Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.01.2016, 16:23   #1
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Hallo,
Ich habe viel gegoogelt, finde aber leider keine Lösung, deshalb wende ich mich hier an euch. Es popped jede Stunde um xx:10 ein Popup auf, wie soll dieser linktyp http (win8.1) oder seit dem update auf Win10 "wie soll dieses Element geöffnet werden" auf, sieht aus wie das Standardfenster von Windows, um die Dateiendung einem Programm zuzuordnen.
Dabei werden mir meine installierten Browser (Chrome, FF und Edge) angeboten. Egal auf was ich klicke erscheint in der Browserzeile kurz ..jmp2.it.. und dann wird eine Seite geöffnet, auf der man den mcafee virenscanner kaufen kann



Ich danke schon mal im voraus für eure Hilfe!

Alt 06.01.2016, 17:57   #2
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer.
__________________

__________________

Alt 06.01.2016, 18:15   #3
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



2 teile, da zu lang
Code:
ATTFilter
18:01:29.0063 0x134c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:02:04.0191 0x134c  ============================================================
18:02:04.0191 0x134c  Current date / time: 2016/01/06 18:02:04.0191
18:02:04.0191 0x134c  SystemInfo:
18:02:04.0191 0x134c  
18:02:04.0191 0x134c  OS Version: 10.0.10586 ServicePack: 0.0
18:02:04.0191 0x134c  Product type: Workstation
18:02:04.0191 0x134c  ComputerName: BEDA-AIO
18:02:04.0191 0x134c  UserName: Peter
18:02:04.0191 0x134c  Windows directory: C:\WINDOWS
18:02:04.0191 0x134c  System windows directory: C:\WINDOWS
18:02:04.0191 0x134c  Running under WOW64
18:02:04.0191 0x134c  Processor architecture: Intel x64
18:02:04.0191 0x134c  Number of processors: 2
18:02:04.0191 0x134c  Page size: 0x1000
18:02:04.0191 0x134c  Boot type: Normal boot
18:02:04.0191 0x134c  ============================================================
18:02:04.0365 0x134c  KLMD registered as C:\WINDOWS\system32\drivers\79473305.sys
18:02:04.0617 0x134c  System UUID: {84DA7D67-4B46-E09C-0B48-341BC08BDA0A}
18:02:05.0197 0x134c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:02:05.0197 0x134c  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:02:05.0214 0x134c  ============================================================
18:02:05.0214 0x134c  \Device\Harddisk0\DR0:
18:02:05.0214 0x134c  MBR partitions:
18:02:05.0214 0x134c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x249ED825
18:02:05.0214 0x134c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x249ED864, BlocksNum 0x249F1725
18:02:05.0214 0x134c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x493DEF89, BlocksNum 0x9FA28877
18:02:05.0214 0x134c  \Device\Harddisk1\DR1:
18:02:05.0214 0x134c  MBR partitions:
18:02:05.0214 0x134c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1A250170
18:02:05.0214 0x134c  ============================================================
18:02:05.0229 0x134c  C: <-> \Device\Harddisk1\DR1\Partition1
18:02:05.0260 0x134c  D: <-> \Device\Harddisk0\DR0\Partition2
18:02:05.0292 0x134c  E: <-> \Device\Harddisk0\DR0\Partition3
18:02:05.0292 0x134c  G: <-> \Device\Harddisk0\DR0\Partition1
18:02:05.0292 0x134c  ============================================================
18:02:05.0292 0x134c  Initialize success
18:02:05.0292 0x134c  ============================================================
18:03:17.0084 0x10a8  ============================================================
18:03:17.0084 0x10a8  Scan started
18:03:17.0084 0x10a8  Mode: Manual; SigCheck; TDLFS; 
18:03:17.0084 0x10a8  ============================================================
18:03:17.0084 0x10a8  KSN ping started
18:03:19.0533 0x10a8  KSN ping finished: true
18:03:19.0974 0x10a8  ================ Scan system memory ========================
18:03:19.0990 0x10a8  System memory - ok
18:03:19.0990 0x10a8  ================ Scan services =============================
18:03:20.0038 0x10a8  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:03:20.0116 0x10a8  1394ohci - ok
18:03:20.0132 0x10a8  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:03:20.0153 0x10a8  3ware - ok
18:03:20.0174 0x10a8  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:03:20.0207 0x10a8  ACPI - ok
18:03:20.0217 0x10a8  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:03:20.0237 0x10a8  acpiex - ok
18:03:20.0244 0x10a8  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:03:20.0265 0x10a8  acpipagr - ok
18:03:20.0271 0x10a8  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:03:20.0299 0x10a8  AcpiPmi - ok
18:03:20.0305 0x10a8  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:03:20.0324 0x10a8  acpitime - ok
18:03:20.0351 0x10a8  [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:03:20.0366 0x10a8  AdobeFlashPlayerUpdateSvc - ok
18:03:20.0408 0x10a8  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:03:20.0459 0x10a8  ADP80XX - ok
18:03:20.0486 0x10a8  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:03:20.0519 0x10a8  AFD - ok
18:03:20.0529 0x10a8  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:03:20.0545 0x10a8  agp440 - ok
18:03:20.0556 0x10a8  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:03:20.0588 0x10a8  ahcache - ok
18:03:20.0595 0x10a8  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
18:03:20.0616 0x10a8  AJRouter - ok
18:03:20.0624 0x10a8  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
18:03:20.0646 0x10a8  ALG - ok
18:03:20.0648 0x10a8  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:03:20.0664 0x10a8  AmdK8 - ok
18:03:20.0679 0x10a8  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:03:20.0695 0x10a8  AmdPPM - ok
18:03:20.0711 0x10a8  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:03:20.0726 0x10a8  amdsata - ok
18:03:20.0726 0x10a8  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:03:20.0759 0x10a8  amdsbs - ok
18:03:20.0759 0x10a8  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:03:20.0774 0x10a8  amdxata - ok
18:03:20.0821 0x10a8  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:03:20.0885 0x10a8  AntiVirMailService - ok
18:03:20.0916 0x10a8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
18:03:20.0931 0x10a8  AntiVirSchedulerService - ok
18:03:20.0947 0x10a8  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
18:03:20.0979 0x10a8  AntiVirService - ok
18:03:21.0011 0x10a8  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:03:21.0057 0x10a8  AntiVirWebService - ok
18:03:21.0073 0x10a8  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:03:21.0090 0x10a8  AppHostSvc - ok
18:03:21.0105 0x10a8  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:03:21.0121 0x10a8  AppID - ok
18:03:21.0121 0x10a8  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:03:21.0152 0x10a8  AppIDSvc - ok
18:03:21.0168 0x10a8  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:03:21.0183 0x10a8  Appinfo - ok
18:03:21.0200 0x10a8  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:03:21.0200 0x10a8  Apple Mobile Device Service - ok
18:03:21.0216 0x10a8  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:03:21.0247 0x10a8  AppMgmt - ok
18:03:21.0263 0x10a8  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:03:21.0310 0x10a8  AppReadiness - ok
18:03:21.0357 0x10a8  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:03:21.0468 0x10a8  AppXSvc - ok
18:03:21.0483 0x10a8  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:03:21.0499 0x10a8  arcsas - ok
18:03:21.0499 0x10a8  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
18:03:21.0531 0x10a8  AsyncMac - ok
18:03:21.0531 0x10a8  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:03:21.0547 0x10a8  atapi - ok
18:03:21.0562 0x10a8  [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:03:21.0594 0x10a8  AudioEndpointBuilder - ok
18:03:21.0625 0x10a8  [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:03:21.0688 0x10a8  Audiosrv - ok
18:03:21.0688 0x10a8  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:03:21.0704 0x10a8  avgntflt - ok
18:03:21.0723 0x10a8  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:03:21.0723 0x10a8  avipbb - ok
18:03:21.0738 0x10a8  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:03:21.0755 0x10a8  Avira.ServiceHost - ok
18:03:21.0755 0x10a8  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:03:21.0771 0x10a8  avkmgr - ok
18:03:21.0771 0x10a8  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
18:03:21.0786 0x10a8  avnetflt - ok
18:03:21.0802 0x10a8  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:03:21.0817 0x10a8  AxInstSV - ok
18:03:21.0833 0x10a8  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:03:21.0865 0x10a8  b06bdrv - ok
18:03:21.0881 0x10a8  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:03:21.0897 0x10a8  BasicDisplay - ok
18:03:21.0912 0x10a8  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:03:21.0928 0x10a8  BasicRender - ok
18:03:21.0928 0x10a8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
18:03:21.0943 0x10a8  bcmfn - ok
18:03:21.0959 0x10a8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:03:21.0976 0x10a8  bcmfn2 - ok
18:03:21.0976 0x10a8  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:03:22.0023 0x10a8  BDESVC - ok
