Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1: Zugriff auf Router durch Fremdsoftware?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.09.2015, 15:58   #1
Identity
 
Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



Hallo,

heute hat sich scheinbar jemand Zugriff auf meinen Router verschafft. Plötzlich hatte ich keine Internetverbindung und das SSID wurde umbenannt.
Nun frage ich mich, ob dafür Fremdsoftware verantwortlich ist, welche sich auf meinem Rechner versteckt hat.

Danke für eure Hife

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:53 on 24/09/2015 (Kevin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Kevin (Administrator) auf KEVIN-PC (24-09-2015 15:30:22)
Gestartet von C:\Users\Kevin\Desktop
Geladene Profile: Kevin (Verfügbare Profile: Kevin)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-20] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Spotify] => C:\Users\Kevin\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-11] (Spotify Ltd)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Spotify Web Helper] => C:\Users\Kevin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-11] (Spotify Ltd)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Dropbox Update] => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2014-09-29]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-02-20]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6477265F-4346-4A7B-8C1E-1713956EC9AF}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E7C03003-35B2-4FC5-9684-C7A781231506}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1492992966-3316130111-433737794-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Amazon.de
FF SelectedSearchEngine: mystartsearch
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-02-18] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1492992966-3316130111-433737794-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1492992966-3316130111-433737794-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-02-18] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\searchplugins\google-images.xml [2014-09-14]
FF SearchPlugin: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\searchplugins\google-maps.xml [2014-09-14]
FF Extension: Youtube MP3 Podcaster - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2015-06-11]
FF Extension: YouTube mp3 - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\info@youtube-mp3.org.xpi [2015-04-01]
FF Extension: Rocket Beans TV Sendeplan für Firefox - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\javos-firebeans-rbtvfx@jetpack.xpi [2015-01-25]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\vdpure@link64.xpi [2014-09-05]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-03-23]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\extensions\searchengine@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\extensions\istart_ffnt@gmail.com
FF HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17]
CHR Extension: (Google Docs) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-17]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]
CHR Extension: (Adblock Plus) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
CHR Extension: (Google-Suche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Click&Clean) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-17]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Scholar-Schaltfläche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-05-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]
CHR Extension: (Google Mail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-20] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-20] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-20] (AVAST Software)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-20] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 14:55 - 2015-09-24 15:30 - 00000000 ____D C:\FRST
2015-09-24 14:52 - 2015-09-24 14:53 - 00000472 _____ C:\Users\Kevin\Desktop\defogger_disable.log
2015-09-24 14:52 - 2015-09-24 14:52 - 00000000 _____ C:\Users\Kevin\defogger_reenable
2015-09-24 14:49 - 2015-09-24 14:49 - 00380416 _____ C:\Users\Kevin\Desktop\Gmer-19357.exe
2015-09-24 14:48 - 2015-09-24 14:49 - 02192384 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2015-09-24 14:48 - 2015-09-24 14:48 - 00050477 _____ C:\Users\Kevin\Downloads\Defogger.exe
2015-09-24 14:45 - 2015-09-24 14:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-24 14:45 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-09-24 14:37 - 2015-09-24 14:37 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-24 14:37 - 2015-09-24 14:37 - 00001391 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-09-24 14:37 - 2015-09-24 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-24 14:36 - 2015-09-24 14:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-24 14:36 - 2015-09-24 14:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-24 14:36 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-09-24 14:30 - 2015-09-24 14:30 - 01457952 _____ C:\Users\Kevin\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-09-22 23:33 - 2015-09-24 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-22 14:14 - 2015-09-22 14:14 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\WordMat
2015-09-21 12:04 - 2015-09-21 12:10 - 124053804 _____ (Eduap ) C:\Users\Kevin\Downloads\WordMat109.exe
2015-09-14 10:49 - 2015-09-14 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-13 02:43 - 2015-09-15 23:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-09 05:23 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 05:23 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 05:23 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 05:23 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 05:23 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 05:23 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 05:22 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 05:22 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 05:22 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 05:22 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 05:22 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 05:22 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 05:22 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 05:22 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 05:22 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 05:22 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 05:22 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 05:22 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 05:22 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 05:22 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 05:22 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 05:22 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 05:22 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 05:22 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 05:22 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 05:22 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 05:22 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 05:22 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 05:22 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 05:22 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 05:22 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 05:22 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 05:22 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 05:22 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 05:22 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 05:22 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 05:22 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 05:22 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 05:22 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 05:22 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 05:22 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 05:22 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 05:22 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 05:21 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 05:21 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 05:21 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 05:21 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 05:21 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 05:21 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 05:21 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 05:21 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 05:21 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 05:21 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 05:21 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 05:21 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 05:21 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 05:21 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 05:21 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 05:21 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 05:21 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 05:21 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 05:21 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 05:21 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 05:21 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 05:21 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 05:21 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 05:21 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-09 05:21 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 05:21 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 05:21 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 05:21 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-07 13:31 - 2015-09-07 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-02 09:37 - 2015-09-02 09:37 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 15:26 - 2015-06-03 16:29 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Skype
2015-09-24 15:26 - 2015-03-17 20:30 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-24 15:24 - 2014-02-10 22:45 - 00000000 ____D C:\Users\Kevin
2015-09-24 15:22 - 2014-11-13 23:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-24 15:22 - 2013-08-22 16:46 - 00087276 _____ C:\Windows\setupact.log
2015-09-24 15:22 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 15:21 - 2013-08-22 16:44 - 00517032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-24 15:19 - 2014-02-10 22:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-24 15:19 - 2014-02-10 21:55 - 00165280 _____ C:\Windows\PFRO.log
2015-09-24 15:03 - 2014-03-18 11:16 - 00001840 _____ C:\Windows\Sandboxie.ini
2015-09-24 15:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-24 15:01 - 2014-02-10 22:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492992966-3316130111-433737794-1001
2015-09-24 14:59 - 2015-03-17 20:30 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-24 14:33 - 2015-06-26 09:23 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA.job
2015-09-24 14:33 - 2014-02-10 22:33 - 01619831 _____ C:\Windows\WindowsUpdate.log
2015-09-24 12:38 - 2014-02-11 10:32 - 00000000 ___RD C:\Users\Kevin\Dropbox
2015-09-24 12:37 - 2014-02-11 10:30 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Dropbox
2015-09-24 11:30 - 2014-06-11 10:54 - 00000000 ____D C:\Users\Kevin\AppData\Local\Akamai
2015-09-23 06:33 - 2015-06-26 09:23 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core.job
2015-09-22 15:10 - 2014-11-13 23:36 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-22 12:22 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-16 23:49 - 2014-03-05 01:21 - 02256896 ___SH C:\Users\Kevin\Desktop\Thumbs.db
2015-09-16 14:54 - 2015-03-17 20:30 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:54 - 2015-03-17 20:30 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 23:00 - 2014-02-10 22:33 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-15 23:00 - 2013-08-23 01:24 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-09-15 23:00 - 2013-08-23 01:24 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-09-15 03:18 - 2015-03-12 08:49 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-12 08:49 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 10:49 - 2014-12-16 12:54 - 00000000 ____D C:\ProgramData\Cisco
2015-09-14 10:49 - 2014-12-16 12:54 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-09-12 10:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-09 12:43 - 2014-02-10 23:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-09 12:31 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-09 12:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 12:16 - 2014-02-18 12:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 11:52 - 2013-08-23 01:26 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 11:52 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-09-09 11:50 - 2014-02-17 09:14 - 00000000 ____D C:\Windows\system32\MRT
2015-08-31 20:36 - 2014-03-16 10:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-31 20:36 - 2014-03-16 10:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-26 18:37 - 2014-02-17 09:14 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-11 09:18 - 2015-04-11 09:18 - 0000096 _____ () C:\Users\Kevin\AppData\Roaming\settings.xml
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Kevin\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Kevin\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Kevin\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Kevin\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Kevin\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Kevin\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Kevin\AppData\Local\ogg.dll
2015-04-09 10:35 - 2015-05-20 19:31 - 0001469 _____ () C:\Users\Kevin\AppData\Local\RecConfig.xml
2015-01-02 19:49 - 2015-01-02 19:49 - 0053247 _____ () C:\Users\Kevin\AppData\Local\recently-used.xbel
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Kevin\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Kevin\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Kevin\AppData\Local\vorbisfile.dll

Einige Dateien in TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplwa6tg.dll
C:\Users\Kevin\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Kevin\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Kevin\AppData\Local\Temp\kernel32.dll
C:\Users\Kevin\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Kevin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Kevin\AppData\Local\Temp\tester.dll
C:\Users\Kevin\AppData\Local\Temp\tmp19AC.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmp36BA.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmp890A.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpA01D.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpEB54.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpEF2F.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Kevin (2015-09-24 14:56:57)
Gestartet von C:\Users\Kevin\Desktop
Windows 8.1 Pro (X64) (2014-02-10 20:45:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1492992966-3316130111-433737794-500 - Administrator - Disabled)
Gast (S-1-5-21-1492992966-3316130111-433737794-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1492992966-3316130111-433737794-1003 - Limited - Enabled)
Kevin (S-1-5-21-1492992966-3316130111-433737794-1001 - Administrator - Enabled) => C:\Users\Kevin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 5.8.2 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Dropbox (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
DVDStyler v2.9.2 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free WMV To AVI Converter (HKLM-x32\...\{BD0BF269-9706-47B4-BBA8-312B8F9F9AF7}) (Version: 1.0.0 - convertaudiofree)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{F4721C9E-74D6-11E4-9122-F04DA23A5C58}) (Version: 13.0.943 - Sony)
Mozilla Firefox 41.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 de)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ACHTUNG
Nero 2015 (HKLM-x32\...\{EF09AC51-1657-4A06-9449-B2BF1C4FB608}) (Version: 16.0.05500 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
oCam Version 113.0 (HKLM-x32\...\oCam_is1) (Version: 113.0 - hxxp://ohsoft.net/)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version:  - Roccat GmbH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.507 - RStudio)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPER © v2015.build.64+Recorder (2015/02/13) Version v2015.buil (HKLM-x32\...\{8E2A29E2-96BF-8759-4DA7-5C16C90729A4}_is1) (Version: v2015.build.64+Recorder - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

08-09-2015 12:22:03 Geplanter Prüfpunkt
17-09-2015 18:35:36 Geplanter Prüfpunkt
22-09-2015 12:21:53 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0671F014-D86F-44FA-A8B8-0F57C7CC68AF} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {06F516CB-8C29-4053-BD09-74E2EA832C3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {241EE14B-EA5D-41A6-AEB6-F9FDA8E02D55} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {3DC8A1A8-C2D1-45BD-9EE9-FCB61C080A6E} - System32\Tasks\{0992D23C-F9E9-495D-A6AF-081E17A2973A} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.85.102/de/abandoninstall?page=tsPlugin
Task: {698527B6-C986-4282-B27D-DB34D6CC1BB4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {81CA75FD-BC27-40FE-B6A0-4C16D3A47B9C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {8F6CABAF-0120-4DDD-8051-F7A8A6BD4017} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {AC1477E9-FBD1-44D9-9A52-E86826A2650D} - System32\Tasks\{AB3DE272-CE1D-4BD0-9A9B-454C35CDABB5} => pcalua.exe -a C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe -c -maintain plugin
Task: {B2C2AD02-605B-440F-8139-AA6B96924282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {DFF0DAA7-EE66-42C6-A46A-B4DC7875A506} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E5D8A30C-F33E-4645-ADB9-41CDD5987CC9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {E667C826-B782-4CD8-8F28-1F48B1FCEB64} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core.job => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA.job => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-27 14:34 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 21:42 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-28 20:29 - 2014-07-28 20:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 20:32 - 2014-07-28 20:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 20:29 - 2014-07-28 20:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 20:31 - 2014-07-28 20:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-20 16:09 - 2015-07-20 16:09 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 16:09 - 2015-07-20 16:09 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-09 12:37 - 2015-09-09 12:37 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15090900\algo.dll
2015-09-24 12:45 - 2015-09-24 12:45 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15092400\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-20 16:09 - 2015-07-20 16:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-17 15:22 - 2012-10-01 19:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2015-07-24 14:34 - 2015-07-24 14:34 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-11 21:42 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-09-24 12:37 - 2015-09-24 12:37 - 00071168 _____ () c:\users\kevin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplwa6tg.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Kevin\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Kevin\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 14:36 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Kevin\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Kevin\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-09-24 14:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-24 14:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-24 14:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-24 14:36 - 2014-04-25 14:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
2015-09-24 14:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-24 14:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A56C17D7-7A4A-48EB-80AB-82A6CEEA8711}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{48395351-D0CE-48F0-BB51-EA51427158AC}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A3082BB3-E7E5-44FF-B792-2922676F55FB}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F8813CC2-9ED2-4CF2-B9E5-1E027389B21F}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{570BFA21-8566-4F03-8114-54A90AE8CAB1}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A6CAA5BB-1475-4244-A13C-CC2A9FFF002D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{290CAF5F-C38B-4BCD-AEF3-C019A27E2595}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6141FBC7-52E9-4D2B-882B-029923906BB7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9794FD7D-B872-4604-A9E4-56AC94BFCFA2}] => (Allow) LPort=57440
FirewallRules: [{5B569F74-8FAE-4E1F-AE8F-355DFEF5ADE5}] => (Allow) LPort=57440
FirewallRules: [{E944012C-033B-44F5-9FB1-8E41693E8161}] => (Allow) LPort=57440
FirewallRules: [{C9BC9DFB-1B1B-455C-AACC-92A632AC1C51}] => (Allow) LPort=57440
FirewallRules: [{547EBF6F-BD83-4DFA-849C-06ECEF17C9A0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{1149F740-E408-4CF0-9AA5-9154E3147DAD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4CA9BB51-FF2A-4889-8FBC-3E801D5AB60F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E71D33C2-0442-44CF-89FE-FFB6626474A3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{3BE480E0-30B6-4732-AEC6-0805EFFFBAB3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{DE66F2CE-1C0E-4FAF-ABBD-DB4DEA357A9F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22B30ACE-F951-449E-A2A6-AD5C66E9C792}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B8989E5-E2F1-4A3A-B3DF-45B4B41CFBFC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28A235A4-2995-469F-99A8-62DEC2B51629}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5817332A-3BCA-497F-A67D-75BB74E385ED}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{8145860C-C6F8-4A05-91D2-EDDC78718506}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4EA8084-888E-43D3-BF9C-23ACCC7C02A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9AB3EFA8-4817-4E4A-A623-6B4F07A93FFA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{58F788A8-0A94-4BCD-9C2F-EC040B760245}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BC06300D-29B0-4525-9C34-B6DF794D7457}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{15C19EEA-1597-43D0-A383-59125F4994DB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F7E9FAC0-717B-4ED4-927C-9DE7C9D9324B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7866B067-E218-48D8-809A-D00D35BBF08A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{BBE35BA8-9236-4C3A-BDA6-A35852601B83}] => (Allow) C:\Users\Kevin\AppData\Local\Temp\nst3ACD.tmp\CnetInstaller-75925889.exe
FirewallRules: [{261FB67B-3ABF-457D-9467-F4CD1381D0E9}] => (Allow) C:\Users\Kevin\AppData\Local\Temp\nst3ACD.tmp\CnetInstaller-75925889.exe
FirewallRules: [{33F37DB0-7095-41BB-BDF4-908BF4ACC1BD}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{090D8899-F08C-41B4-89B5-3A2069E867C8}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D68EA79A-741A-471F-8AA3-EF944218ECA7}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{229386DE-B35C-436B-BA47-25D1BAA5DE19}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F99C01E9-46CD-41C3-8F3E-B21980EBBA3E}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{946FC60A-826B-4C90-A4B8-CEA2CAAEAFE9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{C326A50D-97D9-4F10-B9FA-FDFE0BBF7B7F}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{37A9D14C-3DA3-4661-A9C0-A9D127A1D198}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{3FCC3024-0D66-4120-978E-6A9B05F58E37}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{26604382-F48D-4A7B-805D-CEB27CF43E5E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4D51B343-E850-4E87-A5E9-CF2C6859CC83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2015 12:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:35:04.432]: [00004876]: Initialize TwdsMain Class failed!

