0920 0x0490  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:46:18.0953 0x0490  Wdf01000 - ok
22:46:18.0980 0x0490  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:46:19.0011 0x0490  WdiServiceHost - ok
22:46:19.0017 0x0490  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:46:19.0035 0x0490  WdiSystemHost - ok
22:46:19.0064 0x0490  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
22:46:19.0155 0x0490  WebClient - ok
22:46:19.0235 0x0490  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:46:19.0273 0x0490  Wecsvc - ok
22:46:19.0288 0x0490  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:46:19.0334 0x0490  wercplsupport - ok
22:46:19.0357 0x0490  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:46:19.0414 0x0490  WerSvc - ok
22:46:19.0444 0x0490  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:46:19.0474 0x0490  WfpLwf - ok
22:46:19.0503 0x0490  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:46:19.0517 0x0490  WIMMount - ok
22:46:19.0538 0x0490  WinDefend - ok
22:46:19.0551 0x0490  WinHttpAutoProxySvc - ok
22:46:19.0604 0x0490  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:46:19.0641 0x0490  Winmgmt - ok
22:46:19.0713 0x0490  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:46:19.0837 0x0490  WinRM - ok
22:46:19.0874 0x0490  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:46:19.0902 0x0490  WinUsb - ok
22:46:20.0035 0x0490  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:46:20.0129 0x0490  Wlansvc - ok
22:46:20.0179 0x0490  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:46:20.0195 0x0490  WmiAcpi - ok
22:46:20.0435 0x0490  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:46:20.0546 0x0490  wmiApSrv - ok
22:46:20.0720 0x0490  WMPNetworkSvc - ok
22:46:20.0775 0x0490  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:46:20.0874 0x0490  WPCSvc - ok
22:46:20.0903 0x0490  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:46:21.0012 0x0490  WPDBusEnum - ok
22:46:21.0187 0x0490  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:46:21.0220 0x0490  ws2ifsl - ok
22:46:21.0240 0x0490  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:46:21.0302 0x0490  wscsvc - ok
22:46:21.0357 0x0490  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
22:46:21.0484 0x0490  WSDPrintDevice - ok
22:46:21.0545 0x0490  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
22:46:21.0560 0x0490  WSDScan - ok
22:46:21.0566 0x0490  WSearch - ok
22:46:21.0651 0x0490  [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv        C:\Windows\system32\wuaueng.dll
22:46:21.0748 0x0490  wuauserv - ok
22:46:21.0771 0x0490  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:46:21.0802 0x0490  WudfPf - ok
22:46:21.0818 0x0490  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:46:21.0863 0x0490  WUDFRd - ok
22:46:21.0903 0x0490  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:46:21.0944 0x0490  wudfsvc - ok
22:46:22.0001 0x0490  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:46:22.0078 0x0490  WwanSvc - ok
22:46:22.0093 0x0490  ================ Scan global ===============================
22:46:22.0142 0x0490  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:46:22.0172 0x0490  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
22:46:22.0183 0x0490  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
22:46:22.0209 0x0490  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:46:22.0234 0x0490  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:46:22.0242 0x0490  [ Global ] - ok
22:46:22.0242 0x0490  ================ Scan MBR ==================================
22:46:22.0245 0x0490  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:46:22.0385 0x0490  \Device\Harddisk0\DR0 - ok
22:46:22.0394 0x0490  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:46:22.0520 0x0490  \Device\Harddisk1\DR1 - ok
22:46:22.0522 0x0490  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2
22:46:22.0641 0x0490  \Device\Harddisk2\DR2 - ok
22:46:22.0641 0x0490  ================ Scan VBR ==================================
22:46:22.0643 0x0490  [ 1FB3129C00EEC6FDB643C708F024201D ] \Device\Harddisk0\DR0\Partition1
22:46:22.0665 0x0490  \Device\Harddisk0\DR0\Partition1 - ok
22:46:22.0668 0x0490  [ 0647B226B4BA975DFB71952B33ED2900 ] \Device\Harddisk0\DR0\Partition2
22:46:22.0685 0x0490  \Device\Harddisk0\DR0\Partition2 - ok
22:46:22.0687 0x0490  [ C296ED034B946725DD04DF804037FE6B ] \Device\Harddisk1\DR1\Partition1
22:46:22.0750 0x0490  \Device\Harddisk1\DR1\Partition1 - ok
22:46:22.0753 0x0490  [ A46A62F0D94068450F8E62F085820A82 ] \Device\Harddisk2\DR2\Partition1
22:46:22.0755 0x0490  \Device\Harddisk2\DR2\Partition1 - ok
22:46:22.0755 0x0490  ================ Scan generic autorun ======================
22:46:23.0117 0x0490  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:46:23.0445 0x0490  RtHDVCpl - ok
22:46:23.0721 0x0490  [ 568AF5AB79BC0CA3FDDD49C03363F605, A9D74EB4B4B063B509CCDECA4E9E988A969E635A608CBFA51B9147719CBF3DE1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:46:23.0976 0x0490  Launch LCore - ok
22:46:24.0021 0x0490  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
22:46:24.0036 0x0490  iTunesHelper - ok
22:46:24.0071 0x0490  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
22:46:24.0102 0x0490  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
22:46:26.0991 0x0490  Detect skipped due to KSN trusted
22:46:26.0991 0x0490  Cmaudio8788GX64 - ok
22:46:27.0038 0x0490  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