18:03:22.0023 0x10a8  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:03:22.0038 0x10a8  Beep - ok
18:03:22.0069 0x10a8  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
18:03:22.0117 0x10a8  BFE - ok
18:03:22.0133 0x10a8  [ 7C33A7BF2513F9CCD2897E9CB2BD6313, 00742E38928267DB93650BB9D1776D3700A4A57D998A27F0644A079F9DC28D29 ] BioNTDrv        C:\Program Files (x86)\Paragon Software\Backup and Recovery 12 Home\program\BioNTDrv.SYS
18:03:22.0133 0x10a8  BioNTDrv - ok
18:03:22.0164 0x10a8  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:03:22.0228 0x10a8  BITS - ok
18:03:22.0259 0x10a8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:03:22.0275 0x10a8  Bonjour Service - ok
18:03:22.0275 0x10a8  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:03:22.0306 0x10a8  bowser - ok
18:03:22.0322 0x10a8  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:03:22.0354 0x10a8  BrokerInfrastructure - ok
18:03:22.0369 0x10a8  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
18:03:22.0385 0x10a8  Browser - ok
18:03:22.0401 0x10a8  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:03:22.0417 0x10a8  BthAvrcpTg - ok
18:03:22.0417 0x10a8  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:03:22.0448 0x10a8  BthHFEnum - ok
18:03:22.0448 0x10a8  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:03:22.0464 0x10a8  bthhfhid - ok
18:03:22.0480 0x10a8  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:03:22.0511 0x10a8  BthHFSrv - ok
18:03:22.0511 0x10a8  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:03:22.0528 0x10a8  BTHMODEM - ok
18:03:22.0543 0x10a8  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:03:22.0559 0x10a8  bthserv - ok
18:03:22.0574 0x10a8  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:03:22.0590 0x10a8  buttonconverter - ok
18:03:22.0606 0x10a8  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
18:03:22.0638 0x10a8  CapImg - ok
18:03:22.0638 0x10a8  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:03:22.0669 0x10a8  cdfs - ok
18:03:22.0685 0x10a8  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
18:03:22.0716 0x10a8  CDPSvc - ok
18:03:22.0716 0x10a8  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:03:22.0751 0x10a8  cdrom - ok
18:03:22.0761 0x10a8  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:03:22.0788 0x10a8  CertPropSvc - ok
18:03:22.0789 0x10a8  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:03:22.0804 0x10a8  circlass - ok
18:03:22.0820 0x10a8  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:03:22.0851 0x10a8  CLFS - ok
18:03:22.0929 0x10a8  [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:03:23.0009 0x10a8  ClickToRunSvc - ok
18:03:23.0040 0x10a8  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
18:03:23.0071 0x10a8  ClipSVC - ok
18:03:23.0087 0x10a8  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:03:23.0102 0x10a8  CmBatt - ok
18:03:23.0135 0x10a8  [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:03:23.0166 0x10a8  CNG - ok
18:03:23.0166 0x10a8  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:03:23.0181 0x10a8  cnghwassist - ok
18:03:23.0213 0x10a8  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
18:03:23.0228 0x10a8  CompositeBus - ok
18:03:23.0228 0x10a8  COMSysApp - ok
18:03:23.0244 0x10a8  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:03:23.0260 0x10a8  condrv - ok
18:03:23.0275 0x10a8  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:03:23.0323 0x10a8  CoreMessagingRegistrar - ok
18:03:23.0339 0x10a8  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:03:23.0354 0x10a8  CryptSvc - ok
18:03:23.0372 0x10a8  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
18:03:23.0412 0x10a8  CSC - ok
18:03:23.0444 0x10a8  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\WINDOWS\System32\cscsvc.dll
18:03:23.0479 0x10a8  CscService - ok
18:03:23.0491 0x10a8  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:03:23.0510 0x10a8  dam - ok
18:03:23.0539 0x10a8  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:03:23.0586 0x10a8  DcomLaunch - ok
18:03:23.0602 0x10a8  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
18:03:23.0633 0x10a8  DcpSvc - ok
18:03:23.0650 0x10a8  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:03:23.0681 0x1340  Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
18:03:23.0696 0x10a8  defragsvc - ok
18:03:23.0712 0x10a8  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:03:23.0760 0x10a8  DeviceAssociationService - ok
18:03:23.0760 0x10a8  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:03:23.0791 0x10a8  DeviceInstall - ok
18:03:23.0791 0x10a8  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
18:03:23.0807 0x10a8  DevQueryBroker - ok
18:03:23.0822 0x10a8  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:03:23.0838 0x10a8  Dfsc - ok
18:03:23.0854 0x10a8  [ 58425D987F155F44C0BD4D0DB230327E, 9F4F5711325118D4C165F7BAC96D8248A387E14363662F735E7B9331FC222C30 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:03:23.0870 0x10a8  dg_ssudbus - ok
18:03:23.0886 0x10a8  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:03:23.0933 0x10a8  Dhcp - ok
18:03:23.0933 0x10a8  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:03:23.0964 0x10a8  diagnosticshub.standardcollector.service - ok
18:03:24.0022 0x10a8  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:03:24.0087 0x10a8  DiagTrack - ok
18:03:24.0099 0x10a8  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:03:24.0114 0x10a8  disk - ok
18:03:24.0221 0x10a8  [ 91A68D0C43E8B641336DEFEC0ECDEAD9, 5594E1E3B41326C7CE64EE76F14E34C2C4435CAAB4881258D8098C391ED852B7 ] DiskBoss Service d:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
18:03:24.0236 0x10a8  DiskBoss Service - detected UnsignedFile.Multi.Generic ( 1 )
18:03:24.0820 0x0c28  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
18:03:26.0271 0x1340  Object send P2P result: true
18:03:26.0271 0x1340  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:03:26.0633 0x10a8  Detect skipped due to KSN trusted
18:03:26.0633 0x10a8  DiskBoss Service - ok
18:03:26.0649 0x10a8  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:03:26.0680 0x10a8  DmEnrollmentSvc - ok
18:03:26.0696 0x10a8  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:03:26.0711 0x10a8  dmvsc - ok
18:03:26.0727 0x10a8  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:03:26.0744 0x10a8  dmwappushservice - ok
18:03:26.0759 0x10a8  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:03:26.0775 0x10a8  Dnscache - ok
18:03:26.0791 0x10a8  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:03:26.0822 0x10a8  dot3svc - ok
18:03:26.0838 0x10a8  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
18:03:26.0854 0x10a8  DPS - ok
18:03:26.0870 0x10a8  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
18:03:26.0870 0x10a8  drmkaud - ok
18:03:26.0885 0x10a8  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:03:26.0916 0x10a8  DsmSvc - ok
18:03:26.0916 0x10a8  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
18:03:26.0949 0x10a8  DsSvc - ok
18:03:26.0996 0x10a8  [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:03:27.0075 0x10a8  DXGKrnl - ok
18:03:27.0090 0x10a8  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:03:27.0106 0x10a8  Eaphost - ok
18:03:27.0201 0x10a8  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:03:27.0311 0x0c28  Object send P2P result: true
18:03:27.0311 0x0c28  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
18:03:27.0311 0x10a8  ebdrv - ok
18:03:27.0327 0x10a8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
18:03:27.0342 0x10a8  EFS - ok
18:03:27.0358 0x10a8  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:03:27.0374 0x10a8  EhStorClass - ok
18:03:27.0374 0x10a8  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:03:27.0390 0x10a8  EhStorTcgDrv - ok
18:03:27.0408 0x10a8  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
18:03:27.0421 0x10a8  embeddedmode - ok
18:03:27.0437 0x10a8  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:03:27.0468 0x10a8  EntAppSvc - ok
18:03:27.0484 0x10a8  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:03:27.0501 0x10a8  ErrDev - ok
18:03:27.0516 0x10a8  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
18:03:27.0547 0x10a8  EventSystem - ok
18:03:27.0563 0x10a8  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:03:27.0602 0x10a8  exfat - ok
18:03:27.0605 0x10a8  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:03:27.0636 0x10a8  fastfat - ok
18:03:27.0652 0x10a8  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:03:27.0699 0x10a8  Fax - ok
18:03:27.0699 0x10a8  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:03:27.0715 0x10a8  fdc - ok
18:03:27.0731 0x10a8  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:03:27.0746 0x10a8  fdPHost - ok
18:03:27.0762 0x10a8  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:03:27.0778 0x10a8  FDResPub - ok
18:03:27.0793 0x10a8  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:03:27.0809 0x10a8  fhsvc - ok
18:03:27.0826 0x10a8  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
18:03:27.0841 0x10a8  FileCrypt - ok