Error: (09/18/2015 12:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:35:04.431]: [00004876]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/18/2015 12:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:35:04.367]: [00004876]: Initialize TwdsMain Class failed!

Error: (09/18/2015 12:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:35:04.366]: [00004876]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/18/2015 12:33:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CTLCN BrtCTLCN: [2015/09/18 12:33:12.245]: [00004876]: brccFCtl.dll: ### ERROR ### Brother OCR not installed

Error: (09/18/2015 12:32:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:32:52.997]: [00004876]: Initialize TwdsMain Class failed!

Error: (09/18/2015 12:32:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:32:52.996]: [00004876]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/18/2015 12:32:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:32:52.265]: [00004876]: Initialize TwdsMain Class failed!

Error: (09/18/2015 12:32:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/18 12:32:52.264]: [00004876]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (09/17/2015 07:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1093


Systemfehler:
=============
Error: (09/24/2015 11:35:32 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/24/2015 11:35:02 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/23/2015 05:16:34 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{4b91b736-928d-11e3-824b-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A3F48ABE-C20F-4312-AF3B-843DB753F49B}

Error: (09/23/2015 05:04:11 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/23/2015 05:03:41 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/22/2015 04:41:09 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/22/2015 04:40:39 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/21/2015 11:13:15 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/21/2015 11:12:45 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/21/2015 10:30:46 AM) (Source: DCOM) (EventID: 10010) (User: Kevin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
  Date: 2014-11-23 22:37:26.577
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:26.317
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:26.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.819
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.453
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8102.69 MB
Verfügbarer physikalischer RAM: 5257.21 MB
Summe virtueller Speicher: 9382.69 MB
Verfügbarer virtueller Speicher: 6172.52 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:195.35 GB) (Free:83.59 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:245.41 GB) (Free:234.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DB144593)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=195.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=245.4 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Alt 24.09.2015, 15:59   #2
Identity
 
Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



Code:
ATTFilter
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-24 15:48:09
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000032 ST500LM012_HN-M500MBB rev.2AR10001 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Kevin\AppData\Local\Temp\aglcqpod.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                                  00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                         00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                           00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                          00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                           00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                  00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                                    00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                            00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                       00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                     00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                         00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                                   00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!CreateWindowExW                                            00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!CreateWindowExW + 2                                        00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                        00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                                 00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                                   00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                        00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                    00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2                                00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Windows\system32\dwm.exe[940] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                      00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation    00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW           00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW             00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW            00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA             00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx    00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW      00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNELBASE.dll!FreeLibrary              00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW         00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW       00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW           00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW     00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\SYSTEM32\combase.dll!CoCreateInstance            00007ffdc8c9d050 7 bytes JMP 00007ffec7f30500
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\SYSTEM32\combase.dll!CoSetProxyBlanket           00007ffdc8ccb170 5 bytes JMP 00007ffec7f30538
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!CreateWindowExW              00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!CreateWindowExW + 2          00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW          00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo   00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW     00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA          00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList      00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2  00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1020] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo        00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                          00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                 00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                   00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                  00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                   00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                          00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                            00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                    00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                               00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                             00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                 00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                           00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!CreateWindowExW                                    00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!CreateWindowExW + 2                                00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!EnumDisplayDevicesW                                00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!DisplayConfigGetDeviceInfo                         00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!ChangeDisplaySettingsExW                           00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\SYSTEM32\user32.dll!EnumDisplayDevicesA                                00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                            00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2                        00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Windows\system32\taskhostex.exe[3380] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                              00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation      00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW             00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW               00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW              00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA               00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx      00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW        00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW           00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW         00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW             00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW       00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!CreateWindowExW                00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!CreateWindowExW + 2            00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW            00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo     00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW       00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA            00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList        00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2    00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4032] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo          00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                            00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                   00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                     00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                    00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                     00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                            00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                              00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                      00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                 00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                               00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                   00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                             00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!CreateWindowExW                                      00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!CreateWindowExW + 2                                  00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                  00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                           00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                             00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                  00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                              00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2                          00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\SYSTEM32\combase.dll!CoCreateInstance                                    00007ffdc8c9d050 7 bytes JMP 00007ffec7f30500
.text   C:\Windows\System32\igfxpers.exe[3120] C:\Windows\SYSTEM32\combase.dll!CoSetProxyBlanket                                   00007ffdc8ccb170 5 bytes JMP 00007ffec7f30538
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                       00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                         00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                        00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                         00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                  00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                          00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                     00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                   00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                       00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                 00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!CreateWindowExW                          00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!CreateWindowExW + 2                      00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                      00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo               00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                 00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                      00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                  00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2              00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                    00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\SYSTEM32\combase.dll!CoCreateInstance                        00007ffdc8c9d050 7 bytes JMP 00007ffec7f30500
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[136] C:\Windows\SYSTEM32\combase.dll!CoSetProxyBlanket                       00007ffdc8ccb170 5 bytes JMP 00007ffec7f30538
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation            00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                   00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                     00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                    00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                     00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx            00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW              00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                      00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                 00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW               00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                   00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW             00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!CreateWindowExW                      00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!CreateWindowExW + 2                  00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                  00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo           00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW             00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                  00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList              00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2          00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[3588] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                       00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                              00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                               00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                       00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                         00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                 00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                            00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                          00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                              00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                        00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!CreateWindowExW                                 00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!CreateWindowExW + 2                             00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!EnumDisplayDevicesW                             00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!DisplayConfigGetDeviceInfo                      00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!ChangeDisplaySettingsExW                        00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\SYSTEM32\user32.dll!EnumDisplayDevicesA                             00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                         00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2                     00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Windows\system32\wbem\unsecapp.exe[4832] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                           00007ffdc8981750 8 bytes JMP 00007ffec7f304c8
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                             00007ffdcaa03e10 7 bytes JMP 00007ffec7f30260
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                    00007ffdcaa03e20 7 bytes JMP 00007ffec7f30298
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                      00007ffdcaab39b0 7 bytes JMP 00007ffec7f30340
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                     00007ffdcaab3ef0 7 bytes JMP 00007ffec7f302d0
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                      00007ffdcaab3fe0 7 bytes JMP 00007ffec7f30308
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                             00007ffdcaae06c0 7 bytes JMP 00007ffec7f301f0
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                               00007ffdcaae0730 7 bytes JMP 00007ffec7f30228
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                       00007ffdc7f421d0 5 bytes JMP 00007ffec7f30180
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                  00007ffdc7f429d0 7 bytes JMP 00007ffec7f300d8
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                00007ffdc7f44310 5 bytes JMP 00007ffec7f30110
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                    00007ffdc7f48d80 5 bytes JMP 00007ffec7f30148
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW                              00007ffdc7fbf0b0 5 bytes JMP 00007ffec7f301b8
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!CreateWindowExW                                       00007ffdc8ee6d90 1 byte JMP 00007ffec7f30420
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!CreateWindowExW + 2                                   00007ffdc8ee6d92 8 bytes {JMP 0xffffffffff049690}
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                   00007ffdc8ef74a0 5 bytes JMP 00007ffec7f303e8
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                            00007ffdc8ef7560 9 bytes JMP 00007ffec7f30378
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!ChangeDisplaySettingsExW                              00007ffdc8ef7730 5 bytes JMP 00007ffec7f30458
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                   00007ffdc8f06b10 5 bytes JMP 00007ffec7f303b0
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                               00007ffdc8981500 1 byte JMP 00007ffec7f30490
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2                           00007ffdc8981502 6 bytes {JMP 0xffffffffff5aef90}
.text   C:\Windows\system32\taskeng.exe[3336] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                 00007ffdc8981750 8 bytes JMP 00007ffec7f304c8

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [628:660]                                                                                    fffff960008ba2d0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                          349603340
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\742f68dcca2c                                                
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList@MRUList                                 bca
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                             1

---- EOF - GMER 2.1 ----
         
__________________


Alt 24.09.2015, 20:07   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    mystartsearch uninstall


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 24.09.2015, 22:33   #4
Identity
 
Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



Danke schon einmal

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.24.04
  rootkit: v2015.09.22.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
Kevin :: KEVIN-PC [administrator]