22:46:27.0048 0x0490  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
22:46:29.0965 0x0490  Detect skipped due to KSN trusted
22:46:29.0966 0x0490  Cmaudio8788GX - ok
22:46:29.0989 0x0490  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
22:46:30.0033 0x0490  Cmaudio8788 - ok
22:46:30.0115 0x0490  [ 0ADFE5BC5486935E79FEFA545CB8599B, 4D3FB3734321AD7C505E1A80977E9DF73EA52CD03467629E1DF3DA1A7B0F9147 ] C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
22:46:30.0188 0x0490  SPEEDLINK KUDOS - detected UnsignedFile.Multi.Generic ( 1 )
22:46:33.0743 0x0490  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - warning
22:46:36.0579 0x0490  [ 299EDE8BBC229B7FA0BC0369BAE8CA2E, 788C06C7EDDDC0687A4137BDA00D320146425768960066FCBE0391BE7DBC2280 ] C:\PROGRA~2\Raptr\raptrstub.exe
22:46:36.0593 0x0490  Raptr - ok
22:46:36.0624 0x0490  [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
22:46:36.0643 0x0490  PDFPrint - ok
22:46:36.0701 0x0490  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
22:46:36.0714 0x0490  NUSB3MON - ok
22:46:36.0745 0x0490  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
22:46:36.0761 0x0490  LWS - ok
22:46:36.0803 0x0490  [ FC77F245431D4DA5A9E2A53F3A14B162, 5D45F1AD5492703861873A38FE87F4B8EBBD2DEE3DCFB075D35A362212DF9B04 ] C:\Windows\RaidTool\xInsIDE.exe
22:46:36.0816 0x0490  JMB36X IDE Setup - ok
22:46:36.0894 0x0490  [ 73C583DC51E6279EF9DBFE2B75D3BEEF, BD6AFDAB29E511DD01B772AB0BEA9717290D8E1151553DC1CC263D5628AC0BE7 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:46:36.0949 0x0490  DivXUpdate - ok
22:46:36.0980 0x0490  [ 1F02F97238874324C4E371A41EFAE235, 0D546E150C1ADED852DD71762EB45CEF3799F7BA660EAF066E0B7B521EADA8CE ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
22:46:37.0001 0x0490  DivXMediaServer - ok
22:46:37.0071 0x0490  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
22:46:37.0126 0x0490  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
22:46:40.0002 0x0490  Detect skipped due to KSN trusted
22:46:40.0002 0x0490  AVMWlanClient - ok
22:46:40.0048 0x0490  [ 4E95B1FDDC9E51678BFA2A723EAA94EF, B52F87C61486E9E1321048C50982A85A693CC08E2B1584B497CA9D0D2428BBE8 ] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
22:46:40.0068 0x0490  AgentMonitor - ok
22:46:40.0428 0x0490  [ D5DDC3EC0BF960389E9A964D7CC8CC30, 02C06CF596B33B1883C371EA9B61B1EC41319EFF853A54864329129699534769 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
22:46:40.0535 0x0490  StartCCC - ok
22:46:40.0629 0x0490  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:46:40.0721 0x0490  Sidebar - ok
22:46:40.0746 0x0490  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:46:40.0767 0x0490  mctadmin - ok
22:46:40.0796 0x0490  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:46:40.0836 0x0490  Sidebar - ok
22:46:40.0841 0x0490  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:46:40.0861 0x0490  mctadmin - ok
22:46:41.0330 0x0490  [ 9D199992DFADBA8720B9037C045657F2, 7FB89E0EED185341A85C4EE6F96BE26A840904CF6E25C032F489EB23D6242B4B ] C:\Users\Wowa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:46:41.0388 0x0490  Spotify Web Helper - ok
22:46:41.0476 0x0490  [ EA87C80C970AD2F0D4D30E5428F28299, 042789D53694AD2F7BC16DBFA94745468A14F445217D9FF3AD3FA732017C6931 ] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe
22:46:41.0511 0x0490  Kies3PDLR.exe - ok
22:46:41.0581 0x0490  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:46:41.0593 0x0490  iCloudServices - ok
22:46:41.0691 0x0490  [ EEB673DCEE56CA90701FF2ED8E6EA585, 1A0D79C6FE42FB3060ACECDC7C177D0FEFD5F5BE45E58A2CCB5F2B69ADFB09F9 ] C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
22:46:41.0760 0x0490  AudialsNotifier - ok
22:46:41.0788 0x0490  [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
22:46:41.0799 0x0490  ApplePhotoStreams - ok
22:46:41.0803 0x0490  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:46:41.0815 0x0490  iCloudServices - ok
22:46:41.0818 0x0490  [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
22:46:41.0829 0x0490  ApplePhotoStreams - ok
22:46:41.0851 0x0490  [ 4016CE43255F0BE4FBE4A54F4500B021, 125A4BA4F0EF844F8320829ECED5D5CB1503A066E0D1A9D17702220F4C32F1E3 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
22:46:41.0863 0x0490  iCloudDrive - ok
22:46:41.0924 0x0490  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINPE.EXE
22:46:41.0943 0x0490  EPLTarget\P0000000000000000 - ok
22:46:41.0944 0x0490  Waiting for KSN requests completion. In queue: 22
22:46:42.0944 0x0490  Waiting for KSN requests completion. In queue: 22
22:46:43.0944 0x0490  Waiting for KSN requests completion. In queue: 22
22:46:44.0999 0x0490  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x40000 ( disabled : updated )
22:46:45.0001 0x0490  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x40010 ( disabled )
22:46:45.0015 0x0490  Win FW state via NFP2: enabled ( trusted )
22:46:47.0792 0x0490  ============================================================
22:46:47.0792 0x0490  Scan finished
22:46:47.0792 0x0490  ============================================================
22:46:47.0801 0x17e4  Detected object count: 2
22:46:47.0801 0x17e4  Actual detected object count: 2
22:47:06.0918 0x17e4  SolutoRemoteService ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:06.0918 0x17e4  SolutoRemoteService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:47:06.0919 0x17e4  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:06.0919 0x17e4  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 29.09.2015, 19:05   #8
schrauber
/// the machine
/// TB-Ausbilder
 