18:03:27.0841 0x10a8  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:03:27.0857 0x10a8  FileInfo - ok
18:03:27.0872 0x10a8  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:03:27.0888 0x10a8  Filetrace - ok
18:03:27.0904 0x10a8  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:03:27.0919 0x10a8  flpydisk - ok
18:03:27.0936 0x10a8  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:03:27.0952 0x10a8  FltMgr - ok
18:03:27.0998 0x10a8  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:03:28.0078 0x10a8  FontCache - ok
18:03:28.0093 0x10a8  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:03:28.0109 0x10a8  FontCache3.0.0.0 - ok
18:03:28.0124 0x10a8  [ 52B58A46BEEFB238C580B69FD051CB5B, 6C3B92F953DD55619BD6F0876850A441CAF7774EB873196F567F6A1C0D8CF182 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
18:03:28.0157 0x10a8  ForceWare Intelligent Application Manager (IAM) - ok
18:03:28.0172 0x10a8  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:03:28.0188 0x10a8  FsDepends - ok
18:03:28.0188 0x10a8  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:03:28.0204 0x10a8  Fs_Rec - ok
18:03:28.0204 0x10a8  [ 0B0E36E669B47E256BE7BDB66D76CCCF, EE52E6EB6F4E41429687124246CF988CAFC4D7FF26EDAD5EAB762239E6DF8FBB ] FTDIBUS         C:\WINDOWS\system32\drivers\ftdibus.sys
18:03:28.0219 0x10a8  FTDIBUS - ok
18:03:28.0235 0x10a8  [ 9339740FBF4AAD6F06A6C3ECFE3B9C89, D2DDD4075B53908642C9352D0494B2EA12839A79F78A18DCB2BF07AEF9448A46 ] ftpsvc          C:\WINDOWS\system32\inetsrv\ftpsvc.dll
18:03:28.0267 0x10a8  ftpsvc - ok
18:03:28.0283 0x10a8  [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K         C:\WINDOWS\system32\drivers\ftser2k.sys
18:03:28.0298 0x10a8  FTSER2K - ok
18:03:28.0314 0x10a8  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:03:28.0361 0x10a8  fvevol - ok
18:03:28.0361 0x10a8  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:03:28.0377 0x10a8  gagp30kx - ok
18:03:28.0377 0x10a8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:03:28.0393 0x10a8  GEARAspiWDM - ok
18:03:28.0393 0x10a8  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:03:28.0409 0x10a8  gencounter - ok
18:03:28.0424 0x10a8  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
18:03:28.0440 0x10a8  genericusbfn - ok
18:03:28.0440 0x10a8  [ A1F556318931B9EA276F4E2DA2C1791C, 1E5564A9B213689C56BFBBEC1A7BBFAD78DF1FB55422171C0680935338C5DE57 ] ggflt           C:\WINDOWS\System32\drivers\ggflt.sys
18:03:28.0456 0x10a8  ggflt - ok
18:03:28.0456 0x10a8  [ 7F56A3E09A6AD40B07E4EFAD34A40A18, E0EC4293035162E9EFA89A45FFF26B5BC829F7BB7F4D2D5A2CAA5E88AC6DC0C9 ] ggsomc          C:\WINDOWS\System32\drivers\ggsomc.sys
18:03:28.0471 0x10a8  ggsomc - ok
18:03:28.0487 0x10a8  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:03:28.0503 0x10a8  GPIOClx0101 - ok
18:03:28.0535 0x10a8  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:03:28.0614 0x10a8  gpsvc - ok
18:03:28.0614 0x10a8  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:03:28.0645 0x10a8  GpuEnergyDrv - ok
18:03:28.0645 0x10a8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:03:28.0661 0x10a8  gupdate - ok
18:03:28.0661 0x10a8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:03:28.0676 0x10a8  gupdatem - ok
18:03:28.0692 0x10a8  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
18:03:28.0724 0x10a8  HdAudAddService - ok
18:03:28.0724 0x10a8  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:03:28.0755 0x10a8  HDAudBus - ok
18:03:28.0755 0x10a8  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:03:28.0771 0x10a8  HidBatt - ok
18:03:28.0787 0x10a8  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:03:28.0802 0x10a8  HidBth - ok
18:03:28.0802 0x10a8  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:03:28.0819 0x1340  Object send P2P result: true
18:03:28.0819 0x1340  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:03:28.0819 0x10a8  hidi2c - ok
18:03:28.0835 0x10a8  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:03:28.0850 0x10a8  hidinterrupt - ok
18:03:28.0850 0x10a8  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:03:28.0866 0x10a8  HidIr - ok
18:03:28.0881 0x10a8  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:03:28.0897 0x10a8  hidserv - ok
18:03:28.0913 0x10a8  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:03:28.0929 0x10a8  HidUsb - ok
18:03:28.0945 0x10a8  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:03:28.0976 0x10a8  HomeGroupListener - ok
18:03:28.0992 0x10a8  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:03:29.0023 0x10a8  HomeGroupProvider - ok
18:03:29.0023 0x10a8  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:03:29.0040 0x10a8  HpSAMD - ok
18:03:29.0102 0x10a8  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
18:03:29.0102 0x10a8  HTCMonitorService - ok
18:03:29.0150 0x10a8  [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:03:29.0181 0x10a8  HTTP - ok
18:03:29.0197 0x10a8  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:03:29.0213 0x10a8  hwpolicy - ok
18:03:29.0213 0x10a8  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:03:29.0228 0x10a8  hyperkbd - ok
18:03:29.0244 0x10a8  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:03:29.0260 0x10a8  i8042prt - ok
18:03:29.0276 0x10a8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
18:03:29.0292 0x10a8  iai2c - ok
18:03:29.0292 0x10a8  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:03:29.0323 0x10a8  iaLPSS2i_I2C - ok
18:03:29.0323 0x10a8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:03:29.0339 0x10a8  iaLPSSi_GPIO - ok
18:03:29.0354 0x10a8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:03:29.0371 0x10a8  iaLPSSi_I2C - ok
18:03:29.0386 0x10a8  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:03:29.0418 0x10a8  iaStorAV - ok
18:03:29.0449 0x10a8  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:03:29.0465 0x10a8  iaStorV - ok
18:03:29.0481 0x10a8  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
18:03:29.0512 0x10a8  ibbus - ok
18:03:29.0528 0x10a8  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
18:03:29.0544 0x10a8  icssvc - ok
18:03:29.0559 0x10a8  [ D1C82248C23BD4D511248903AAB9C3DF, FC0B1FA2EBA8CA063AD2995F0AB92B69E0D90C0801733C685D7D7B1406EF4ECB ] IdcFltr         C:\WINDOWS\System32\drivers\idcfltr.sys
18:03:29.0559 0x10a8  IdcFltr - ok
18:03:29.0575 0x10a8  IEEtwCollectorService - ok
18:03:29.0607 0x10a8  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:03:29.0654 0x10a8  IKEEXT - ok
18:03:29.0670 0x10a8  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:03:29.0685 0x10a8  intelide - ok
18:03:29.0685 0x10a8  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:03:29.0702 0x10a8  intelpep - ok
18:03:29.0718 0x10a8  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:03:29.0733 0x10a8  intelppm - ok
18:03:29.0749 0x10a8  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
18:03:29.0764 0x10a8  IoQos - ok
18:03:29.0764 0x10a8  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:03:29.0780 0x10a8  IpFilterDriver - ok
18:03:29.0812 0x10a8  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:03:29.0844 0x0c28  Object send P2P result: true
18:03:29.0844 0x0c28  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
18:03:29.0875 0x10a8  iphlpsvc - ok
18:03:29.0875 0x10a8  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:03:29.0890 0x10a8  IPMIDRV - ok
18:03:29.0906 0x10a8  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:03:29.0923 0x10a8  IPNAT - ok
18:03:29.0954 0x10a8  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:03:29.0970 0x10a8  iPod Service - ok
18:03:29.0985 0x10a8  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:03:30.0001 0x10a8  IRENUM - ok
18:03:30.0016 0x10a8  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:03:30.0016 0x10a8  isapnp - ok
18:03:30.0033 0x10a8  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:03:30.0049 0x10a8  iScsiPrt - ok
18:03:30.0064 0x10a8  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:03:30.0080 0x10a8  kbdclass - ok
18:03:30.0080 0x10a8  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:03:30.0096 0x10a8  kbdhid - ok
18:03:30.0111 0x10a8  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
18:03:30.0127 0x10a8  kdnic - ok
18:03:30.0127 0x10a8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:03:30.0143 0x10a8  KeyIso - ok
18:03:30.0159 0x10a8  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:03:30.0175 0x10a8  KSecDD - ok
18:03:30.0175 0x10a8  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:03:30.0206 0x10a8  KSecPkg - ok
18:03:30.0206 0x10a8  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:03:30.0222 0x10a8  ksthunk - ok
18:03:30.0237 0x10a8  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:03:30.0269 0x10a8  KtmRm - ok
18:03:30.0285 0x10a8  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:03:30.0316 0x10a8  LanmanServer - ok
18:03:30.0332 0x10a8  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:03:30.0363 0x10a8  LanmanWorkstation - ok
18:03:30.0380 0x10a8  [ EF1075935CEF62BD9D499A9BB0752EFC, F2419F2A6E58C235AF8FDF548545203C8E2AE323EFDEEE4667E6F4D83BC4DCB2 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