24.09.2015 21:55:16
mbar-log-2015-09-24 (21-55-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 371414
Time elapsed: 26 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
22:27:42.0556 0x1748  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
22:27:49.0957 0x1748  ============================================================
22:27:49.0957 0x1748  Current date / time: 2015/09/24 22:27:49.0957
22:27:49.0957 0x1748  SystemInfo:
22:27:49.0957 0x1748  
22:27:49.0957 0x1748  OS Version: 6.3.9600 ServicePack: 0.0
22:27:49.0957 0x1748  Product type: Workstation
22:27:49.0957 0x1748  ComputerName: KEVIN-PC
22:27:49.0957 0x1748  UserName: Kevin
22:27:49.0957 0x1748  Windows directory: C:\Windows
22:27:49.0957 0x1748  System windows directory: C:\Windows
22:27:49.0957 0x1748  Running under WOW64
22:27:49.0957 0x1748  Processor architecture: Intel x64
22:27:49.0957 0x1748  Number of processors: 4
22:27:49.0957 0x1748  Page size: 0x1000
22:27:49.0957 0x1748  Boot type: Normal boot
22:27:49.0957 0x1748  ============================================================
22:27:50.0912 0x1748  KLMD registered as C:\Windows\system32\drivers\10839837.sys
22:27:51.0791 0x1748  System UUID: {34194898-BA55-9CD5-3246-BAF8F3A15771}
22:27:53.0472 0x1748  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:27:53.0481 0x1748  ============================================================
22:27:53.0481 0x1748  \Device\Harddisk0\DR0:
22:27:53.0481 0x1748  MBR partitions:
22:27:53.0481 0x1748  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x186B5000
22:27:53.0503 0x1748  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8B6000, BlocksNum 0x1EACF800
22:27:53.0503 0x1748  ============================================================
22:27:53.0536 0x1748  C: <-> \Device\Harddisk0\DR0\Partition1
22:27:53.0571 0x1748  D: <-> \Device\Harddisk0\DR0\Partition2
22:27:53.0571 0x1748  ============================================================
22:27:53.0571 0x1748  Initialize success
22:27:53.0571 0x1748  ============================================================
22:28:53.0899 0x0e10  ============================================================
22:28:53.0899 0x0e10  Scan started
22:28:53.0899 0x0e10  Mode: Manual; SigCheck; TDLFS; 
22:28:53.0899 0x0e10  ============================================================
22:28:53.0899 0x0e10  KSN ping started
22:28:56.0349 0x0e10  KSN ping finished: true
22:28:59.0928 0x0e10  ================ Scan system memory ========================
22:28:59.0928 0x0e10  System memory - ok
22:28:59.0930 0x0e10  ================ Scan services =============================
22:29:00.0140 0x0e10  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
22:29:00.0310 0x0e10  1394ohci - ok
22:29:00.0346 0x0e10  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
22:29:00.0371 0x0e10  3ware - ok
22:29:00.0431 0x0e10  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:29:00.0479 0x0e10  ACPI - ok
22:29:00.0503 0x0e10  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
22:29:00.0525 0x0e10  acpiex - ok
22:29:00.0542 0x0e10  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
22:29:00.0599 0x0e10  acpipagr - ok
22:29:00.0611 0x0e10  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
22:29:00.0653 0x0e10  AcpiPmi - ok
22:29:00.0666 0x0e10  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
22:29:00.0710 0x0e10  acpitime - ok
22:29:00.0755 0x0e10  [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
22:29:00.0813 0x0e10  acsock - ok
22:29:00.0949 0x0e10  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:29:00.0972 0x0e10  AdobeARMservice - ok
22:29:01.0093 0x0e10  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:29:01.0124 0x0e10  AdobeFlashPlayerUpdateSvc - ok
22:29:01.0191 0x0e10  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
22:29:01.0251 0x0e10  ADP80XX - ok
22:29:01.0314 0x0e10  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:29:01.0398 0x0e10  AeLookupSvc - ok
22:29:01.0463 0x0e10  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
22:29:01.0515 0x0e10  AFD - ok
22:29:01.0531 0x0e10  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:29:01.0551 0x0e10  agp440 - ok
22:29:01.0589 0x0e10  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
22:29:01.0627 0x0e10  ahcache - ok
22:29:01.0664 0x0e10  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
22:29:01.0690 0x0e10  ALG - ok
22:29:01.0713 0x0e10  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
22:29:01.0739 0x0e10  AmdK8 - ok
22:29:01.0759 0x0e10  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
22:29:01.0784 0x0e10  AmdPPM - ok
22:29:01.0814 0x0e10  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:29:01.0836 0x0e10  amdsata - ok
22:29:01.0861 0x0e10  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:29:01.0894 0x0e10  amdsbs - ok
22:29:01.0911 0x0e10  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:29:01.0930 0x0e10  amdxata - ok
22:29:01.0948 0x0e10  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:29:01.0975 0x0e10  AppID - ok
22:29:02.0012 0x0e10  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:29:02.0038 0x0e10  AppIDSvc - ok
22:29:02.0081 0x0e10  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
22:29:02.0111 0x0e10  Appinfo - ok
22:29:02.0183 0x0e10  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:29:02.0216 0x0e10  Apple Mobile Device - ok
22:29:02.0275 0x0e10  [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:29:02.0349 0x0e10  AppMgmt - ok
22:29:02.0391 0x0e10  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
22:29:02.0422 0x0e10  AppReadiness - ok
22:29:02.0548 0x0e10  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
22:29:02.0703 0x0e10  AppXSvc - ok
22:29:02.0752 0x0e10  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:29:02.0795 0x0e10  arcsas - ok
22:29:02.0829 0x0e10  [ 25863B5A3AC02DD35063D77C1F1415FF, F3F61F83CCF78F2FB3CD3DC66C28C1BE4D6D6F3C7440B6E5F7EEAC3739DB80DD ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
22:29:02.0860 0x0e10  aswHwid - ok
22:29:02.0876 0x0e10  [ 2894AC8C6159201940C8CD5B33CC5203, 4717301395100BD71B49451109AA29A58F702AF1E24C816CE5CC4320B6F3CA67 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
22:29:02.0908 0x0e10  aswMonFlt - ok
22:29:02.0925 0x0e10  [ C384DC3DDF65F3E011DFBDFDB500F89A, 0B15E09AE0DA51000B2AAF5DE6C5BBD7EBE4EB1DACB680A159AD9369CDA6D7D1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
22:29:02.0966 0x0e10  aswRdr - ok
22:29:02.0985 0x0e10  [ 7F5ADFD9CA8EF06D020273B81BFFD731, 04A47F26DA3E507D9C984D7C737EC29B04AA88F68222FB4538BEA80D4D07D7FB ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
22:29:03.0015 0x0e10  aswRvrt - ok
22:29:03.0118 0x0e10  [ 441FF83841FEF24969A28B6971C061D5, 2183810CC9F1113B6A1795BF604183555174EBE5E0384182432DFBCB19CDB157 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
22:29:03.0209 0x0e10  aswSnx - ok
22:29:03.0236 0x0e10  [ 13E75FA8BF6403DC0F4248C648234D20, 70A3E176CEA71F961032DD65E8431A049C087A910C3470637759F78F7374C09E ] aswSP           C:\Windows\system32\drivers\aswSP.sys
22:29:03.0270 0x0e10  aswSP - ok
22:29:03.0307 0x0e10  [ 82F2525A22A380AA977428490AA849E3, 457F3D58B23BB61ED1BFA84B4CB2E12EE54C4BA7F9286F952E6632477EE9B548 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
22:29:03.0320 0x0e10  aswStm - ok
22:29:03.0357 0x0e10  [ 2F3F0B08EBF741FE22745BECC794CE34, 969C12129C9C9981BF20656057C05290E050B410E4ECF8405C020F9A23728099 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
22:29:03.0374 0x0e10  aswVmm - ok
22:29:03.0394 0x0e10  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:29:03.0406 0x0e10  atapi - ok
22:29:03.0439 0x0e10  [ 51B7849747A0582096A41A366454E88E, 0FB44320A676C0C67A47D1F70BD29EC6EA27B07D2BB60C8A172DD8D96A0722E6 ] AtherosSvc      C:\Windows\system32\AdminService.exe
22:29:03.0450 0x0e10  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:29:05.0811 0x0e10  Detect skipped due to KSN trusted
22:29:05.0812 0x0e10  AtherosSvc - ok
22:29:06.0059 0x0e10  [ B04BF12AEBFB5E71971B4EDA4EDFC196, BCFC79ED014F3E835957D6FD5985DF97A9F2BFD9E762594C48AB8299240FF667 ] athr            C:\Windows\system32\DRIVERS\athwnx.sys
22:29:06.0261 0x0e10  athr - ok
22:29:06.0344 0x0e10  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:29:06.0399 0x0e10  AudioEndpointBuilder - ok
22:29:06.0453 0x0e10  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:29:06.0536 0x0e10  Audiosrv - ok
22:29:06.0609 0x0e10  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:29:06.0626 0x0e10  avast! Antivirus - ok
22:29:06.0986 0x0e10  [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
22:29:07.0164 0x0e10  AvastVBoxSvc - ok
22:29:07.0206 0x0e10  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:29:07.0253 0x0e10  AxInstSV - ok
22:29:07.0327 0x0e10  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:29:07.0395 0x0e10  b06bdrv - ok
22:29:07.0426 0x0e10  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
22:29:07.0448 0x0e10  BasicDisplay - ok
22:29:07.0489 0x0e10  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
22:29:07.0513 0x0e10  BasicRender - ok
22:29:07.0534 0x0e10  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
22:29:07.0549 0x0e10  bcmfn2 - ok
22:29:07.0590 0x0e10  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
22:29:07.0630 0x0e10  BDESVC - ok
22:29:07.0652 0x0e10  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
22:29:07.0686 0x0e10  Beep - ok
22:29:07.0754 0x0e10  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
22:29:07.0873 0x0e10  BFE - ok
22:29:07.0978 0x0e10  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
22:29:08.0098 0x0e10  BITS - ok
22:29:08.0137 0x0e10  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:29:08.0156 0x0e10  Bonjour Service - ok
22:29:08.0192 0x0e10  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:29:08.0205 0x0e10  bowser - ok
22:29:08.0214 0x0e10  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:29:08.0233 0x0e10  BrokerInfrastructure - ok
22:29:08.0239 0x0e10  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
22:29:08.0254 0x0e10  Browser - ok
22:29:08.0278 0x0e10  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
22:29:08.0288 0x0e10  BrSerIb - ok
22:29:08.0304 0x0e10  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
22:29:08.0311 0x0e10  BrUsbSIb - ok
22:29:08.0350 0x0e10  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
22:29:08.0361 0x0e10  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:29:10.0706 0x0e10  Detect skipped due to KSN trusted
22:29:10.0706 0x0e10  BrYNSvc - ok
22:29:10.0794 0x0e10  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
22:29:10.0871 0x0e10  BtFilter - ok
22:29:10.0895 0x0e10  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
22:29:10.0937 0x0e10  BthAvrcpTg - ok
22:29:10.0994 0x0e10  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
22:29:11.0039 0x0e10  BthEnum - ok
22:29:11.0078 0x0e10  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
22:29:11.0128 0x0e10  BthHFEnum - ok
22:29:11.0203 0x0e10  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
22:29:11.0250 0x0e10  bthhfhid - ok
22:29:11.0297 0x0e10  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
22:29:11.0366 0x0e10  BthHFSrv - ok
22:29:11.0401 0x0e10  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
22:29:11.0444 0x0e10  BTHMODEM - ok
22:29:11.0493 0x0e10  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
22:29:11.0551 0x0e10  BthPan - ok
22:29:11.0665 0x0e10  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:29:11.0737 0x0e10  BTHPORT - ok
22:29:11.0770 0x0e10  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
22:29:11.0785 0x0e10  bthserv - ok
22:29:11.0824 0x0e10  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:29:11.0838 0x0e10  BTHUSB - ok
22:29:11.0859 0x0e10  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:29:11.0873 0x0e10  cdfs - ok
22:29:11.0892 0x0e10  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
22:29:11.0910 0x0e10  cdrom - ok
22:29:11.0939 0x0e10  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:29:11.0959 0x0e10  CertPropSvc - ok
22:29:11.0981 0x0e10  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
22:29:11.0996 0x0e10  circlass - ok
22:29:12.0048 0x0e10  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
22:29:12.0074 0x0e10  CLFS - ok
22:29:12.0107 0x0e10  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
22:29:12.0128 0x0e10  CmBatt - ok
22:29:12.0234 0x0e10  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:29:12.0290 0x0e10  CNG - ok
22:29:12.0320 0x0e10  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
22:29:12.0331 0x0e10  CompositeBus - ok
22:29:12.0334 0x0e10  COMSysApp - ok
22:29:12.0340 0x0e10  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
22:29:12.0353 0x0e10  condrv - ok
22:29:12.0437 0x0e10  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:29:12.0469 0x0e10  cphs - ok
22:29:12.0513 0x0e10  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:29:12.0544 0x0e10  CryptSvc - ok
22:29:12.0592 0x0e10  [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC             C:\Windows\system32\drivers\csc.sys
22:29:12.0633 0x0e10  CSC - ok
22:29:12.0679 0x0e10  [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService      C:\Windows\System32\cscsvc.dll
22:29:12.0733 0x0e10  CscService - ok
22:29:12.0755 0x0e10  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
22:29:12.0774 0x0e10  dam - ok
22:29:12.0834 0x0e10  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:29:12.0884 0x0e10  DcomLaunch - ok
22:29:12.0929 0x0e10  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
22:29:12.0964 0x0e10  defragsvc - ok
22:29:13.0023 0x0e10  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
22:29:13.0110 0x0e10  DeviceAssociationService - ok
22:29:13.0154 0x0e10  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
22:29:13.0194 0x0e10  DeviceInstall - ok
22:29:13.0225 0x0e10  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
22:29:13.0257 0x0e10  Dfsc - ok
22:29:13.0295 0x0e10  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
22:29:13.0321 0x0e10  dg_ssudbus - ok
22:29:13.0377 0x0e10  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:29:13.0444 0x0e10  Dhcp - ok
22:29:13.0593 0x0e10  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:29:13.0777 0x0e10  DiagTrack - ok
22:29:13.0817 0x0e10  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
22:29:13.0863 0x0e10  disk - ok
22:29:13.0889 0x0e10  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
22:29:13.0930 0x0e10  dmvsc - ok
22:29:13.0987 0x0e10  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:29:14.0054 0x0e10  Dnscache - ok
22:29:14.0100 0x0e10  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:29:14.0170 0x0e10  dot3svc - ok
22:29:14.0226 0x0e10  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
22:29:14.0293 0x0e10  DPS - ok
22:29:14.0345 0x0e10  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:29:14.0379 0x0e10  drmkaud - ok
22:29:14.0423 0x0e10  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
22:29:14.0483 0x0e10  DsmSvc - ok
22:29:14.0622 0x0e10  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:29:14.0702 0x0e10  DXGKrnl - ok
22:29:14.0737 0x0e10  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
22:29:14.0777 0x0e10  Eaphost - ok
22:29:14.0913 0x0e10  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:29:15.0022 0x0e10  ebdrv - ok
22:29:15.0099 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
22:29:15.0115 0x0e10  EFS - ok
22:29:15.0154 0x0e10  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
22:29:15.0168 0x0e10  EhStorClass - ok
22:29:15.0203 0x0e10  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:29:15.0230 0x0e10  EhStorTcgDrv - ok
22:29:15.0295 0x0e10  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
22:29:15.0344 0x0e10  ErrDev - ok
22:29:15.0426 0x0e10  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
22:29:15.0508 0x0e10  EventSystem - ok
22:29:15.0550 0x0e10  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:29:15.0623 0x0e10  exfat - ok
22:29:15.0643 0x0e10  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:29:15.0680 0x0e10  fastfat - ok