web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



Keine Malware. Passwort vom Account geändert?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.09.2015, 20:23   #9
ryuhoshi
 
web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



ja Passwort ist geändert. Nach Neuinstallation von Kaspersky geht es auch wieder. Danke!

Alt 30.09.2015, 19:26   #10
schrauber
/// the machine
/// TB-Ausbilder
 

web.de Spam Email an alle Kontakte - Standard

web.de Spam Email an alle Kontakte



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu web.de Spam Email an alle Kontakte
alle kontakte, deutlich, email, erhalte, erhalten, folge, folgende, folgenden, freunde, friend, gemerkt, hallo zusammen, kontakt, kontakte, monate, passwort, postfach, sicherheit, spam, spam email, this, virus, web.de, zunächst, zusammen




Ähnliche Themen: web.de Spam Email an alle Kontakte


  1. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  2. Mein GMX-Account versendet Spam an alle meine Kontakte
    Log-Analyse und Auswertung - 10.12.2014 (10)
  3. AOL Email gehackt, geklaut? Spam an Kontakte verschickt!
    Überwachung, Datenschutz und Spam - 12.09.2014 (1)
  4. Hotmail-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (7)
  5. Mein yahoo email-account verschickt SPAM an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (9)
  6. AOL Email-Konto verschichickt Spam-Mails (auch an FB Kontakte)
    Plagegeister aller Art und deren Bekämpfung - 10.05.2013 (3)
  7. Automatische Spam-Mails an alle meine Kontakte (live.de)
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (3)
  8. Mein yahoo mail account verschickt spam emails an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  9. AOL-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (1)
  10. EMAIL versendet SPAM an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (3)
  11. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 22.11.2011 (1)
  12. Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!
    Plagegeister aller Art und deren Bekämpfung - 20.10.2011 (23)
  13. Facebook versendet an alle meine Kontakte Spam mails
    Log-Analyse und Auswertung - 15.08.2011 (1)
  14. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 25.04.2011 (0)
  15. Computer versendet automatisch mit Hotmail an alle Kontakte Spam-Mails
    Log-Analyse und Auswertung - 08.02.2011 (13)
  16. Über meine email-Adresse wurde Spam an Kontakte versendet! Malware gefunden!
    Log-Analyse und Auswertung - 16.11.2010 (12)
  17. Malware verschickt Spam an komplettes Email-kontakte Kontingent
    Plagegeister aller Art und deren Bekämpfung - 05.04.2010 (1)

Zum Thema web.de Spam Email an alle Kontakte - Hallo zusammen, ich habe zunächst seit paar Monaten gemerkt dass mein Postfach deutlich mehr spam als sonst bekommt und kürzlich mir mehrere Freunde angeschrieben haben dass sie eine spam Email - web.de Spam Email an alle Kontakte...
Archiv
Du betrachtest: web.de Spam Email an alle Kontakte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.