18:03:30.0411 0x10a8  LavasoftAdAwareService11 - ok
18:03:30.0427 0x10a8  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
18:03:30.0442 0x10a8  lfsvc - ok
18:03:30.0442 0x10a8  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
18:03:30.0458 0x10a8  LicenseManager - ok
18:03:30.0475 0x10a8  [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:03:30.0490 0x10a8  Live Updater Service - ok
18:03:30.0506 0x10a8  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
18:03:30.0521 0x10a8  lltdio - ok
18:03:30.0537 0x10a8  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:03:30.0568 0x10a8  lltdsvc - ok
18:03:30.0568 0x10a8  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:03:30.0601 0x10a8  lmhosts - ok
18:03:30.0601 0x10a8  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:03:30.0616 0x10a8  LSI_SAS - ok
18:03:30.0632 0x10a8  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:03:30.0647 0x10a8  LSI_SAS2i - ok
18:03:30.0663 0x10a8  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:03:30.0679 0x10a8  LSI_SAS3i - ok
18:03:30.0679 0x10a8  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:03:30.0703 0x10a8  LSI_SSS - ok
18:03:30.0728 0x10a8  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
18:03:30.0785 0x10a8  LSM - ok
18:03:30.0797 0x10a8  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:03:30.0834 0x10a8  luafv - ok
18:03:30.0842 0x10a8  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
18:03:30.0865 0x10a8  MapsBroker - ok
18:03:30.0873 0x10a8  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:03:30.0889 0x10a8  megasas - ok
18:03:30.0910 0x10a8  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:03:30.0941 0x10a8  megasr - ok
18:03:30.0950 0x10a8  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:03:30.0974 0x10a8  MessagingService - ok
18:03:31.0035 0x10a8  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:03:31.0075 0x10a8  mlx4_bus - ok
18:03:31.0084 0x10a8  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
18:03:31.0107 0x10a8  MMCSS - ok
18:03:31.0114 0x10a8  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:03:31.0140 0x10a8  Modem - ok
18:03:31.0148 0x10a8  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:03:31.0166 0x10a8  monitor - ok
18:03:31.0173 0x10a8  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:03:31.0188 0x10a8  mouclass - ok
18:03:31.0196 0x10a8  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:03:31.0215 0x10a8  mouhid - ok
18:03:31.0223 0x10a8  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:03:31.0240 0x10a8  mountmgr - ok
18:03:31.0248 0x10a8  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:03:31.0267 0x10a8  mpsdrv - ok
18:03:31.0299 0x10a8  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:03:31.0304 0x1340  Object send P2P result: true
18:03:31.0304 0x1340  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:03:31.0352 0x10a8  MpsSvc - ok
18:03:31.0364 0x10a8  [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:03:31.0390 0x10a8  MRxDAV - ok
18:03:31.0406 0x10a8  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:03:31.0433 0x10a8  mrxsmb - ok
18:03:31.0452 0x10a8  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:03:31.0470 0x10a8  mrxsmb10 - ok
18:03:31.0486 0x10a8  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:03:31.0501 0x10a8  mrxsmb20 - ok
18:03:31.0517 0x10a8  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
18:03:31.0533 0x10a8  MsBridge - ok
18:03:31.0549 0x10a8  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:03:31.0565 0x10a8  MSDTC - ok
18:03:31.0580 0x10a8  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:03:31.0596 0x10a8  Msfs - ok
18:03:31.0612 0x10a8  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:03:31.0627 0x10a8  msgpiowin32 - ok
18:03:31.0628 0x10a8  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:03:31.0644 0x10a8  mshidkmdf - ok
18:03:31.0644 0x10a8  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:03:31.0659 0x10a8  mshidumdf - ok
18:03:31.0675 0x10a8  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:03:31.0675 0x10a8  msisadrv - ok
18:03:31.0691 0x10a8  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:03:31.0722 0x10a8  MSiSCSI - ok
18:03:31.0722 0x10a8  msiserver - ok
18:03:31.0722 0x10a8  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
18:03:31.0739 0x10a8  MSKSSRV - ok
18:03:31.0754 0x10a8  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
18:03:31.0785 0x10a8  MsLldp - ok
18:03:31.0785 0x10a8  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
18:03:31.0801 0x10a8  MSPCLOCK - ok
18:03:31.0801 0x10a8  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
18:03:31.0817 0x10a8  MSPQM - ok
18:03:31.0832 0x10a8  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:03:31.0865 0x10a8  MsRPC - ok
18:03:31.0880 0x10a8  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:03:31.0880 0x10a8  mssmbios - ok
18:03:31.0896 0x10a8  [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:03:31.0911 0x10a8  MSSQLServerADHelper100 - ok
18:03:31.0911 0x10a8  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
18:03:31.0927 0x10a8  MSTEE - ok
18:03:31.0927 0x10a8  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:03:31.0943 0x10a8  MTConfig - ok
18:03:31.0959 0x10a8  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:03:31.0975 0x10a8  Mup - ok
18:03:31.0975 0x10a8  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:03:31.0991 0x10a8  mvumis - ok
         
__________________

Alt 06.01.2016, 18:16   #4
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



teil2:
Code:
ATTFilter
18:03:32.0022 0x10a8  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:03:32.0053 0x10a8  NativeWifiP - ok
18:03:32.0070 0x10a8  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:03:32.0101 0x10a8  NcaSvc - ok
18:03:32.0117 0x10a8  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:03:32.0148 0x10a8  NcbService - ok
18:03:32.0148 0x10a8  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:03:32.0196 0x10a8  NcdAutoSetup - ok
18:03:32.0196 0x10a8  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
18:03:32.0211 0x10a8  ndfltr - ok
18:03:32.0243 0x10a8  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:03:32.0306 0x10a8  NDIS - ok
18:03:32.0322 0x10a8  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
18:03:32.0337 0x10a8  NdisCap - ok
18:03:32.0337 0x0c28  Object send P2P result: true
18:03:32.0337 0x10a8  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:03:32.0369 0x10a8  NdisImPlatform - ok
18:03:32.0369 0x10a8  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:03:32.0384 0x10a8  NdisTapi - ok
18:03:32.0401 0x10a8  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
18:03:32.0416 0x10a8  Ndisuio - ok
18:03:32.0416 0x10a8  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:03:32.0448 0x10a8  NdisVirtualBus - ok
18:03:32.0448 0x10a8  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
18:03:32.0479 0x10a8  NdisWan - ok
18:03:32.0495 0x10a8  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:03:32.0511 0x10a8  ndiswanlegacy - ok
18:03:32.0511 0x10a8  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:03:32.0542 0x10a8  ndproxy - ok
18:03:32.0542 0x10a8  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:03:32.0574 0x10a8  Ndu - ok
18:03:32.0574 0x10a8  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
18:03:32.0589 0x10a8  NetBIOS - ok
18:03:32.0605 0x10a8  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:03:32.0641 0x10a8  NetBT - ok
18:03:32.0648 0x10a8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:03:32.0655 0x10a8  Netlogon - ok
18:03:32.0670 0x10a8  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
18:03:32.0702 0x10a8  Netman - ok
18:03:32.0717 0x10a8  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:03:32.0765 0x10a8  netprofm - ok
18:03:32.0813 0x10a8  [ A69AB65E89C5A0348B995C5E78F6380C, 5A59E058D5ED8AA4EA9FCB4EC8ADD5E28DC265CA3C35F6BA567EB3F6AE69F7F0 ] netr28ux        C:\WINDOWS\System32\drivers\netr28ux.sys
18:03:32.0923 0x10a8  netr28ux - ok
18:03:32.0939 0x10a8  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
18:03:32.0956 0x10a8  NetSetupSvc - ok
18:03:32.0971 0x10a8  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:03:32.0987 0x10a8  NetTcpPortSharing - ok
18:03:33.0003 0x10a8  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
18:03:33.0034 0x10a8  NgcCtnrSvc - ok
18:03:33.0066 0x10a8  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
18:03:33.0097 0x10a8  NgcSvc - ok
18:03:33.0113 0x10a8  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:03:33.0144 0x10a8  NlaSvc - ok
18:03:33.0176 0x10a8  [ D0F743BD1F8E402E4A52D83574828AC2, F420A51DC52D82289313C36B76A76DB2DE3FC89132B78D76ACF4303AF47CB6BA ] NoIPDUCService4 D:\Program Files (x86)\No-IP\ducservice.exe
18:03:33.0176 0x10a8  NoIPDUCService4 - detected UnsignedFile.Multi.Generic ( 1 )
18:03:33.0949 0x1340  Object send P2P result: true
18:03:33.0949 0x1340  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:03:35.0594 0x10a8  Detect skipped due to KSN trusted
18:03:35.0594 0x10a8  NoIPDUCService4 - ok
18:03:35.0610 0x10a8  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:03:35.0626 0x10a8  Npfs - ok