22:29:15.0747 0x0e10  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
22:29:15.0812 0x0e10  Fax - ok
22:29:15.0837 0x0e10  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
22:29:15.0865 0x0e10  fdc - ok
22:29:15.0897 0x0e10  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:29:15.0927 0x0e10  fdPHost - ok
22:29:15.0936 0x0e10  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:29:15.0968 0x0e10  FDResPub - ok
22:29:15.0992 0x0e10  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
22:29:16.0029 0x0e10  fhsvc - ok
22:29:16.0066 0x0e10  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:29:16.0095 0x0e10  FileInfo - ok
22:29:16.0117 0x0e10  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:29:16.0156 0x0e10  Filetrace - ok
22:29:16.0177 0x0e10  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
22:29:16.0205 0x0e10  flpydisk - ok
22:29:16.0242 0x0e10  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:29:16.0296 0x0e10  FltMgr - ok
22:29:16.0416 0x0e10  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
22:29:16.0551 0x0e10  FontCache - ok
22:29:16.0651 0x0e10  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:29:16.0689 0x0e10  FontCache3.0.0.0 - ok
22:29:16.0720 0x0e10  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:29:16.0756 0x0e10  FsDepends - ok
22:29:16.0784 0x0e10  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:29:16.0827 0x0e10  Fs_Rec - ok
22:29:16.0893 0x0e10  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:29:16.0936 0x0e10  fvevol - ok
22:29:16.0951 0x0e10  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
22:29:16.0965 0x0e10  FxPPM - ok
22:29:16.0978 0x0e10  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:29:16.0991 0x0e10  gagp30kx - ok
22:29:17.0022 0x0e10  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:29:17.0032 0x0e10  GEARAspiWDM - ok
22:29:17.0047 0x0e10  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
22:29:17.0060 0x0e10  gencounter - ok
22:29:17.0083 0x0e10  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
22:29:17.0100 0x0e10  GPIOClx0101 - ok
22:29:17.0189 0x0e10  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:29:17.0318 0x0e10  gpsvc - ok
22:29:17.0402 0x0e10  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:17.0428 0x0e10  gupdate - ok
22:29:17.0436 0x0e10  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:29:17.0452 0x0e10  gupdatem - ok
22:29:17.0512 0x0e10  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:29:17.0595 0x0e10  HdAudAddService - ok
22:29:17.0643 0x0e10  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
22:29:17.0687 0x0e10  HDAudBus - ok
22:29:17.0713 0x0e10  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
22:29:17.0726 0x0e10  HidBatt - ok
22:29:17.0753 0x0e10  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
22:29:17.0788 0x0e10  HidBth - ok
22:29:17.0814 0x0e10  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
22:29:17.0848 0x0e10  hidi2c - ok
22:29:17.0875 0x0e10  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
22:29:17.0909 0x0e10  HidIr - ok
22:29:17.0941 0x0e10  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
22:29:17.0977 0x0e10  hidserv - ok
22:29:18.0016 0x0e10  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
22:29:18.0055 0x0e10  HidUsb - ok
22:29:18.0088 0x0e10  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:29:18.0141 0x0e10  hkmsvc - ok
22:29:18.0186 0x0e10  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:29:18.0254 0x0e10  HomeGroupListener - ok
22:29:18.0300 0x0e10  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:29:18.0381 0x0e10  HomeGroupProvider - ok
22:29:18.0405 0x0e10  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:29:18.0442 0x0e10  HpSAMD - ok
22:29:18.0540 0x0e10  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:29:18.0618 0x0e10  HTTP - ok
22:29:18.0637 0x0e10  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:29:18.0648 0x0e10  hwpolicy - ok
22:29:18.0658 0x0e10  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
22:29:18.0672 0x0e10  hyperkbd - ok
22:29:18.0685 0x0e10  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
22:29:18.0698 0x0e10  HyperVideo - ok
22:29:18.0726 0x0e10  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
22:29:18.0744 0x0e10  i8042prt - ok
22:29:18.0763 0x0e10  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
22:29:18.0774 0x0e10  iaLPSSi_GPIO - ok
22:29:18.0788 0x0e10  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
22:29:18.0800 0x0e10  iaLPSSi_I2C - ok
22:29:18.0838 0x0e10  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
22:29:18.0866 0x0e10  iaStorAV - ok
22:29:18.0890 0x0e10  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:29:18.0915 0x0e10  iaStorV - ok
22:29:18.0919 0x0e10  IEEtwCollectorService - ok
22:29:19.0261 0x0e10  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:29:19.0422 0x0e10  igfx - ok
22:29:19.0490 0x0e10  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:29:19.0592 0x0e10  IKEEXT - ok
22:29:19.0651 0x0e10  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:29:19.0699 0x0e10  intelide - ok
22:29:19.0743 0x0e10  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
22:29:19.0772 0x0e10  intelpep - ok
22:29:19.0809 0x0e10  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
22:29:19.0846 0x0e10  intelppm - ok
22:29:19.0868 0x0e10  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:29:19.0888 0x0e10  IpFilterDriver - ok
22:29:19.0947 0x0e10  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:29:19.0992 0x0e10  iphlpsvc - ok
22:29:20.0024 0x0e10  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
22:29:20.0042 0x0e10  IPMIDRV - ok
22:29:20.0083 0x0e10  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:29:20.0122 0x0e10  IPNAT - ok
22:29:20.0220 0x0e10  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:29:20.0276 0x0e10  iPod Service - ok
22:29:20.0291 0x0e10  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:29:20.0307 0x0e10  IRENUM - ok
22:29:20.0338 0x0e10  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:29:20.0366 0x0e10  isapnp - ok
22:29:20.0414 0x0e10  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
22:29:20.0462 0x0e10  iScsiPrt - ok
22:29:20.0501 0x0e10  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
22:29:20.0532 0x0e10  kbdclass - ok
22:29:20.0572 0x0e10  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
22:29:20.0603 0x0e10  kbdhid - ok
22:29:20.0628 0x0e10  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\Windows\system32\drivers\kbldfltr.sys
22:29:20.0655 0x0e10  kbldfltr - ok
22:29:20.0671 0x0e10  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
22:29:20.0705 0x0e10  kdnic - ok
22:29:20.0724 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
22:29:20.0758 0x0e10  KeyIso - ok
22:29:20.0792 0x0e10  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:29:20.0824 0x0e10  KSecDD - ok
22:29:20.0856 0x0e10  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:29:20.0884 0x0e10  KSecPkg - ok
22:29:20.0903 0x0e10  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:29:20.0943 0x0e10  ksthunk - ok
22:29:21.0002 0x0e10  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:29:21.0072 0x0e10  KtmRm - ok
22:29:21.0119 0x0e10  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:29:21.0161 0x0e10  LanmanServer - ok
22:29:21.0207 0x0e10  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:29:21.0275 0x0e10  LanmanWorkstation - ok
22:29:21.0356 0x0e10  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
22:29:21.0428 0x0e10  lfsvc - ok
22:29:21.0467 0x0e10  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:29:21.0484 0x0e10  LGBusEnum - ok
22:29:21.0519 0x0e10  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
22:29:21.0549 0x0e10  LGSHidFilt - ok
22:29:21.0585 0x0e10  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:29:21.0610 0x0e10  LGVirHid - ok
22:29:21.0637 0x0e10  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:29:21.0688 0x0e10  lltdio - ok
22:29:21.0748 0x0e10  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:29:21.0816 0x0e10  lltdsvc - ok
22:29:21.0846 0x0e10  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:29:21.0894 0x0e10  lmhosts - ok
22:29:21.0941 0x0e10  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:29:21.0989 0x0e10  LSI_SAS - ok
22:29:22.0012 0x0e10  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:29:22.0067 0x0e10  LSI_SAS2 - ok
22:29:22.0094 0x0e10  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
22:29:22.0126 0x0e10  LSI_SAS3 - ok
22:29:22.0141 0x0e10  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
22:29:22.0157 0x0e10  LSI_SSS - ok
22:29:22.0216 0x0e10  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
22:29:22.0269 0x0e10  LSM - ok
22:29:22.0299 0x0e10  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:29:22.0336 0x0e10  luafv - ok
22:29:22.0363 0x0e10  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
22:29:22.0392 0x0e10  megasas - ok
22:29:22.0461 0x0e10  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
22:29:22.0530 0x0e10  megasr - ok
22:29:22.0555 0x0e10  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
22:29:22.0568 0x0e10  MEIx64 - ok
22:29:22.0602 0x0e10  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
22:29:22.0623 0x0e10  MMCSS - ok
22:29:22.0636 0x0e10  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
22:29:22.0657 0x0e10  Modem - ok
22:29:22.0679 0x0e10  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
22:29:22.0718 0x0e10  monitor - ok
22:29:22.0742 0x0e10  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
22:29:22.0779 0x0e10  mouclass - ok
22:29:22.0805 0x0e10  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
22:29:22.0842 0x0e10  mouhid - ok
22:29:22.0876 0x0e10  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:29:22.0899 0x0e10  mountmgr - ok
22:29:22.0944 0x0e10  [ E96D4881189E3241A80EE54EFAB02E00, 13DC3174A2A5CF20C63C3EA5E2FF4060B15B40B02CCB29B41EC7A53047B69D9F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:29:22.0992 0x0e10  MozillaMaintenance - ok
22:29:23.0029 0x0e10  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:29:23.0056 0x0e10  mpsdrv - ok
22:29:23.0126 0x0e10  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:29:23.0183 0x0e10  MpsSvc - ok
22:29:23.0227 0x0e10  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:29:23.0250 0x0e10  MRxDAV - ok
22:29:23.0320 0x0e10  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:29:23.0343 0x0e10  mrxsmb - ok
22:29:23.0407 0x0e10  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:29:23.0434 0x0e10  mrxsmb10 - ok
22:29:23.0454 0x0e10  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:29:23.0471 0x0e10  mrxsmb20 - ok
22:29:23.0503 0x0e10  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
22:29:23.0519 0x0e10  MsBridge - ok
22:29:23.0552 0x0e10  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
22:29:23.0571 0x0e10  MSDTC - ok
22:29:23.0598 0x0e10  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:29:23.0624 0x0e10  Msfs - ok
22:29:23.0642 0x0e10  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
22:29:23.0655 0x0e10  msgpiowin32 - ok
22:29:23.0690 0x0e10  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:29:23.0703 0x0e10  mshidkmdf - ok
22:29:23.0717 0x0e10  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
22:29:23.0731 0x0e10  mshidumdf - ok
22:29:23.0746 0x0e10  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:29:23.0756 0x0e10  msisadrv - ok
22:29:23.0792 0x0e10  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:29:23.0837 0x0e10  MSiSCSI - ok
22:29:23.0846 0x0e10  msiserver - ok
22:29:23.0878 0x0e10  [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
22:29:23.0916 0x0e10  MsKeyboardFilter - ok
22:29:23.0937 0x0e10  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:29:23.0968 0x0e10  MSKSSRV - ok
22:29:23.0994 0x0e10  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
22:29:24.0028 0x0e10  MsLldp - ok
22:29:24.0043 0x0e10  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:29:24.0069 0x0e10  MSPCLOCK - ok
22:29:24.0094 0x0e10  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:29:24.0125 0x0e10  MSPQM - ok
22:29:24.0175 0x0e10  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:29:24.0239 0x0e10  MsRPC - ok
22:29:24.0254 0x0e10  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
22:29:24.0275 0x0e10  mssmbios - ok
22:29:24.0294 0x0e10  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:29:24.0318 0x0e10  MSTEE - ok
22:29:24.0337 0x0e10  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
22:29:24.0360 0x0e10  MTConfig - ok
22:29:24.0369 0x0e10  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
22:29:24.0392 0x0e10  Mup - ok
22:29:24.0411 0x0e10  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
22:29:24.0432 0x0e10  mvumis - ok
22:29:24.0478 0x0e10  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
22:29:24.0526 0x0e10  napagent - ok
22:29:24.0557 0x0e10  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:29:24.0598 0x0e10  NativeWifiP - ok
22:29:24.0736 0x0e10  [ 988CDC4DAE2186F3A5ED6EE7D3E6B5CA, DB40F7705F0475FF774452E365152EBEDDC77D8ACE48419DABE02DD385C6B725 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
22:29:24.0820 0x0e10  NAUpdate - ok
22:29:24.0850 0x0e10  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
22:29:24.0910 0x0e10  NcaSvc - ok
22:29:24.0929 0x0e10  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
22:29:24.0987 0x0e10  NcbService - ok
22:29:25.0024 0x0e10  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
22:29:25.0081 0x0e10  NcdAutoSetup - ok
22:29:25.0184 0x0e10  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:29:25.0269 0x0e10  NDIS - ok
22:29:25.0308 0x0e10  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:29:25.0326 0x0e10  NdisCap - ok
22:29:25.0340 0x0e10  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:29:25.0360 0x0e10  NdisImPlatform - ok
22:29:25.0396 0x0e10  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:29:25.0418 0x0e10  NdisTapi - ok
22:29:25.0455 0x0e10  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:29:25.0497 0x0e10  Ndisuio - ok
22:29:25.0509 0x0e10  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
22:29:25.0556 0x0e10  NdisVirtualBus - ok
22:29:25.0597 0x0e10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:29:25.0660 0x0e10  NdisWan - ok
22:29:25.0683 0x0e10  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
22:29:25.0742 0x0e10  NdisWanLegacy - ok
22:29:25.0764 0x0e10  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:29:25.0816 0x0e10  NDProxy - ok
22:29:25.0856 0x0e10  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
22:29:25.0900 0x0e10  Ndu - ok
22:29:25.0914 0x0e10  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:29:25.0954 0x0e10  NetBIOS - ok
22:29:25.0997 0x0e10  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:29:26.0047 0x0e10  NetBT - ok
22:29:26.0070 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
22:29:26.0094 0x0e10  Netlogon - ok
22:29:26.0119 0x0e10  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
22:29:26.0142 0x0e10  Netman - ok
22:29:26.0192 0x0e10  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
22:29:26.0224 0x0e10  netprofm - ok
22:29:26.0272 0x0e10  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:29:26.0287 0x0e10  NetTcpPortSharing - ok
22:29:26.0317 0x0e10  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
22:29:26.0332 0x0e10  netvsc - ok
22:29:26.0365 0x0e10  [ 531ABFAFAE0AFA2F3E9BBB2C08477ED1, 434C4DAE4BD03F61174CD71F41FF7927769F045ECF841550C29E4E055675423E ] ngvss           C:\Windows\system32\drivers\ngvss.sys
22:29:26.0399 0x0e10  ngvss - ok
22:29:26.0453 0x0e10  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:29:26.0497 0x0e10  NlaSvc - ok
22:29:26.0513 0x0e10  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:29:26.0549 0x0e10  Npfs - ok
22:29:26.0561 0x0e10  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
22:29:26.0599 0x0e10  npsvctrig - ok
22:29:26.0638 0x0e10  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
22:29:26.0678 0x0e10  nsi - ok
22:29:26.0698 0x0e10  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:29:26.0721 0x0e10  nsiproxy - ok
22:29:26.0858 0x0e10  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:29:26.0953 0x0e10  Ntfs - ok
22:29:26.0982 0x0e10  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
22:29:26.0994 0x0e10  Null - ok
22:29:27.0471 0x0e10  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:29:28.0007 0x0e10  nvlddmkm - ok
22:29:28.0171 0x0e10  [ D6310F79E51D1F997E964E81DD368AEA, 27D0159F45C712C6165FDB9F40823438225555E71BB01E3B55F5B5D7BE15D389 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
22:29:28.0254 0x0e10  NvNetworkService - ok
22:29:28.0283 0x0e10  [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
22:29:28.0307 0x0e10  nvpciflt - ok
22:29:28.0347 0x0e10  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:29:28.0394 0x0e10  nvraid - ok
22:29:28.0435 0x0e10  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:29:28.0476 0x0e10  nvstor - ok
22:29:28.0539 0x0e10  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:29:28.0582 0x0e10  nvsvc - ok
22:29:28.0605 0x0e10  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
22:29:28.0616 0x0e10  nvvad_WaveExtensible - ok
22:29:28.0651 0x0e10  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:29:28.0702 0x0e10  nv_agp - ok
22:29:28.0773 0x0e10  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:29:28.0809 0x0e10  ose - ok
22:29:29.0114 0x0e10  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:29:29.0334 0x0e10  osppsvc - ok
22:29:29.0390 0x0e10  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:29:29.0439 0x0e10  p2pimsvc - ok
22:29:29.0480 0x0e10  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
22:29:29.0527 0x0e10  p2psvc - ok
22:29:29.0558 0x0e10  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
22:29:29.0576 0x0e10  Parport - ok
22:29:29.0594 0x0e10  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:29:29.0611 0x0e10  partmgr - ok
22:29:29.0678 0x0e10  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:29:29.0734 0x0e10  PcaSvc - ok
22:29:29.0768 0x0e10  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
22:29:29.0803 0x0e10  pci - ok
22:29:29.0820 0x0e10  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:29:29.0839 0x0e10  pciide - ok
22:29:29.0865 0x0e10  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:29:29.0891 0x0e10  pcmcia - ok
22:29:29.0921 0x0e10  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:29:29.0957 0x0e10  pcw - ok
22:29:30.0009 0x0e10  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
22:29:30.0049 0x0e10  pdc - ok
22:29:30.0130 0x0e10  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:29:30.0200 0x0e10  PEAUTH - ok
22:29:30.0350 0x0e10  [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:29:30.0505 0x0e10  PeerDistSvc - ok
22:29:30.0596 0x0e10  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:29:30.0630 0x0e10  PerfHost - ok
22:29:30.0745 0x0e10  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
22:29:30.0897 0x0e10  pla - ok
22:29:30.0934 0x0e10  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:29:30.0973 0x0e10  PlugPlay - ok
22:29:30.0997 0x0e10  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:29:31.0045 0x0e10  PNRPAutoReg - ok
22:29:31.0085 0x0e10  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:29:31.0127 0x0e10  PNRPsvc - ok
22:29:31.0172 0x0e10  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:29:31.0215 0x0e10  PolicyAgent - ok
22:29:31.0274 0x0e10  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
22:29:31.0485 0x0e10  Power - ok
22:29:31.0708 0x0e10  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
22:29:31.0888 0x0e10  PrintNotify - ok
22:29:31.0918 0x0e10  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
22:29:31.0932 0x0e10  Processor - ok
22:29:31.0963 0x0e10  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:29:31.0983 0x0e10  ProfSvc - ok
22:29:32.0018 0x0e10  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:29:32.0033 0x0e10  Psched - ok
22:29:32.0064 0x0e10  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\drivers\PxHlpa64.sys
22:29:32.0073 0x0e10  PxHlpa64 - ok
22:29:32.0095 0x0e10  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
22:29:32.0117 0x0e10  QWAVE - ok
22:29:32.0137 0x0e10  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:29:32.0151 0x0e10  QWAVEdrv - ok
22:29:32.0181 0x0e10  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:29:32.0201 0x0e10  RasAcd - ok
22:29:32.0228 0x0e10  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
22:29:32.0267 0x0e10  RasAuto - ok
22:29:32.0310 0x0e10  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
22:29:32.0352 0x0e10  RasMan - ok
22:29:32.0388 0x0e10  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:29:32.0404 0x0e10  RasPppoe - ok
22:29:32.0438 0x0e10  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:29:32.0460 0x0e10  rdbss - ok
22:29:32.0471 0x0e10  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
22:29:32.0482 0x0e10  rdpbus - ok
22:29:32.0504 0x0e10  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:29:32.0525 0x0e10  RDPDR - ok
22:29:32.0571 0x0e10  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:29:32.0608 0x0e10  RdpVideoMiniport - ok
22:29:32.0670 0x0e10  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:29:32.0728 0x0e10  rdyboost - ok
22:29:32.0823 0x0e10  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
22:29:32.0893 0x0e10  ReFS - ok
22:29:32.0927 0x0e10  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:29:32.0982 0x0e10  RemoteAccess - ok
22:29:33.0029 0x0e10  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:29:33.0089 0x0e10  RemoteRegistry - ok
22:29:33.0148 0x0e10  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
22:29:33.0199 0x0e10  RFCOMM - ok
22:29:33.0242 0x0e10  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:29:33.0298 0x0e10  RpcEptMapper - ok
22:29:33.0316 0x0e10  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
22:29:33.0367 0x0e10  RpcLocator - ok
22:29:33.0461 0x0e10  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
22:29:33.0571 0x0e10  RpcSs - ok
22:29:33.0596 0x0e10  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:29:33.0653 0x0e10  rspndr - ok
22:29:33.0722 0x0e10  [ E57FAC2CDB73F06586ED2ED310B80932, 9BFC866E8AF555810127D1B95D1950BAC645C2553A46620417F6BA19FF5706B7 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
22:29:33.0771 0x0e10  RSUSBVSTOR - ok
22:29:33.0864 0x0e10  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
22:29:33.0954 0x0e10  RTL8168 - ok
22:29:33.0997 0x0e10  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
22:29:34.0035 0x0e10  s3cap - ok
22:29:34.0070 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
22:29:34.0113 0x0e10  SamSs - ok
22:29:34.0181 0x0e10  [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
22:29:34.0223 0x0e10  SbieDrv - ok
22:29:34.0251 0x0e10  [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
22:29:34.0290 0x0e10  SbieSvc - ok
22:29:34.0321 0x0e10  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:29:34.0346 0x0e10  sbp2port - ok
22:29:34.0377 0x0e10  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:29:34.0417 0x0e10  SCardSvr - ok
22:29:34.0443 0x0e10  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
22:29:34.0479 0x0e10  ScDeviceEnum - ok
22:29:34.0496 0x0e10  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:29:34.0520 0x0e10  scfilter - ok
22:29:34.0596 0x0e10  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
22:29:34.0650 0x0e10  Schedule - ok
22:29:34.0692 0x0e10  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:29:34.0712 0x0e10  SCPolicySvc - ok
22:29:34.0774 0x0e10  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
22:29:34.0817 0x0e10  sdbus - ok
22:29:35.0062 0x0e10  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:29:35.0149 0x0e10  SDScannerService - ok
22:29:35.0181 0x0e10  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
22:29:35.0204 0x0e10  sdstor - ok
22:29:35.0301 0x0e10  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:29:35.0353 0x0e10  SDUpdateService - ok
22:29:35.0391 0x0e10  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:29:35.0404 0x0e10  SDWSCService - ok
22:29:35.0434 0x0e10  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:29:35.0488 0x0e10  secdrv - ok
22:29:35.0526 0x0e10  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
22:29:35.0570 0x0e10  seclogon - ok
22:29:35.0608 0x0e10  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
22:29:35.0668 0x0e10  SENS - ok
22:29:35.0726 0x0e10  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:29:35.0791 0x0e10  SensrSvc - ok
22:29:35.0815 0x0e10  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
22:29:35.0837 0x0e10  SerCx - ok
22:29:35.0869 0x0e10  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
22:29:35.0895 0x0e10  SerCx2 - ok
22:29:35.0916 0x0e10  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
22:29:35.0939 0x0e10  Serenum - ok
22:29:35.0962 0x0e10  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
22:29:35.0983 0x0e10  Serial - ok
22:29:36.0011 0x0e10  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
22:29:36.0026 0x0e10  sermouse - ok
22:29:36.0071 0x0e10  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
22:29:36.0098 0x0e10  SessionEnv - ok
22:29:36.0114 0x0e10  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
22:29:36.0128 0x0e10  sfloppy - ok
22:29:36.0175 0x0e10  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:29:36.0204 0x0e10  SharedAccess - ok
22:29:36.0250 0x0e10  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:29:36.0289 0x0e10  ShellHWDetection - ok
22:29:36.0314 0x0e10  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:29:36.0329 0x0e10  SiSRaid2 - ok
22:29:36.0342 0x0e10  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:29:36.0355 0x0e10  SiSRaid4 - ok
22:29:36.0410 0x0e10  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:29:36.0458 0x0e10  SkypeUpdate - ok
22:29:36.0492 0x0e10  [ AAAFE0A885F12E66775F2E9537E283F0, CD83759C4C3AB7DE3A806187DA6CBE39D48E4EFB8120695C819B6146D52B4CB4 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:29:36.0517 0x0e10  SmbDrvI - ok
22:29:36.0563 0x0e10  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
22:29:36.0610 0x0e10  smphost - ok
22:29:36.0650 0x0e10  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:29:36.0702 0x0e10  SNMPTRAP - ok
22:29:36.0763 0x0e10  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
22:29:36.0807 0x0e10  spaceport - ok
22:29:36.0837 0x0e10  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
22:29:36.0867 0x0e10  SpbCx - ok
22:29:36.0951 0x0e10  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
22:29:37.0021 0x0e10  Spooler - ok
22:29:37.0316 0x0e10  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
22:29:37.0508 0x0e10  sppsvc - ok
22:29:37.0640 0x0e10  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:29:37.0715 0x0e10  srv - ok
22:29:37.0796 0x0e10  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:29:37.0840 0x0e10  srv2 - ok
22:29:37.0881 0x0e10  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:29:37.0901 0x0e10  srvnet - ok
22:29:37.0960 0x0e10  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:29:38.0029 0x0e10  SSDPSRV - ok
22:29:38.0083 0x0e10  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:29:38.0143 0x0e10  SstpSvc - ok
22:29:38.0182 0x0e10  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
22:29:38.0220 0x0e10  ssudmdm - ok
22:29:38.0241 0x0e10  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:29:38.0260 0x0e10  stexstor - ok
22:29:38.0280 0x0e10  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\System32\drivers\serscan.sys
22:29:38.0302 0x0e10  StillCam - ok
22:29:38.0386 0x0e10  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
22:29:38.0453 0x0e10  stisvc - ok
22:29:38.0488 0x0e10  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
22:29:38.0529 0x0e10  storahci - ok
22:29:38.0560 0x0e10  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:29:38.0594 0x0e10  storflt - ok
22:29:38.0635 0x0e10  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
22:29:38.0673 0x0e10  stornvme - ok
22:29:38.0705 0x0e10  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
22:29:38.0780 0x0e10  StorSvc - ok
22:29:38.0802 0x0e10  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:29:38.0837 0x0e10  storvsc - ok
22:29:38.0868 0x0e10  [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp         C:\Windows\System32\drivers\storvsp.sys
22:29:38.0928 0x0e10  storvsp - ok
22:29:38.0954 0x0e10  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
22:29:39.0003 0x0e10  svsvc - ok
22:29:39.0035 0x0e10  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
22:29:39.0068 0x0e10  swenum - ok
22:29:39.0150 0x0e10  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
22:29:39.0259 0x0e10  swprv - ok
22:29:39.0329 0x0e10  [ 5385DA405FDAAB0BD2AF0B24723FBA46, 0C50CC3F2D97E2087EF477948DF8CBC41662835F6CC222D66A8E3F9EE4168DD1 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:29:39.0364 0x0e10  SynTP - ok
22:29:39.0468 0x0e10  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
22:29:39.0610 0x0e10  SysMain - ok
22:29:39.0671 0x0e10  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:29:39.0730 0x0e10  SystemEventsBroker - ok
22:29:39.0771 0x0e10  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:29:39.0820 0x0e10  TabletInputService - ok
22:29:39.0879 0x0e10  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:29:39.0964 0x0e10  TapiSrv - ok
22:29:40.0068 0x0e10  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:29:40.0153 0x0e10  Tcpip - ok
22:29:40.0222 0x0e10  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:29:40.0300 0x0e10  TCPIP6 - ok
22:29:40.0331 0x0e10  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:29:40.0346 0x0e10  tcpipreg - ok
22:29:40.0373 0x0e10  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:29:40.0406 0x0e10  tdx - ok
22:29:40.0425 0x0e10  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
22:29:40.0449 0x0e10  terminpt - ok
22:29:40.0542 0x0e10  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
22:29:40.0665 0x0e10  TermService - ok
22:29:40.0696 0x0e10  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
22:29:40.0749 0x0e10  Themes - ok
22:29:40.0786 0x0e10  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:29:40.0838 0x0e10  THREADORDER - ok
22:29:40.0876 0x0e10  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
22:29:40.0943 0x0e10  TimeBroker - ok
22:29:40.0998 0x0e10  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
22:29:41.0043 0x0e10  TPM - ok
22:29:41.0085 0x0e10  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
22:29:41.0118 0x0e10  TrkWks - ok
22:29:41.0144 0x0e10  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:29:41.0170 0x0e10  TrustedInstaller - ok
22:29:41.0190 0x0e10  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:29:41.0213 0x0e10  TsUsbFlt - ok
22:29:41.0241 0x0e10  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
22:29:41.0271 0x0e10  TsUsbGD - ok
22:29:41.0300 0x0e10  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:29:41.0332 0x0e10  tunnel - ok
22:29:41.0357 0x0e10  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:29:41.0379 0x0e10  uagp35 - ok
22:29:41.0399 0x0e10  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
22:29:41.0423 0x0e10  UASPStor - ok
22:29:41.0445 0x0e10  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
22:29:41.0463 0x0e10  UCX01000 - ok
22:29:41.0515 0x0e10  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:29:41.0580 0x0e10  udfs - ok
22:29:41.0600 0x0e10  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
22:29:41.0621 0x0e10  UEFI - ok
22:29:41.0660 0x0e10  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:29:41.0708 0x0e10  UI0Detect - ok
22:29:41.0731 0x0e10  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:29:41.0770 0x0e10  uliagpkx - ok
22:29:41.0797 0x0e10  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
22:29:41.0839 0x0e10  umbus - ok
22:29:41.0863 0x0e10  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
22:29:41.0904 0x0e10  UmPass - ok