18:03:35.0626 0x10a8  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:03:35.0641 0x10a8  npsvctrig - ok
18:03:35.0657 0x10a8  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:03:35.0673 0x10a8  nsi - ok
18:03:35.0673 0x10a8  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:03:35.0688 0x10a8  nsiproxy - ok
18:03:35.0705 0x10a8  [ 20E179A7FE78B37A02D30C4D34C870E7, 3E720CD52749E2F86897A89A2B7D3DE4C14255638111DB644C8F2C15174A6A2A ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
18:03:35.0720 0x10a8  nSvcIp - ok
18:03:35.0783 0x10a8  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
18:03:35.0862 0x10a8  NTFS - ok
18:03:35.0878 0x10a8  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:03:35.0893 0x10a8  Null - ok
18:03:36.0209 0x10a8  [ CFD65B9A3842A8F7590E04F5563B7E48, C3FAF1D5B7CC390D04A671D4E7F3112B5E8F75B6F7F5A937D891F7A28B16F6BD ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:03:36.0556 0x10a8  nvlddmkm - ok
18:03:36.0588 0x1340  Object send P2P result: true
18:03:36.0603 0x10a8  [ 37B0088B8E7F2A8AD0AE2281A70E0D13, 50256EEADBBC5CCCF3EBAEB9020D91EDB9961E7404BD41067A4290362BE6962F ] NVNET           C:\WINDOWS\System32\drivers\nvmf6264.sys
18:03:36.0635 0x10a8  NVNET - ok
18:03:36.0666 0x10a8  [ 903A40C958D471F9D30D29FA6D2800A4, 4641F8E8B20EE9AF8AB61E61AD74D41A4E9F51C906EC5F3BDC484FFAFB540E69 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:03:36.0729 0x10a8  NvNetworkService - ok
18:03:36.0729 0x10a8  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:03:36.0745 0x10a8  nvraid - ok
18:03:36.0761 0x10a8  [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu           C:\WINDOWS\system32\DRIVERS\nvsmu.sys
18:03:36.0761 0x10a8  nvsmu - ok
18:03:36.0776 0x10a8  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:03:36.0792 0x10a8  nvstor - ok
18:03:36.0809 0x10a8  [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64        C:\WINDOWS\system32\drivers\nvstor64.sys
18:03:36.0824 0x10a8  nvstor64 - ok
18:03:37.0186 0x10a8  [ 68DE8D996D8FF628AB6B3D422035F862, 239CE5BE15F39966AE5243971FE75BDFB35359F92C8294C61155C863F4B3C40E ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:03:37.0611 0x10a8  NvStreamSvc - ok
18:03:37.0675 0x10a8  [ F3A837A403C0E92A7475913659DECF94, D76875A11889474203A5CBACE5912562C4361C1A7A9AEB3DD06AF1E4523F4D98 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
18:03:37.0706 0x10a8  nvsvc - ok
18:03:37.0722 0x10a8  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:03:37.0722 0x10a8  nvvad_WaveExtensible - ok
18:03:37.0737 0x10a8  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:03:37.0753 0x10a8  nv_agp - ok
18:03:37.0769 0x10a8  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
18:03:37.0801 0x10a8  OneSyncSvc - ok
18:03:37.0848 0x10a8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:03:37.0863 0x10a8  ose - ok
18:03:37.0879 0x10a8  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:03:37.0911 0x10a8  p2pimsvc - ok
18:03:37.0927 0x10a8  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:03:37.0958 0x10a8  p2psvc - ok
18:03:37.0958 0x10a8  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:03:37.0989 0x10a8  Parport - ok
18:03:37.0989 0x10a8  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:03:38.0006 0x10a8  partmgr - ok
18:03:38.0022 0x10a8  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:03:38.0037 0x10a8  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
18:03:40.0507 0x10a8  Detect skipped due to KSN trusted
18:03:40.0507 0x10a8  PassThru Service - ok
18:03:40.0555 0x10a8  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:03:40.0586 0x10a8  PcaSvc - ok
18:03:40.0602 0x10a8  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:03:40.0633 0x10a8  pci - ok
18:03:40.0633 0x10a8  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:03:40.0649 0x10a8  pciide - ok
18:03:40.0665 0x10a8  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:03:40.0681 0x10a8  pcmcia - ok
18:03:40.0681 0x10a8  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:03:40.0697 0x10a8  pcw - ok
18:03:40.0697 0x10a8  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:03:40.0712 0x10a8  pdc - ok
18:03:40.0743 0x10a8  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:03:40.0791 0x10a8  PEAUTH - ok
18:03:40.0838 0x10a8  [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
18:03:40.0933 0x10a8  PeerDistSvc - ok
18:03:40.0949 0x10a8  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
18:03:40.0964 0x10a8  percsas2i - ok
18:03:40.0964 0x10a8  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
18:03:40.0980 0x10a8  percsas3i - ok
18:03:41.0012 0x10a8  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:03:41.0028 0x10a8  PerfHost - ok
18:03:41.0090 0x10a8  [ 47C25D46C70D468A5F617FACC3C6BCAF, 0ED93F659F61C6568F428C72D08DB4348742B9051AF4ED1DCAB8826625B4AE54 ] PhatHack Serial Driver D:\Program Files (x86)\PhatHack\PhatHack Media Manager\Beta\PhatHack Serial Driver.exe
18:03:41.0090 0x10a8  PhatHack Serial Driver - detected UnsignedFile.Multi.Generic ( 1 )
18:03:42.0935 0x2010  Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
18:03:43.0724 0x10a8  PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - warning
18:03:45.0443 0x2010  Object send P2P result: true
18:03:45.0443 0x2010  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
18:03:46.0262 0x10a8  [ 8C5737B889752EC37B49D730C24FB80B, 0101AEBE3870B59BE69DBF20FDD307BEDB10A6DB21750E57B9BD3B1961386979 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
18:03:46.0310 0x10a8  PhoneSvc - ok
18:03:46.0326 0x10a8  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:03:46.0357 0x10a8  PimIndexMaintenanceSvc - ok
18:03:46.0436 0x10a8  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
18:03:46.0515 0x10a8  pla - ok
18:03:46.0531 0x10a8  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:03:46.0562 0x10a8  PlugPlay - ok
18:03:46.0562 0x10a8  [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth         C:\WINDOWS\System32\drivers\pneteth.sys
18:03:46.0578 0x10a8  pneteth - ok
18:03:46.0594 0x10a8  [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm         C:\WINDOWS\system32\DRIVERS\pnetmdm64.sys
18:03:46.0609 0x10a8  pnetmdm - ok
18:03:46.0609 0x10a8  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:03:46.0626 0x10a8  PNRPAutoReg - ok
18:03:46.0641 0x10a8  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:03:46.0673 0x10a8  PNRPsvc - ok
18:03:46.0688 0x10a8  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:03:46.0720 0x10a8  PolicyAgent - ok
18:03:46.0736 0x10a8  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
18:03:46.0767 0x10a8  Power - ok
18:03:46.0767 0x10a8  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
18:03:46.0799 0x10a8  PptpMiniport - ok
18:03:46.0878 0x10a8  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:03:47.0035 0x10a8  PrintNotify - ok
18:03:47.0051 0x10a8  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:03:47.0067 0x10a8  Processor - ok
18:03:47.0083 0x10a8  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:03:47.0114 0x10a8  ProfSvc - ok
18:03:47.0114 0x10a8  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
18:03:47.0130 0x10a8  Psched - ok
18:03:47.0145 0x10a8  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:03:47.0178 0x10a8  QWAVE - ok
18:03:47.0193 0x10a8  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:03:47.0209 0x10a8  QWAVEdrv - ok
18:03:47.0209 0x10a8  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:03:47.0240 0x10a8  RasAcd - ok
18:03:47.0240 0x10a8  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
18:03:47.0256 0x10a8  RasAgileVpn - ok
18:03:47.0271 0x10a8  [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:03:47.0304 0x10a8  RasAuto - ok
18:03:47.0304 0x10a8  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
18:03:47.0335 0x10a8  Rasl2tp - ok
18:03:47.0351 0x10a8  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:03:47.0398 0x10a8  RasMan - ok
18:03:47.0414 0x10a8  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:03:47.0430 0x10a8  RasPppoe - ok
18:03:47.0445 0x10a8  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
18:03:47.0461 0x10a8  RasSstp - ok
18:03:47.0477 0x10a8  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:03:47.0509 0x10a8  rdbss - ok
18:03:47.0509 0x10a8  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:03:47.0524 0x10a8  rdpbus - ok
18:03:47.0540 0x10a8  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:03:47.0556 0x10a8  RDPDR - ok
18:03:47.0571 0x10a8  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:03:47.0587 0x10a8  RdpVideoMiniport - ok
18:03:47.0603 0x10a8  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:03:47.0619 0x10a8  rdyboost - ok
18:03:47.0650 0x10a8  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
18:03:47.0697 0x10a8  ReFSv1 - ok
18:03:47.0729 0x10a8  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:03:47.0761 0x10a8  RemoteAccess - ok
18:03:47.0776 0x10a8  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:03:47.0792 0x10a8  RemoteRegistry - ok
18:03:47.0823 0x10a8  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
18:03:47.0902 0x10a8  RetailDemo - ok