22:29:41.0960 0x0e10  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:29:42.0017 0x0e10  UmRdpService - ok
22:29:42.0068 0x0e10  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
22:29:42.0156 0x0e10  upnphost - ok
22:29:42.0195 0x0e10  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
22:29:42.0246 0x0e10  USBAAPL64 - ok
22:29:42.0295 0x0e10  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
22:29:42.0342 0x0e10  usbccgp - ok
22:29:42.0384 0x0e10  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
22:29:42.0436 0x0e10  usbcir - ok
22:29:42.0486 0x0e10  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
22:29:42.0535 0x0e10  usbehci - ok
22:29:42.0567 0x0e10  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
22:29:42.0597 0x0e10  usbhub - ok
22:29:42.0658 0x0e10  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
22:29:42.0708 0x0e10  USBHUB3 - ok
22:29:42.0754 0x0e10  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
22:29:42.0796 0x0e10  usbohci - ok
22:29:42.0810 0x0e10  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
22:29:42.0842 0x0e10  usbprint - ok
22:29:42.0883 0x0e10  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
22:29:42.0915 0x0e10  usbscan - ok
22:29:42.0954 0x0e10  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
22:29:42.0981 0x0e10  USBSTOR - ok
22:29:43.0011 0x0e10  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
22:29:43.0035 0x0e10  usbuhci - ok
22:29:43.0069 0x0e10  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:29:43.0101 0x0e10  usbvideo - ok
22:29:43.0157 0x0e10  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
22:29:43.0195 0x0e10  USBXHCI - ok
22:29:43.0210 0x0e10  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
22:29:43.0233 0x0e10  VaultSvc - ok
22:29:43.0365 0x0e10  [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
22:29:43.0411 0x0e10  VBoxAswDrv - ok
22:29:43.0438 0x0e10  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:29:43.0458 0x0e10  vdrvroot - ok
22:29:43.0544 0x0e10  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
22:29:43.0600 0x0e10  vds - ok
22:29:43.0627 0x0e10  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
22:29:43.0641 0x0e10  VerifierExt - ok
22:29:43.0711 0x0e10  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
22:29:43.0773 0x0e10  vhdmp - ok
22:29:43.0797 0x0e10  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:29:43.0820 0x0e10  viaide - ok
22:29:43.0862 0x0e10  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\Windows\System32\drivers\Vid.sys
22:29:43.0917 0x0e10  Vid - ok
22:29:43.0955 0x0e10  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:29:43.0999 0x0e10  vmbus - ok
22:29:44.0015 0x0e10  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
22:29:44.0037 0x0e10  VMBusHID - ok
22:29:44.0058 0x0e10  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
22:29:44.0084 0x0e10  vmbusr - ok
22:29:44.0143 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
22:29:44.0191 0x0e10  vmicguestinterface - ok
22:29:44.0208 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
22:29:44.0235 0x0e10  vmicheartbeat - ok
22:29:44.0251 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:29:44.0278 0x0e10  vmickvpexchange - ok
22:29:44.0295 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
22:29:44.0322 0x0e10  vmicrdv - ok
22:29:44.0339 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
22:29:44.0366 0x0e10  vmicshutdown - ok
22:29:44.0381 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
22:29:44.0405 0x0e10  vmictimesync - ok
22:29:44.0420 0x0e10  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
22:29:44.0443 0x0e10  vmicvss - ok
22:29:44.0460 0x0e10  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:29:44.0472 0x0e10  volmgr - ok
22:29:44.0484 0x0e10  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:29:44.0505 0x0e10  volmgrx - ok
22:29:44.0541 0x0e10  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:29:44.0560 0x0e10  volsnap - ok
22:29:44.0566 0x0e10  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
22:29:44.0578 0x0e10  vpci - ok
22:29:44.0598 0x0e10  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
22:29:44.0611 0x0e10  vpcivsp - ok
22:29:44.0648 0x0e10  [ 05F1897706AA0C9F7336C0DC20E46B5B, 6F567997EC2C97922DB69F3A02F7A5443614312C37BC9F689FAB5B4661A9A29C ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
22:29:44.0667 0x0e10  vpnagent - ok
22:29:44.0695 0x0e10  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
22:29:44.0716 0x0e10  vpnva - ok
22:29:44.0739 0x0e10  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:29:44.0763 0x0e10  vsmraid - ok
22:29:44.0898 0x0e10  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
22:29:45.0035 0x0e10  VSS - ok
22:29:45.0068 0x0e10  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
22:29:45.0102 0x0e10  VSTXRAID - ok
22:29:45.0135 0x0e10  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:29:45.0168 0x0e10  vwifibus - ok
22:29:45.0212 0x0e10  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:29:45.0254 0x0e10  vwififlt - ok
22:29:45.0269 0x0e10  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:29:45.0310 0x0e10  vwifimp - ok
22:29:45.0372 0x0e10  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
22:29:45.0454 0x0e10  W32Time - ok
22:29:45.0483 0x0e10  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
22:29:45.0524 0x0e10  WacomPen - ok
22:29:45.0651 0x0e10  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
22:29:45.0740 0x0e10  wbengine - ok
22:29:45.0824 0x0e10  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:29:45.0924 0x0e10  WbioSrvc - ok
22:29:45.0961 0x0e10  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
22:29:46.0039 0x0e10  Wcmsvc - ok
22:29:46.0100 0x0e10  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:29:46.0187 0x0e10  wcncsvc - ok
22:29:46.0229 0x0e10  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:29:46.0282 0x0e10  WcsPlugInService - ok
22:29:46.0318 0x0e10  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
22:29:46.0343 0x0e10  WdBoot - ok
22:29:46.0367 0x0e10  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
22:29:46.0407 0x0e10  WDC_SAM - ok
22:29:46.0501 0x0e10  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:29:46.0585 0x0e10  Wdf01000 - ok
22:29:46.0645 0x0e10  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
22:29:46.0704 0x0e10  WdFilter - ok
22:29:46.0756 0x0e10  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:29:46.0817 0x0e10  WdiServiceHost - ok
22:29:46.0832 0x0e10  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:29:46.0892 0x0e10  WdiSystemHost - ok
22:29:46.0936 0x0e10  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
22:29:46.0979 0x0e10  WdNisDrv - ok
22:29:47.0009 0x0e10  WdNisSvc - ok
22:29:47.0062 0x0e10  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
22:29:47.0116 0x0e10  WebClient - ok
22:29:47.0155 0x0e10  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:29:47.0194 0x0e10  Wecsvc - ok
22:29:47.0220 0x0e10  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
22:29:47.0249 0x0e10  WEPHOSTSVC - ok
22:29:47.0263 0x0e10  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:29:47.0298 0x0e10  wercplsupport - ok
22:29:47.0328 0x0e10  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
22:29:47.0364 0x0e10  WerSvc - ok
22:29:47.0397 0x0e10  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
22:29:47.0423 0x0e10  WFPLWFS - ok
22:29:47.0445 0x0e10  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
22:29:47.0476 0x0e10  WiaRpc - ok
22:29:47.0500 0x0e10  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:29:47.0520 0x0e10  WIMMount - ok
22:29:47.0525 0x0e10  WinDefend - ok
22:29:47.0624 0x0e10  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:29:47.0712 0x0e10  WinHttpAutoProxySvc - ok
22:29:47.0780 0x0e10  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:29:47.0812 0x0e10  Winmgmt - ok
22:29:47.0982 0x0e10  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:29:48.0199 0x0e10  WinRM - ok
22:29:48.0252 0x0e10  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
22:29:48.0278 0x0e10  WinUsb - ok
22:29:48.0360 0x0e10  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
22:29:48.0416 0x0e10  WlanSvc - ok
22:29:48.0549 0x0e10  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
22:29:48.0656 0x0e10  wlidsvc - ok
22:29:48.0673 0x0e10  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
22:29:48.0689 0x0e10  WmiAcpi - ok
22:29:48.0737 0x0e10  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:29:48.0759 0x0e10  wmiApSrv - ok
22:29:48.0786 0x0e10  WMPNetworkSvc - ok
22:29:48.0818 0x0e10  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
22:29:48.0852 0x0e10  Wof - ok
22:29:48.0988 0x0e10  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
22:29:49.0106 0x0e10  workfolderssvc - ok
22:29:49.0141 0x0e10  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
22:29:49.0179 0x0e10  wpcfltr - ok
22:29:49.0204 0x0e10  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:29:49.0255 0x0e10  WPCSvc - ok
22:29:49.0298 0x0e10  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:29:49.0410 0x0e10  WPDBusEnum - ok
22:29:49.0442 0x0e10  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
22:29:49.0477 0x0e10  WpdUpFltr - ok
22:29:49.0541 0x0e10  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:29:49.0621 0x0e10  ws2ifsl - ok
22:29:49.0663 0x0e10  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:29:49.0700 0x0e10  wscsvc - ok
22:29:49.0734 0x0e10  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
22:29:49.0777 0x0e10  WSDPrintDevice - ok
22:29:49.0791 0x0e10  WSearch - ok
22:29:50.0094 0x0e10  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
22:29:50.0384 0x0e10  WSService - ok
22:29:50.0662 0x0e10  [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:29:50.0804 0x0e10  wuauserv - ok
22:29:50.0841 0x0e10  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:29:50.0856 0x0e10  WudfPf - ok
22:29:50.0877 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
22:29:50.0951 0x0e10  WUDFRd - ok
22:29:50.0999 0x0e10  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:29:51.0019 0x0e10  wudfsvc - ok
22:29:51.0029 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
22:29:51.0047 0x0e10  WUDFWpdFs - ok
22:29:51.0055 0x0e10  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
22:29:51.0073 0x0e10  WUDFWpdMtp - ok
22:29:51.0115 0x0e10  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:29:51.0146 0x0e10  WwanSvc - ok
22:29:51.0165 0x0e10  ================ Scan global ===============================
22:29:51.0206 0x0e10  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
22:29:51.0239 0x0e10  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
22:29:51.0277 0x0e10  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
22:29:51.0323 0x0e10  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
22:29:51.0336 0x0e10  [ Global ] - ok
22:29:51.0337 0x0e10  ================ Scan MBR ==================================
22:29:51.0348 0x0e10  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:29:51.0605 0x0e10  \Device\Harddisk0\DR0 - ok
22:29:51.0606 0x0e10  ================ Scan VBR ==================================
22:29:51.0608 0x0e10  [ CC9E8AEF75B169D42BF49BD4508D93F4 ] \Device\Harddisk0\DR0\Partition1
22:29:51.0630 0x0e10  \Device\Harddisk0\DR0\Partition1 - ok
22:29:51.0668 0x0e10  [ 001C35361BD611A36BF5B4299D7CC151 ] \Device\Harddisk0\DR0\Partition2
22:29:51.0669 0x0e10  \Device\Harddisk0\DR0\Partition2 - ok
22:29:51.0670 0x0e10  ================ Scan generic autorun ======================
22:29:51.0703 0x0e10  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
22:29:51.0719 0x0e10  IgfxTray - ok
22:29:51.0734 0x0e10  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
22:29:51.0756 0x0e10  HotKeysCmds - ok
22:29:51.0781 0x0e10  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
22:29:51.0800 0x0e10  Persistence - ok
22:29:51.0802 0x0e10  SynTPEnh - ok
22:29:52.0055 0x0e10  [ C56AEF21A76A6E2BB36A384B2C96389F, A9C8B90631AB4BBFEAABDE3D854283C5073B8786A263B941FF631531F30B7F9A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
22:29:52.0116 0x0e10  NvBackend - ok
22:29:52.0449 0x0e10  [ 95671F4BE988BC043F5828BB7E02CBD0, 7B7572CB569161C44BD63AAF9DEF2C806974576AE9ABFF94ED5A950EFFB3D222 ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:29:52.0828 0x0e10  Launch LCore - ok
22:29:53.0025 0x0e10  [ 799450710D1B09FAF0D220B4DA3BF431, EE77DE14BC91D9A26D08AF4507071BB13F9D7F835AE6616B7D313F4FAF877793 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:29:53.0180 0x0e10  AvastUI.exe - ok
22:29:53.0261 0x0e10  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
22:29:53.0286 0x0e10  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
22:29:55.0829 0x0e10  Detect skipped due to KSN trusted
22:29:55.0829 0x0e10  ControlCenter3 - ok
22:29:56.0054 0x0e10  [ 1595B196050F9EF14E8A28A83D6B246F, 1E5F2AF9BF2602E2AC92A2E28866BD97F4C5F0D6FD55250384E7E88F2902024F ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
22:29:56.0140 0x0e10  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
22:29:58.0635 0x0e10  Detect skipped due to KSN trusted
22:29:58.0635 0x0e10  BrStsMon00 - ok
22:29:58.0697 0x0e10  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
22:29:58.0708 0x0e10  iTunesHelper - ok
22:29:58.0823 0x0e10  [ FE6E7F52D875E49A8DA4597675A38D9C, A116BDBD72AA9E21E2F5EE10E62B0FD530C66AD151B2C3CBA9AC77C7FCDE3ACB ] C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
22:29:58.0857 0x0e10  RoccatKonePureOptical - detected UnsignedFile.Multi.Generic ( 1 )
22:30:01.0253 0x0e10  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - warning
22:30:03.0851 0x0e10  [ 68F1419721354EC1F78A71E10B54FCA8, 5BB4814BD28EE8ABB15BE6B8E723F6960F37EC17A619F5D93EFBCC6FC59502F6 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
22:30:03.0951 0x0e10  Cisco AnyConnect Secure Mobility Agent for Windows - ok
22:30:04.0369 0x0e10  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
22:30:04.0486 0x0e10  SDTray - ok
22:30:04.0808 0x0e10  [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Kevin\AppData\Roaming\Spotify\Spotify.exe
22:30:05.0068 0x0e10  Spotify - ok
22:30:05.0358 0x0e10  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Kevin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:30:05.0421 0x0e10  Spotify Web Helper - ok
22:30:05.0476 0x0e10  [ 27D60574D2277B771930F871C83F4BEA, 90306556A2ABE5760D69F4B55C9A7423CABB5721A2CB7F624D461C0033DAB67F ] C:\Program Files\Sandboxie\SbieCtrl.exe
22:30:05.0502 0x0e10  SandboxieControl - ok
22:30:05.0762 0x0e10  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
22:30:05.0883 0x0e10  Akamai NetSession Interface - ok
22:30:05.0928 0x0e10  Skype - ok
22:30:06.0017 0x0e10  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
22:30:06.0042 0x0e10  Dropbox Update - ok
22:30:06.0120 0x0e10  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:30:06.0151 0x0e10  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
22:30:08.0617 0x0e10  Detect skipped due to KSN trusted
22:30:08.0618 0x0e10  SpybotPostWindows10UpgradeReInstall - ok
22:30:08.0618 0x0e10  Waiting for KSN requests completion. In queue: 7
22:30:09.0620 0x0e10  Waiting for KSN requests completion. In queue: 7
22:30:10.0621 0x0e10  Waiting for KSN requests completion. In queue: 7
22:30:11.0656 0x0e10  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
22:30:11.0665 0x0e10  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
22:30:11.0703 0x0e10  Win FW state via NFP2: disabled ( trusted )
22:30:14.0148 0x0e10  ============================================================
22:30:14.0148 0x0e10  Scan finished
22:30:14.0148 0x0e10  ============================================================
22:30:14.0159 0x1464  Detected object count: 1
22:30:14.0159 0x1464  Actual detected object count: 1
22:30:41.0900 0x1464  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - skipped by user
22:30:41.0900 0x1464  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 25.09.2015, 19:11   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.10.2015, 23:35   #6
Identity
 
Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?



Sry, habe die letzten Tage etwas Stress gehabt.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 26.09.2015
Suchlaufzeit: 14:04
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.26.02
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Kevin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 370787
Abgelaufene Zeit: 14 Min., 59 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, In Quarantäne, [7efcee46b3d8e94d0d5be25d6e9532ce], 
PUP.Optional.ProductSetup, HKU\S-1-5-21-1492992966-3316130111-433737794-1001\SOFTWARE\PRODUCTSETUP, In Quarantäne, [92e8151f701bbc7a438fe0d742c240c0], 

Registrierungswerte: 2
PUP.Optional.SearchEngine, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchengine@gmail.com, C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\extensions\searchengine@gmail.com, In Quarantäne, [f48684b0870441f543fb26965aaa40c0]
PUP.Optional.ProductSetup, HKU\S-1-5-21-1492992966-3316130111-433737794-1001\SOFTWARE\PRODUCTSETUP|tb, 0V1D1S1R1D0V1O, In Quarantäne, [92e8151f701bbc7a438fe0d742c240c0]

Registrierungsdaten: 4
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}),Ersetzt,[6c0e74c04d3efb3bad3c115d9e674fb1]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}),Ersetzt,[700a6bc91873171f6980610d7293a759]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}),Ersetzt,[5c1e88ac0f7c41f5ce1b026cbc49da26]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms}),Ersetzt,[86f40331414aba7c0bdef77710f5748c]

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 9
PUP.Optional.InstallCore, C:\Users\Kevin\AppData\Roaming\New Version Available\FreeVideoJoiner.exe, In Quarantäne, [4337ce66ef9c9a9c2ce1edef0100e51b], 
PUP.Optional.RelevantKnowledge, C:\Users\Kevin\AppData\Local\Temp\CSM421.tmp, In Quarantäne, [e496181c83087cba601e117221e409f7], 
PUP.Optional.OpenCandy, C:\Users\Kevin\AppData\Local\Temp\is-53BAF.tmp\OCSetupHlp.dll, In Quarantäne, [0d6d9c98cebd4ee87719eab50df8d927], 
PUP.Optional.Downloader, C:\Users\Kevin\Downloads\7 Zip 32 Bit - CHIP-Installer.exe, In Quarantäne, [720875bfe9a2ca6c977b9da3847c59a7], 
PUP.Optional.DownloadGuide, C:\Users\Kevin\Downloads\free-audio-recorder-computerbild_CB-DL-Manager.exe, In Quarantäne, [d5a59b99e4a786b022f9e0dc0ef39967], 
PUP.Optional.Proinstall, C:\Users\Kevin\Downloads\wmvtoavi_setup-34403409.exe, In Quarantäne, [bfbba98b6e1def4750dce2983ec3be42], 
PUP.Optional.Koyote, C:\Users\Kevin\Downloads\FreeFLVConverterSetup-r0-n-bc762.exe, In Quarantäne, [94e65bd97a11e155db7187376f92e020], 
PUP.Optional.IStart, C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js, Gut: (), Schlecht: (istart_ffnt@gmail.com), Ersetzt,[57232c088dfe35018a7ec1f80401a45c]
PUP.Optional.SearchEngine, C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js, Gut: (), Schlecht: (searchengine@gmail.com), Ersetzt,[abcf6fc5345789ad9774d0e9ce377987]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.009 - Bericht erstellt am 01/10/2015 um 23:05:16
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Kevin - KEVIN-PC
# Gestartet von : C:\Users\Kevin\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS

***** [ Internetbrowser ] *****

[-] [C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.istart_ffnt@gmail.com.install-event-fired", true);
[-] [C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.searchengine@gmail.com.install-event-fired", true);

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1809 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 Pro x64
Ran by Kevin on 01.10.2015 at 23:19:27,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(default)
Successfully deleted: [Folder] C:\Users\Kevin\AppData\Roaming\new version available
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted the following from C:\Users\Kevin\AppData\Roaming\mozilla\firefox\profiles\33p02pyw.default\prefs.js