18:03:47.0902 0x10a8  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:03:47.0918 0x10a8  RpcEptMapper - ok
18:03:47.0934 0x10a8  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:03:47.0950 0x10a8  RpcLocator - ok
18:03:47.0950 0x2010  Object send P2P result: true
18:03:47.0950 0x2010  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
18:03:47.0982 0x10a8  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:03:48.0028 0x10a8  RpcSs - ok
18:03:48.0028 0x10a8  [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
18:03:48.0044 0x10a8  RrNetCapFilterDriver - ok
18:03:48.0060 0x10a8  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
18:03:48.0076 0x10a8  rspndr - ok
18:03:48.0092 0x10a8  [ 14190644E437A95B244BFC9B37ACDB61, 793142BF5BD234F6ADA35899CA0E3ED613BE7FD09D035E5851B8C893C20F98FB ] RTL8192su       C:\WINDOWS\System32\drivers\RTL8192su.sys
18:03:48.0139 0x10a8  RTL8192su - ok
18:03:48.0139 0x10a8  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:03:48.0154 0x10a8  s3cap - ok
18:03:48.0171 0x10a8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:03:48.0187 0x10a8  SamSs - ok
18:03:48.0265 0x10a8  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\WNt600x64\Sandra.sys
18:03:48.0265 0x10a8  SANDRA - ok
18:03:48.0281 0x10a8  [ 359CAF41D555FB06A1FB2F162A802D5E, 75D5028703ECCD19C441F4651BFBDE41B1DAB4D548A94354DF56874D078560D0 ] SandraAgentSrv  d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\RpcAgentSrv.exe
18:03:48.0297 0x10a8  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
18:03:50.0441 0x2010  Object send P2P result: true
18:03:50.0441 0x2010  Object required for P2P: [ EF1075935CEF62BD9D499A9BB0752EFC ] LavasoftAdAwareService11
18:03:50.0710 0x10a8  Detect skipped due to KSN trusted
18:03:50.0710 0x10a8  SandraAgentSrv - ok
18:03:50.0725 0x10a8  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:03:50.0741 0x10a8  sbp2port - ok
18:03:50.0757 0x10a8  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:03:50.0788 0x10a8  SCardSvr - ok
18:03:50.0788 0x10a8  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:03:50.0820 0x10a8  ScDeviceEnum - ok
18:03:50.0836 0x10a8  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:03:50.0851 0x10a8  scfilter - ok
18:03:50.0883 0x10a8  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:03:50.0950 0x10a8  Schedule - ok
18:03:50.0962 0x10a8  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:03:50.0977 0x10a8  SCPolicySvc - ok
18:03:50.0993 0x10a8  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:03:51.0009 0x10a8  sdbus - ok
18:03:51.0024 0x10a8  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
18:03:51.0056 0x10a8  SDRSVC - ok
18:03:51.0056 0x10a8  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:03:51.0072 0x10a8  sdstor - ok
18:03:51.0088 0x10a8  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:03:51.0103 0x10a8  seclogon - ok
18:03:51.0103 0x10a8  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
18:03:51.0135 0x10a8  SENS - ok
18:03:51.0167 0x10a8  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:03:51.0251 0x10a8  SensorDataService - ok
18:03:51.0267 0x10a8  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
18:03:51.0298 0x10a8  SensorService - ok
18:03:51.0314 0x10a8  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:03:51.0345 0x10a8  SensrSvc - ok
18:03:51.0345 0x10a8  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:03:51.0362 0x10a8  SerCx - ok
18:03:51.0377 0x10a8  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:03:51.0393 0x10a8  SerCx2 - ok
18:03:51.0393 0x10a8  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:03:51.0409 0x10a8  Serenum - ok
18:03:51.0424 0x10a8  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:03:51.0440 0x10a8  Serial - ok
18:03:51.0440 0x10a8  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:03:51.0471 0x10a8  sermouse - ok
18:03:51.0488 0x10a8  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:03:51.0519 0x10a8  SessionEnv - ok
18:03:51.0519 0x10a8  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:03:51.0550 0x10a8  sfloppy - ok
18:03:51.0566 0x10a8  [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:03:51.0597 0x10a8  SharedAccess - ok
18:03:51.0613 0x10a8  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:03:51.0675 0x10a8  ShellHWDetection - ok
18:03:51.0675 0x10a8  [ 62596AA6EBB6FAE14C8E84ABC4135171, 98E0E0C0FD1CDAC410F053AEDA22B37C7FAC8075B2D1D9D1B6CB651F55B5ACFB ] simptcp         C:\WINDOWS\System32\tcpsvcs.exe
18:03:51.0694 0x10a8  simptcp - ok
18:03:51.0708 0x10a8  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:03:51.0723 0x10a8  SiSRaid2 - ok
18:03:51.0723 0x10a8  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:03:51.0739 0x10a8  SiSRaid4 - ok
18:03:51.0754 0x10a8  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
18:03:51.0770 0x10a8  smphost - ok
18:03:51.0806 0x10a8  [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
18:03:51.0852 0x10a8  SmsRouter - ok
18:03:51.0868 0x10a8  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:03:51.0896 0x10a8  SNMPTRAP - ok
18:03:51.0915 0x10a8  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:03:51.0945 0x10a8  spaceport - ok
18:03:51.0954 0x10a8  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:03:51.0969 0x10a8  SpbCx - ok
18:03:51.0996 0x10a8  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:03:52.0048 0x10a8  Spooler - ok
18:03:52.0212 0x10a8  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:03:52.0425 0x10a8  sppsvc - ok
18:03:52.0441 0x10a8  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:03:52.0456 0x10a8  SQLBrowser - ok
18:03:52.0473 0x10a8  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:03:52.0489 0x10a8  SQLWriter - ok
18:03:52.0504 0x10a8  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:03:52.0536 0x10a8  srv - ok
18:03:52.0551 0x10a8  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:03:52.0599 0x10a8  srv2 - ok
18:03:52.0615 0x10a8  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:03:52.0630 0x10a8  srvnet - ok
18:03:52.0646 0x10a8  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:03:52.0677 0x10a8  SSDPSRV - ok
18:03:52.0677 0x10a8  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:03:52.0709 0x10a8  SstpSvc - ok
18:03:52.0725 0x10a8  [ 383C219BFA39703A5AF40F1636E3A7F8, D515E572EF440CAA5A97335421B284743A331827010EC854480E0234D58FEF43 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:03:52.0741 0x10a8  ssudmdm - ok
18:03:52.0804 0x10a8  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:03:52.0930 0x10a8  StateRepository - ok
18:03:52.0961 0x10a8  [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:03:52.0993 0x10a8  Steam Client Service - ok
18:03:53.0008 0x10a8  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:03:53.0024 0x2010  Object send P2P result: true
18:03:53.0025 0x2010  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
18:03:53.0041 0x10a8  Stereo Service - ok
18:03:53.0041 0x10a8  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:03:53.0056 0x10a8  stexstor - ok
18:03:53.0072 0x10a8  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:03:53.0119 0x10a8  stisvc - ok
18:03:53.0135 0x10a8  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:03:53.0151 0x10a8  storahci - ok
18:03:53.0151 0x10a8  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:03:53.0167 0x10a8  storflt - ok
18:03:53.0182 0x10a8  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:03:53.0198 0x10a8  stornvme - ok
18:03:53.0198 0x10a8  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
18:03:53.0213 0x10a8  storqosflt - ok
18:03:53.0246 0x10a8  [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:03:53.0277 0x10a8  StorSvc - ok
18:03:53.0293 0x10a8  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
18:03:53.0308 0x10a8  storufs - ok
18:03:53.0308 0x10a8  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:03:53.0324 0x10a8  storvsc - ok
18:03:53.0324 0x10a8  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:03:53.0356 0x10a8  svsvc - ok
18:03:53.0356 0x10a8  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:03:53.0372 0x10a8  swenum - ok
18:03:53.0387 0x10a8  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
18:03:53.0434 0x10a8  swprv - ok
18:03:53.0434 0x10a8  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:03:53.0450 0x10a8  Synth3dVsc - ok
18:03:53.0482 0x10a8  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:03:53.0545 0x10a8  SysMain - ok
18:03:53.0560 0x10a8  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:03:53.0592 0x10a8  SystemEventsBroker - ok
18:03:53.0608 0x10a8  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:03:53.0624 0x10a8  TabletInputService - ok
18:03:53.0639 0x10a8  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:03:53.0671 0x10a8  TapiSrv - ok
18:03:53.0687 0x10a8  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\WINDOWS\system32\drivers\tbhsd.sys
18:03:53.0687 0x10a8  tbhsd - ok
18:03:53.0750 0x10a8  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:03:53.0844 0x10a8  Tcpip - ok
18:03:53.0908 0x10a8  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
18:03:53.0986 0x10a8  Tcpip6 - ok
18:03:54.0002 0x10a8  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:03:54.0018 0x10a8  tcpipreg - ok
18:03:54.0034 0x10a8  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:03:54.0050 0x10a8  tdx - ok
18:03:54.0222 0x10a8  [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:03:54.0412 0x10a8  TeamViewer - ok
18:03:54.0428 0x10a8  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:03:54.0443 0x10a8  terminpt - ok
18:03:54.0475 0x10a8  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
18:03:54.0538 0x10a8  TermService - ok
18:03:54.0538 0x10a8  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
18:03:54.0570 0x10a8  Themes - ok
18:03:54.0586 0x10a8  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:03:54.0617 0x10a8  TieringEngineService - ok
18:03:54.0633 0x10a8  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
18:03:54.0681 0x10a8  tiledatamodelsvc - ok
18:03:54.0681 0x10a8  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:03:54.0712 0x10a8  TimeBroker - ok
18:03:54.0712 0x10a8  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
18:03:54.0743 0x10a8  TPM - ok
18:03:54.0743 0x10a8  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:03:54.0774 0x10a8  TrkWks - ok
18:03:54.0794 0x10a8  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] Trufos          C:\WINDOWS\system32\DRIVERS\Trufos.sys
18:03:54.0813 0x10a8  Trufos - ok
18:03:54.0813 0x10a8  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:03:54.0844 0x10a8  TrustedInstaller - ok
18:03:54.0844 0x10a8  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
18:03:54.0859 0x10a8  tsusbflt - ok
18:03:54.0875 0x10a8  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:03:54.0892 0x10a8  TsUsbGD - ok
18:03:54.0892 0x10a8  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
18:03:54.0923 0x10a8  tunnel - ok
18:03:54.0939 0x10a8  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
18:03:54.0954 0x10a8  tzautoupdate - ok
18:03:54.0970 0x10a8  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:03:54.0970 0x10a8  uagp35 - ok
18:03:54.0985 0x10a8  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:03:55.0002 0x10a8  UASPStor - ok
18:03:55.0002 0x10a8  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
18:03:55.0033 0x10a8  UcmCx0101 - ok
18:03:55.0033 0x10a8  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:03:55.0049 0x10a8  UcmUcsi - ok
18:03:55.0065 0x10a8  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
18:03:55.0080 0x10a8  Ucx01000 - ok
18:03:55.0096 0x10a8  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
18:03:55.0112 0x10a8  UdeCx - ok
18:03:55.0112 0x10a8  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:03:55.0144 0x10a8  udfs - ok
18:03:55.0159 0x10a8  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:03:55.0175 0x10a8  UEFI - ok
18:03:55.0175 0x10a8  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
18:03:55.0206 0x10a8  Ufx01000 - ok
18:03:55.0206 0x10a8  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:03:55.0223 0x10a8  UfxChipidea - ok
18:03:55.0238 0x10a8  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:03:55.0254 0x10a8  ufxsynopsys - ok
18:03:55.0270 0x10a8  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:03:55.0285 0x10a8  UI0Detect - ok
18:03:55.0301 0x10a8  [ 5B99D25F5CA1F20CCED62381ED41793E, 672B40021E0C623ED8C7E3203261837B43A5EE750E59DAFC4D6EAC4911B12F44 ] UimBus          C:\WINDOWS\System32\drivers\UimBus.sys
18:03:55.0301 0x10a8  UimBus - ok
18:03:55.0317 0x10a8  [ 67F428FA5F059A974529ECBA6A6C9D71, 912BCAEC818317AFD051351D5EAAF3B5EC8E5AD3CC9C1B8FC17F5DB78829615A ] Uim_DEVIM       C:\WINDOWS\System32\drivers\uim_devim.sys
18:03:55.0333 0x10a8  Uim_DEVIM - ok
18:03:55.0349 0x10a8  [ 76E93AD89DEC20EE2AF99E17183F85AB, 4ED49ADA41FA2BFDCC11861241428E23E8396E72BE10929FF01F0FE48D3DF2C2 ] Uim_IM          C:\WINDOWS\System32\drivers\uim_im.sys
18:03:55.0380 0x10a8  Uim_IM - ok
18:03:55.0396 0x10a8  [ 441E8BC5E68200038F0F1941A10C85F4, B93FB9DEC5365D526737A50C7958DB7441C515DF4AAACB6306998E18CF14F69B ] Uim_VIM         C:\WINDOWS\System32\Drivers\uim_vimx64.sys
18:03:55.0411 0x10a8  Uim_VIM - ok
18:03:55.0427 0x10a8  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:03:55.0444 0x10a8  uliagpkx - ok
18:03:55.0444 0x10a8  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:03:55.0459 0x10a8  umbus - ok
18:03:55.0475 0x10a8  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:03:55.0490 0x10a8  UmPass - ok
18:03:55.0490 0x10a8  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:03:55.0522 0x10a8  UmRdpService - ok
18:03:55.0537 0x2010  Object send P2P result: true
18:03:55.0570 0x10a8  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
18:03:55.0632 0x10a8  UnistoreSvc - ok
18:03:55.0680 0x10a8  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:03:55.0727 0x10a8  upnphost - ok
18:03:55.0727 0x10a8  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
18:03:55.0742 0x10a8  UrsChipidea - ok
18:03:55.0742 0x10a8  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
18:03:55.0758 0x10a8  UrsCx01000 - ok
18:03:55.0775 0x10a8  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
18:03:55.0790 0x10a8  UrsSynopsys - ok
18:03:55.0790 0x10a8  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
18:03:55.0822 0x10a8  usbaudio - ok
18:03:55.0822 0x10a8  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:03:55.0837 0x10a8  usbccgp - ok
18:03:55.0853 0x10a8  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:03:55.0868 0x10a8  usbcir - ok
18:03:55.0885 0x10a8  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:03:55.0885 0x10a8  usbehci - ok
18:03:55.0916 0x10a8  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:03:55.0948 0x10a8  usbhub - ok
18:03:55.0963 0x10a8  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:03:55.0995 0x10a8  USBHUB3 - ok
18:03:55.0995 0x10a8  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:03:56.0011 0x10a8  usbohci - ok
18:03:56.0027 0x10a8  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:03:56.0042 0x10a8  usbprint - ok
18:03:56.0042 0x10a8  [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
18:03:56.0058 0x10a8  usbser - ok
18:03:56.0074 0x10a8  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:03:56.0089 0x10a8  USBSTOR - ok
18:03:56.0089 0x10a8  [ 9FB923D198FB99A8AC93256AC453033B, DDD9AB09DE598C3AAFDDA51C4544F4851D86768A09F32DD42AA5D6E85307A7B9 ] usbUDisc        C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys
18:03:56.0106 0x10a8  usbUDisc - ok
18:03:56.0106 0x10a8  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:03:56.0121 0x10a8  usbuhci - ok
18:03:56.0137 0x10a8  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:03:56.0168 0x10a8  usbvideo - ok
18:03:56.0169 0x10a8  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:03:56.0206 0x10a8  USBXHCI - ok
18:03:56.0237 0x10a8  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
18:03:56.0316 0x10a8  UserDataSvc - ok
18:03:56.0379 0x10a8  [ CA902510DAF327CCFA59BCBFC00B3BAE, 3282993B28B64E2D7D4C94E5B2643431C96BF1AB30B48C30BED565F457D02B45 ] UserManager     C:\WINDOWS\System32\usermgr.dll
18:03:56.0442 0x10a8  UserManager - ok
18:03:56.0458 0x10a8  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
18:03:56.0489 0x10a8  UsoSvc - ok
18:03:56.0489 0x10a8  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:03:56.0505 0x10a8  VaultSvc - ok
18:03:56.0520 0x10a8  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:03:56.0537 0x10a8  vdrvroot - ok
18:03:56.0562 0x10a8  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
18:03:56.0600 0x10a8  vds - ok
18:03:56.0615 0x10a8  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:03:56.0631 0x10a8  VerifierExt - ok
18:03:56.0663 0x10a8  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:03:56.0694 0x10a8  vhdmp - ok
18:03:56.0694 0x10a8  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
18:03:56.0710 0x10a8  vhf - ok
18:03:56.0726 0x10a8  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:03:56.0741 0x10a8  vmbus - ok
18:03:56.0741 0x10a8  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:03:56.0758 0x10a8  VMBusHID - ok
18:03:56.0773 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:03:56.0820 0x10a8  vmicguestinterface - ok
18:03:56.0836 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:03:56.0868 0x10a8  vmicheartbeat - ok
18:03:56.0884 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:03:56.0915 0x10a8  vmickvpexchange - ok
18:03:56.0931 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:03:56.0962 0x10a8  vmicrdv - ok
18:03:56.0979 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:03:57.0025 0x10a8  vmicshutdown - ok
18:03:57.0041 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:03:57.0072 0x10a8  vmictimesync - ok
18:03:57.0088 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
18:03:57.0119 0x10a8  vmicvmsession - ok
18:03:57.0135 0x10a8  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:03:57.0166 0x10a8  vmicvss - ok
18:03:57.0182 0x10a8  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:03:57.0182 0x10a8  volmgr - ok
18:03:57.0198 0x10a8  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:03:57.0230 0x10a8  volmgrx - ok