user_pref(browser.search.searchengine.alias, mystartsearch);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.mystartsearch.com/favicon.ico);
user_pref(browser.search.searchengine.name, mystartsearch);
user_pref(browser.search.searchengine.ptid, cor);
user_pref(browser.search.searchengine.uid, ST500LM012XHN-M500MBB_S2TUJ9FCB11632);
user_pref(browser.search.searchengine.url, hxxp://www.mystartsearch.com/web/?type=ds&ts=1428736475&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9FCB11632&q={searchTerms});
Emptied folder: C:\Users\Kevin\AppData\Roaming\mozilla\firefox\profiles\33p02pyw.default\minidumps [153 files]



~~~ Chrome


[C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.10.2015 at 23:22:47,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Kevin (Administrator) auf KEVIN-PC (01-10-2015 23:31:42)
Gestartet von C:\Users\Kevin\Desktop
Geladene Profile: Kevin (Verfügbare Profile: Kevin)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-27] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-09-09] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Spotify] => C:\Users\Kevin\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-11] (Spotify Ltd)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Spotify Web Helper] => C:\Users\Kevin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-11] (Spotify Ltd)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [Dropbox Update] => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-27] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2014-09-29]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-02-20]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6477265F-4346-4A7B-8C1E-1713956EC9AF}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E7C03003-35B2-4FC5-9684-C7A781231506}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-27] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-27] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default
FF DefaultSearchEngine: Amazon.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-02-18] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1492992966-3316130111-433737794-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1492992966-3316130111-433737794-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-02-18] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\searchplugins\google-images.xml [2014-09-14]
FF SearchPlugin: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\searchplugins\google-maps.xml [2014-09-14]
FF Extension: Youtube MP3 Podcaster - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2015-06-11]
FF Extension: YouTube mp3 - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\info@youtube-mp3.org.xpi [2015-04-01]
FF Extension: Rocket Beans TV Sendeplan für Firefox - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\javos-firebeans-rbtvfx@jetpack.xpi [2015-01-25]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\vdpure@link64.xpi [2014-09-05]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-03-23]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-10]
FF HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\33p02pyw.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17]
CHR Extension: (Google Docs) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-17]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]
CHR Extension: (Adblock Plus) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
CHR Extension: (Google-Suche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Click&Clean) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-17]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Scholar-Schaltfläche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-05-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]
CHR Extension: (Google Mail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-27] (Avast Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-27] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-27] (AVAST Software)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-27] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-01 23:30 - 2015-10-01 23:31 - 00022724 _____ C:\Users\Kevin\Desktop\FRST.txt
2015-10-01 23:22 - 2015-10-01 23:22 - 00002163 _____ C:\Users\Kevin\Desktop\JRT.txt
2015-10-01 23:03 - 2015-10-01 23:05 - 00000000 ____D C:\AdwCleaner
2015-10-01 23:01 - 2015-10-01 23:01 - 01670656 _____ C:\Users\Kevin\Desktop\AdwCleaner_5.009.exe
2015-10-01 23:00 - 2015-10-01 23:00 - 00004871 _____ C:\Users\Kevin\Desktop\mbam.txt
2015-09-30 22:56 - 2015-10-01 22:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-28 16:44 - 2015-09-28 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-09-27 10:52 - 2015-09-27 10:52 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-27 10:52 - 2015-09-27 10:52 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-26 15:37 - 2015-09-26 15:37 - 00000028 _____ C:\Users\Kevin\Desktop\a.txt.txt
2015-09-26 14:03 - 2015-09-26 14:20 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-26 14:02 - 2015-09-26 14:02 - 01798976 _____ (Malwarebytes) C:\Users\Kevin\Desktop\JRT.exe
2015-09-26 14:02 - 2015-09-26 14:02 - 01662976 _____ C:\Users\Kevin\Desktop\AdwCleaner_5.008.exe
2015-09-26 14:01 - 2015-09-26 14:02 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 16:26 - 2015-09-30 02:39 - 03188216 _____ C:\Users\Kevin\Desktop\M und G.pptx
2015-09-24 23:51 - 2015-09-24 23:51 - 00009734 _____ C:\Users\Kevin\Desktop\Mappe1.xlsx
2015-09-24 23:45 - 2015-09-24 23:45 - 00011000 _____ C:\Users\Kevin\Desktop\Kennungen_0001-0500.txt
2015-09-24 23:44 - 2015-09-24 23:44 - 00026624 _____ C:\Users\Kevin\Desktop\ZEA_prf10167_stprobthe_behr.xls
2015-09-24 22:27 - 2015-09-24 22:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Kevin\Desktop\tdsskiller.exe
2015-09-24 21:55 - 2015-09-24 22:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-24 21:53 - 2015-10-01 22:59 - 00000000 ____D C:\Users\Kevin\Desktop\mbar
2015-09-24 21:52 - 2015-09-24 21:52 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kevin\Desktop\mbar-1.09.3.1001.exe
2015-09-24 21:49 - 2015-09-26 14:20 - 00001280 _____ C:\Users\Kevin\Desktop\Revo Uninstaller.lnk
2015-09-24 21:49 - 2015-09-24 21:49 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-24 21:48 - 2015-09-24 21:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2015-09-24 15:48 - 2015-09-24 15:48 - 00035864 _____ C:\Users\Kevin\Desktop\Gmer.txt
2015-09-24 14:55 - 2015-10-01 23:31 - 00000000 ____D C:\FRST
2015-09-24 14:52 - 2015-09-24 14:53 - 00000472 _____ C:\Users\Kevin\Desktop\defogger_disable.log
2015-09-24 14:52 - 2015-09-24 14:52 - 00000000 _____ C:\Users\Kevin\defogger_reenable
2015-09-24 14:49 - 2015-09-24 14:49 - 00380416 _____ C:\Users\Kevin\Desktop\Gmer-19357.exe
2015-09-24 14:48 - 2015-09-24 14:49 - 02192384 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2015-09-24 14:48 - 2015-09-24 14:48 - 00050477 _____ C:\Users\Kevin\Downloads\Defogger.exe
2015-09-24 14:45 - 2015-09-24 14:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-24 14:45 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-09-24 14:37 - 2015-09-26 14:20 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-24 14:37 - 2015-09-26 14:20 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-09-24 14:37 - 2015-09-24 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-24 14:36 - 2015-09-24 14:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-24 14:36 - 2015-09-24 14:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-24 14:36 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-09-24 14:30 - 2015-09-24 14:30 - 01457952 _____ C:\Users\Kevin\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-09-22 14:14 - 2015-09-22 14:14 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\WordMat
2015-09-21 12:04 - 2015-09-21 12:10 - 124053804 _____ (Eduap ) C:\Users\Kevin\Downloads\WordMat109.exe
2015-09-13 02:43 - 2015-09-30 19:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-09 10:43 - 2015-09-09 10:43 - 00034192 _____ (Cisco Systems, Inc.) C:\Windows\SysWOW64\vpnevents.dll
2015-09-09 10:43 - 2015-09-09 10:43 - 00011152 _____ (Cisco Systems, Inc.) C:\Windows\SysWOW64\vpncategories.dll
2015-09-09 05:23 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 05:23 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 05:23 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 05:23 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 05:23 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 05:23 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 05:23 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 05:23 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 05:22 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 05:22 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 05:22 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 05:22 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 05:22 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 05:22 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 05:22 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 05:22 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 05:22 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 05:22 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 05:22 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 05:22 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 05:22 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 05:22 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 05:22 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 05:22 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 05:22 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 05:22 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 05:22 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 05:22 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 05:22 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 05:22 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 05:22 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 05:22 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 05:22 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 05:22 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 05:22 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 05:22 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 05:22 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 05:22 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 05:22 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 05:22 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 05:22 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 05:22 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 05:22 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 05:22 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 05:22 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 05:22 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 05:21 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 05:21 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 05:21 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 05:21 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 05:21 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 05:21 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 05:21 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 05:21 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 05:21 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 05:21 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 05:21 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 05:21 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 05:21 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 05:21 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 05:21 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 05:21 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 05:21 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 05:21 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 05:21 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 05:21 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 05:21 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 05:21 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 05:21 - 2015-07-13 21:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 05:21 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-09 05:21 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 05:21 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 05:21 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 05:21 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-07 13:31 - 2015-09-07 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-09-02 09:37 - 2015-09-02 09:37 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-01 23:27 - 2014-02-10 22:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492992966-3316130111-433737794-1001
2015-10-01 23:21 - 2014-02-10 22:33 - 01458950 _____ C:\Windows\WindowsUpdate.log
2015-10-01 23:08 - 2015-03-17 20:30 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 23:06 - 2014-02-10 21:55 - 00202630 _____ C:\Windows\PFRO.log
2015-10-01 23:06 - 2013-08-22 16:46 - 00087508 _____ C:\Windows\setupact.log
2015-10-01 23:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-01 23:05 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-01 23:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-01 22:59 - 2015-03-17 20:30 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 22:59 - 2014-05-21 14:35 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 22:59 - 2014-05-21 14:33 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-01 22:53 - 2014-02-10 23:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-01 22:52 - 2015-06-03 16:29 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Skype
2015-10-01 22:48 - 2014-02-10 22:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-01 22:48 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Web
2015-10-01 22:47 - 2014-02-10 22:45 - 00000000 ____D C:\Users\Kevin
2015-10-01 10:33 - 2015-06-26 09:23 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA.job
2015-10-01 10:07 - 2014-03-05 01:21 - 02256896 ___SH C:\Users\Kevin\Desktop\Thumbs.db
2015-09-30 19:09 - 2014-02-11 10:32 - 00000000 ___RD C:\Users\Kevin\Dropbox
2015-09-30 19:09 - 2014-02-11 10:30 - 00000000 ____D C:\Users\Kevin\AppData\Roaming\Dropbox
2015-09-28 16:44 - 2014-12-16 12:54 - 00000000 ____D C:\ProgramData\Cisco
2015-09-28 16:44 - 2014-12-16 12:54 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-09-28 06:33 - 2015-06-26 09:23 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core.job
2015-09-27 10:52 - 2014-06-11 14:31 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-27 10:52 - 2014-02-10 23:50 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-27 10:51 - 2015-07-20 16:09 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-26 14:20 - 2014-12-20 13:43 - 00001181 _____ C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free FLV Converter.lnk
2015-09-26 14:20 - 2014-12-05 00:36 - 00000902 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-09-26 14:20 - 2014-11-13 20:45 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
2015-09-26 14:20 - 2014-09-29 21:48 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-26 14:20 - 2014-08-15 11:14 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-26 14:20 - 2014-07-28 19:27 - 00000771 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HearthstoneHearthstone.lnk
2015-09-26 14:20 - 2014-07-27 21:53 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.netBattle.net.lnk
2015-09-26 14:20 - 2014-03-12 21:01 - 00001837 _____ C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-26 14:20 - 2014-02-18 11:26 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-09-26 14:20 - 2014-02-10 23:54 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-26 14:20 - 2014-02-10 22:52 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-26 14:20 - 2014-02-10 22:46 - 00001450 _____ C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-26 14:03 - 2014-05-21 14:33 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-24 15:21 - 2013-08-22 16:44 - 00517032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-24 15:03 - 2014-03-18 11:16 - 00001840 _____ C:\Windows\Sandboxie.ini
2015-09-24 11:30 - 2014-06-11 10:54 - 00000000 ____D C:\Users\Kevin\AppData\Local\Akamai
2015-09-22 12:22 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-16 14:54 - 2015-03-17 20:30 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 14:54 - 2015-03-17 20:30 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 23:00 - 2014-02-10 22:33 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-15 23:00 - 2013-08-23 01:24 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-09-15 23:00 - 2013-08-23 01:24 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-09-15 03:18 - 2015-03-12 08:49 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-12 08:49 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 10:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-09 12:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 12:16 - 2014-02-18 12:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 11:52 - 2013-08-23 01:26 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 11:52 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-09-09 11:50 - 2014-02-17 09:14 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 09:55 - 2014-12-16 12:55 - 00129520 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsock64.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-11 09:18 - 2015-04-11 09:18 - 0000096 _____ () C:\Users\Kevin\AppData\Roaming\settings.xml
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Kevin\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Kevin\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Kevin\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Kevin\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Kevin\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Kevin\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Kevin\AppData\Local\ogg.dll
2015-04-09 10:35 - 2015-05-20 19:31 - 0001469 _____ () C:\Users\Kevin\AppData\Local\RecConfig.xml
2015-01-02 19:49 - 2015-01-02 19:49 - 0053247 _____ () C:\Users\Kevin\AppData\Local\recently-used.xbel
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Kevin\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Kevin\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Kevin\AppData\Local\vorbisfile.dll

Einige Dateien in TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsutt9x.dll
C:\Users\Kevin\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Kevin\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Kevin\AppData\Local\Temp\kernel32.dll
C:\Users\Kevin\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Kevin\AppData\Local\Temp\sqlite3.dll
C:\Users\Kevin\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Kevin\AppData\Local\Temp\tester.dll
C:\Users\Kevin\AppData\Local\Temp\tmp19AC.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmp36BA.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmp890A.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpA01D.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpEB54.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\tmpEF2F.tmp.exe
C:\Users\Kevin\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-24 11:35

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Kevin (2015-10-01 23:32:09)
Gestartet von C:\Users\Kevin\Desktop
Windows 8.1 Pro (X64) (2014-02-10 20:45:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1492992966-3316130111-433737794-500 - Administrator - Disabled)
Gast (S-1-5-21-1492992966-3316130111-433737794-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1492992966-3316130111-433737794-1003 - Limited - Enabled)
Kevin (S-1-5-21-1492992966-3316130111-433737794-1001 - Administrator - Enabled) => C:\Users\Kevin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 5.8.2 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.06013 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.1.06013 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Dropbox (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
DVDStyler v2.9.2 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version:  - musetips.com)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free WMV To AVI Converter (HKLM-x32\...\{BD0BF269-9706-47B4-BBA8-312B8F9F9AF7}) (Version: 1.0.0 - convertaudiofree)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{F4721C9E-74D6-11E4-9122-F04DA23A5C58}) (Version: 13.0.943 - Sony)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Nero 2015 (HKLM-x32\...\{EF09AC51-1657-4A06-9449-B2BF1C4FB608}) (Version: 16.0.05500 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
oCam Version 113.0 (HKLM-x32\...\oCam_is1) (Version: 113.0 - hxxp://ohsoft.net/)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version:  - Roccat GmbH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.507 - RStudio)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPER © v2015.build.64+Recorder (2015/02/13) Version v2015.buil (HKLM-x32\...\{8E2A29E2-96BF-8759-4DA7-5C16C90729A4}_is1) (Version: v2015.build.64+Recorder - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1492992966-3316130111-433737794-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

17-09-2015 18:35:36 Geplanter Prüfpunkt
22-09-2015 12:21:53 Windows Update
24-09-2015 21:50:21 Revo Uninstaller's restore point - mystartsearch uninstall
27-09-2015 10:50:37 avast! antivirus system restore point
01-10-2015 23:19:29 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0671F014-D86F-44FA-A8B8-0F57C7CC68AF} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {3DC8A1A8-C2D1-45BD-9EE9-FCB61C080A6E} - System32\Tasks\{0992D23C-F9E9-495D-A6AF-081E17A2973A} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.85.102/de/abandoninstall?page=tsPlugin
Task: {698527B6-C986-4282-B27D-DB34D6CC1BB4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {76345ED9-2650-4061-AA97-4D84B952655B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-27] (AVAST Software)
Task: {81CA75FD-BC27-40FE-B6A0-4C16D3A47B9C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {8F6CABAF-0120-4DDD-8051-F7A8A6BD4017} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {AC1477E9-FBD1-44D9-9A52-E86826A2650D} - System32\Tasks\{AB3DE272-CE1D-4BD0-9A9B-454C35CDABB5} => pcalua.exe -a C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe -c -maintain plugin
Task: {B2C2AD02-605B-440F-8139-AA6B96924282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {DB38F406-F5B5-4FCB-B786-C526F38D1B87} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {DFF0DAA7-EE66-42C6-A46A-B4DC7875A506} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E667C826-B782-4CD8-8F28-1F48B1FCEB64} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001Core.job => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492992966-3316130111-433737794-1001UA.job => C:\Users\Kevin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-02-11 21:42 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-09-27 10:52 - 2015-09-27 10:52 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-27 10:52 - 2015-09-27 10:52 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-01 22:52 - 2015-10-01 22:52 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100102\algo.dll
2015-09-24 14:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-24 14:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-24 14:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-24 14:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-09-24 14:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-09-27 10:52 - 2015-09-27 10:52 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-09 10:44 - 2015-09-09 10:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1492992966-3316130111-433737794-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492992966-3316130111-433737794-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A56C17D7-7A4A-48EB-80AB-82A6CEEA8711}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{48395351-D0CE-48F0-BB51-EA51427158AC}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A3082BB3-E7E5-44FF-B792-2922676F55FB}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F8813CC2-9ED2-4CF2-B9E5-1E027389B21F}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{570BFA21-8566-4F03-8114-54A90AE8CAB1}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A6CAA5BB-1475-4244-A13C-CC2A9FFF002D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{290CAF5F-C38B-4BCD-AEF3-C019A27E2595}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6141FBC7-52E9-4D2B-882B-029923906BB7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9794FD7D-B872-4604-A9E4-56AC94BFCFA2}] => (Allow) LPort=57440
FirewallRules: [{5B569F74-8FAE-4E1F-AE8F-355DFEF5ADE5}] => (Allow) LPort=57440
FirewallRules: [{E944012C-033B-44F5-9FB1-8E41693E8161}] => (Allow) LPort=57440
FirewallRules: [{C9BC9DFB-1B1B-455C-AACC-92A632AC1C51}] => (Allow) LPort=57440
FirewallRules: [{547EBF6F-BD83-4DFA-849C-06ECEF17C9A0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{1149F740-E408-4CF0-9AA5-9154E3147DAD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4CA9BB51-FF2A-4889-8FBC-3E801D5AB60F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E71D33C2-0442-44CF-89FE-FFB6626474A3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{3BE480E0-30B6-4732-AEC6-0805EFFFBAB3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{DE66F2CE-1C0E-4FAF-ABBD-DB4DEA357A9F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22B30ACE-F951-449E-A2A6-AD5C66E9C792}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B8989E5-E2F1-4A3A-B3DF-45B4B41CFBFC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28A235A4-2995-469F-99A8-62DEC2B51629}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5817332A-3BCA-497F-A67D-75BB74E385ED}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{8145860C-C6F8-4A05-91D2-EDDC78718506}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4EA8084-888E-43D3-BF9C-23ACCC7C02A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9AB3EFA8-4817-4E4A-A623-6B4F07A93FFA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{58F788A8-0A94-4BCD-9C2F-EC040B760245}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F7E9FAC0-717B-4ED4-927C-9DE7C9D9324B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{7866B067-E218-48D8-809A-D00D35BBF08A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{BBE35BA8-9236-4C3A-BDA6-A35852601B83}] => (Allow) C:\Users\Kevin\AppData\Local\Temp\nst3ACD.tmp\CnetInstaller-75925889.exe
FirewallRules: [{261FB67B-3ABF-457D-9467-F4CD1381D0E9}] => (Allow) C:\Users\Kevin\AppData\Local\Temp\nst3ACD.tmp\CnetInstaller-75925889.exe
FirewallRules: [{33F37DB0-7095-41BB-BDF4-908BF4ACC1BD}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{090D8899-F08C-41B4-89B5-3A2069E867C8}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D68EA79A-741A-471F-8AA3-EF944218ECA7}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{229386DE-B35C-436B-BA47-25D1BAA5DE19}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F99C01E9-46CD-41C3-8F3E-B21980EBBA3E}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{946FC60A-826B-4C90-A4B8-CEA2CAAEAFE9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{C326A50D-97D9-4F10-B9FA-FDFE0BBF7B7F}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{37A9D14C-3DA3-4661-A9C0-A9D127A1D198}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{3FCC3024-0D66-4120-978E-6A9B05F58E37}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{26604382-F48D-4A7B-805D-CEB27CF43E5E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{589DCDBE-784A-4B2C-9881-7AE6AF83C43E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/01/2015 11:14:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1609

Error: (10/01/2015 11:14:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1609

Error: (10/01/2015 11:14:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 11:51:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1187

Error: (09/30/2015 11:51:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1187

Error: (09/30/2015 11:51:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 08:13:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 14.0.7157.5000, Zeitstempel: 0x55cc87c2
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 14.0.7157.5000, Zeitstempel: 0x55cc87c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014d1f8
ID des fehlerhaften Prozesses: 0x1440
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3
Vollständiger Name des fehlerhaften Pakets: EXCEL.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EXCEL.EXE5

Error: (09/30/2015 10:46:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.0.5738, Zeitstempel: 0x55fb7072
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.0.5738, Zeitstempel: 0x55fb5afb
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec7e
ID des fehlerhaften Prozesses: 0x1a54
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (09/30/2015 10:46:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 41.0.0.5738 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c5c

Startzeit: 01d0f7671d96c924

Endzeit: 89

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: a8d8321a-674f-11e5-82a3-742f68dcca2c

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/30/2015 10:45:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10563


Systemfehler:
=============
Error: (10/01/2015 11:20:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/01/2015 11:20:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/01/2015 11:20:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/01/2015 11:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/01/2015 11:20:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/01/2015 11:20:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/01/2015 11:20:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/01/2015 11:20:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AtherosSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/01/2015 11:20:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/01/2015 11:20:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2014-11-23 22:37:26.577
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:26.317
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:26.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.819
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:25.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-11-23 22:37:24.453
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8102.69 MB
Verfügbarer physikalischer RAM: 6286.59 MB
Summe virtueller Speicher: 9382.69 MB
Verfügbarer virtueller Speicher: 7335.74 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:195.35 GB) (Free:84.44 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:245.41 GB) (Free:234.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DB144593)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=195.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=245.4 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         
Danke

Alt 02.10.2015, 21:00   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Standard

Windows 8.1: Zugriff auf Router durch Fremdsoftware?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8.1: Zugriff auf Router durch Fremdsoftware?
akamai, antivirus, bonjour, converter, cpu, defender, device driver, dnsapi.dll, downloader, failed, flash player, frage, homepage, launch, mozilla, mp3, prozesse, registry, rundll, safer networking, scan, security, services.exe, software, svchost.exe, system, udp, usb, win10, windows



Ähnliche Themen: Windows 8.1: Zugriff auf Router durch Fremdsoftware?


  1. Def Con 22: Millionen DSL-Router durch TR-069-Fernwartung kompromittierbar
    Nachrichten - 15.08.2014 (0)
  2. Zugriff durch zugangsdaten ?
    Diskussionsforum - 04.04.2014 (1)
  3. Kein Zugriff aufs Internet trotz Verbindung zum Router
    Alles rund um Windows - 02.03.2014 (1)
  4. Offenes Heim-Netz durch IPv6, WLAN, NAT-Router?
    Überwachung, Datenschutz und Spam - 10.01.2013 (0)
  5. Kein Internetzugang oder Zugriff auf Router mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (22)
  6. Router-Zugang durch die Hintertür
    Nachrichten - 02.08.2010 (0)
  7. Port freigeben, ohne Zugriff auf den Router ...
    Netzwerk und Hardware - 13.02.2010 (2)
  8. Port freigeben, ohne Zugriff auf Router??? help :(
    Netzwerk und Hardware - 27.05.2009 (2)
  9. Trojanerweitergabe durch Router - Bitte um Kontrolle
    Log-Analyse und Auswertung - 22.03.2009 (10)
  10. Kein zugriff auf Router
    Netzwerk und Hardware - 10.10.2008 (14)
  11. Kein Zugriff auf Netgear Router
    Netzwerk und Hardware - 06.06.2008 (16)
  12. Kein Zugriff mehr auf Router & kein Inet
    Alles rund um Windows - 27.11.2007 (12)
  13. Router <-> Windows (OK) / Router <-> Linux (nicht OK)
    Netzwerk und Hardware - 23.04.2007 (13)
  14. Könnten Trojaner durch einen Router ?
    Log-Analyse und Auswertung - 11.08.2005 (2)
  15. Verbindung zum Router nicht mehr vorhanden, IP wird durch Programm verändert
    Log-Analyse und Auswertung - 02.05.2005 (6)
  16. Schutz durch Router-Firewall?
    Antiviren-, Firewall- und andere Schutzprogramme - 06.03.2005 (7)
  17. Router: Gefahr durch Viren von fremden Rechnern?
    Netzwerk und Hardware - 20.01.2005 (3)

Zum Thema Windows 8.1: Zugriff auf Router durch Fremdsoftware? - Hallo, heute hat sich scheinbar jemand Zugriff auf meinen Router verschafft. Plötzlich hatte ich keine Internetverbindung und das SSID wurde umbenannt. Nun frage ich mich, ob dafür Fremdsoftware verantwortlich ist, - Windows 8.1: Zugriff auf Router durch Fremdsoftware?...
Archiv
Du betrachtest: Windows 8.1: Zugriff auf Router durch Fremdsoftware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.