18:03:57.0245 0x10a8  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:03:57.0276 0x10a8  volsnap - ok
18:03:57.0276 0x10a8  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:03:57.0292 0x10a8  vpci - ok
18:03:57.0308 0x10a8  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:03:57.0324 0x10a8  vsmraid - ok
18:03:57.0356 0x10a8  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
18:03:57.0435 0x10a8  VSS - ok
18:03:57.0450 0x10a8  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:03:57.0482 0x10a8  VSTXRAID - ok
18:03:57.0482 0x10a8  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:03:57.0513 0x10a8  vwifibus - ok
18:03:57.0513 0x10a8  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
18:03:57.0529 0x10a8  vwififlt - ok
18:03:57.0545 0x10a8  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
18:03:57.0561 0x10a8  vwifimp - ok
18:03:57.0576 0x10a8  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
18:03:57.0623 0x10a8  W32Time - ok
18:03:57.0623 0x10a8  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:03:57.0655 0x10a8  w3logsvc - ok
18:03:57.0671 0x10a8  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:03:57.0702 0x10a8  W3SVC - ok
18:03:57.0718 0x10a8  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:03:57.0734 0x10a8  WacomPen - ok
18:03:57.0750 0x10a8  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
18:03:57.0781 0x10a8  WalletService - ok
18:03:57.0797 0x10a8  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:03:57.0813 0x10a8  wanarp - ok
18:03:57.0828 0x10a8  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:03:57.0844 0x10a8  wanarpv6 - ok
18:03:57.0860 0x10a8  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:03:57.0892 0x10a8  WAS - ok
18:03:57.0939 0x10a8  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:03:58.0018 0x10a8  wbengine - ok
18:03:58.0033 0x10a8  [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:03:58.0081 0x10a8  WbioSrvc - ok
18:03:58.0097 0x10a8  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:03:58.0144 0x10a8  Wcmsvc - ok
18:03:58.0159 0x10a8  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:03:58.0207 0x10a8  wcncsvc - ok
18:03:58.0207 0x10a8  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:03:58.0223 0x10a8  WcsPlugInService - ok
18:03:58.0254 0x10a8  [ 6211C43075D3538ADBF344F77C1A337C, 1B4F21358C0ED8666213F897F7F254985E8666AC14568157A7143DD3DC9B2ADF ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:03:58.0302 0x10a8  WDBackup - ok
18:03:58.0302 0x10a8  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:03:58.0318 0x10a8  WdBoot - ok
18:03:58.0333 0x10a8  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
18:03:58.0349 0x10a8  WDC_SAM - ok
18:03:58.0365 0x10a8  [ 4FF0B0152F9D669258F8692C047B03B1, E88398364405BFD13B91565E032C8FA2E9EF348C20B5295157683D6228E84786 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:03:58.0380 0x10a8  WDDriveService - ok
18:03:58.0396 0x10a8  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:03:58.0444 0x10a8  Wdf01000 - ok
18:03:58.0444 0x10a8  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:03:58.0475 0x10a8  WdFilter - ok
18:03:58.0475 0x10a8  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:03:58.0506 0x10a8  WdiServiceHost - ok
18:03:58.0506 0x10a8  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:03:58.0538 0x10a8  WdiSystemHost - ok
18:03:58.0570 0x10a8  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:03:58.0601 0x10a8  wdiwifi - ok
18:03:58.0617 0x10a8  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:03:58.0633 0x10a8  WdNisDrv - ok
18:03:58.0633 0x10a8  WdNisSvc - ok
18:03:58.0649 0x10a8  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:03:58.0680 0x10a8  WebClient - ok
18:03:58.0696 0x10a8  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:03:58.0727 0x10a8  Wecsvc - ok
18:03:58.0727 0x10a8  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:03:58.0744 0x10a8  WEPHOSTSVC - ok
18:03:58.0759 0x10a8  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:03:58.0790 0x10a8  wercplsupport - ok
18:03:58.0790 0x10a8  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:03:58.0822 0x10a8  WerSvc - ok
18:03:58.0837 0x10a8  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
18:03:58.0854 0x10a8  WFPLWFS - ok
18:03:58.0870 0x10a8  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:03:58.0885 0x10a8  WiaRpc - ok
18:03:58.0885 0x10a8  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:03:58.0901 0x10a8  WIMMount - ok
18:03:58.0901 0x10a8  WinDefend - ok
18:03:58.0932 0x10a8  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:03:58.0948 0x10a8  WindowsTrustedRT - ok
18:03:58.0948 0x10a8  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:03:58.0964 0x10a8  WindowsTrustedRTProxy - ok
18:03:58.0980 0x10a8  [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:03:59.0027 0x10a8  WinHttpAutoProxySvc - ok
18:03:59.0042 0x10a8  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
18:03:59.0058 0x10a8  WinMad - ok
18:03:59.0075 0x10a8  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:03:59.0090 0x10a8  Winmgmt - ok
18:03:59.0168 0x10a8  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:03:59.0279 0x10a8  WinRM - ok
18:03:59.0295 0x10a8  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
18:03:59.0311 0x10a8  WINUSB - ok
18:03:59.0327 0x10a8  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
18:03:59.0342 0x10a8  WinVerbs - ok
18:03:59.0406 0x10a8  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:03:59.0516 0x10a8  WlanSvc - ok
18:03:59.0563 0x10a8  [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:03:59.0673 0x10a8  wlidsvc - ok
18:03:59.0682 0x10a8  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:03:59.0689 0x10a8  WmiAcpi - ok
18:03:59.0705 0x10a8  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:03:59.0737 0x10a8  wmiApSrv - ok
18:03:59.0737 0x10a8  WMPNetworkSvc - ok
18:03:59.0753 0x10a8  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:03:59.0768 0x10a8  Wof - ok
18:03:59.0815 0x10a8  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:03:59.0910 0x10a8  workfolderssvc - ok
18:03:59.0925 0x10a8  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:03:59.0941 0x10a8  wpcfltr - ok
18:03:59.0941 0x10a8  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:03:59.0973 0x10a8  WPDBusEnum - ok
18:03:59.0973 0x10a8  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:03:59.0989 0x10a8  WpdUpFltr - ok
18:03:59.0989 0x10a8  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
18:04:00.0020 0x10a8  WpnService - ok
18:04:00.0020 0x10a8  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:04:00.0036 0x10a8  ws2ifsl - ok
18:04:00.0060 0x10a8  [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:04:00.0077 0x10a8  wscsvc - ok
18:04:00.0092 0x10a8  WSearch - ok
18:04:00.0171 0x10a8  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
18:04:00.0297 0x10a8  WSService - ok
18:04:00.0375 0x10a8  [ C2D78B6667E0341802C4F38E9C02F93D, D2639EF935C5C5BCFECF1BDACC1BA480786A810084EEB62B7C5A0E57618FCCE1 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:04:00.0470 0x10a8  wuauserv - ok
18:04:00.0486 0x10a8  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:04:00.0502 0x10a8  WudfPf - ok
18:04:00.0518 0x10a8  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
18:04:00.0549 0x10a8  WUDFRd - ok
18:04:00.0549 0x10a8  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:04:00.0565 0x10a8  wudfsvc - ok
18:04:00.0581 0x10a8  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:04:00.0612 0x10a8  WUDFWpdFs - ok
18:04:00.0644 0x10a8  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:04:00.0707 0x10a8  WwanSvc - ok
18:04:00.0739 0x10a8  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
18:04:00.0786 0x10a8  XblAuthManager - ok
18:04:00.0834 0x10a8  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
18:04:00.0896 0x10a8  XblGameSave - ok
18:04:00.0896 0x10a8  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
18:04:00.0927 0x10a8  xboxgip - ok
18:04:00.0960 0x10a8  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
18:04:01.0022 0x10a8  XboxNetApiSvc - ok
18:04:01.0022 0x10a8  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
18:04:01.0038 0x10a8  xinputhid - ok
18:04:01.0054 0x10a8  ================ Scan global ===============================
18:04:01.0054 0x10a8  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
18:04:01.0070 0x10a8  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
18:04:01.0086 0x10a8  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
18:04:01.0101 0x10a8  [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
18:04:01.0117 0x10a8  [ Global ] - ok
18:04:01.0117 0x10a8  ================ Scan MBR ==================================
18:04:01.0117 0x10a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:04:01.0353 0x10a8  \Device\Harddisk0\DR0 - ok
18:04:01.0353 0x10a8  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
18:04:01.0464 0x10a8  \Device\Harddisk1\DR1 - ok
18:04:01.0464 0x10a8  ================ Scan VBR ==================================
18:04:01.0464 0x10a8  [ 2A2831071D1217E553F136A1CD111BDD ] \Device\Harddisk0\DR0\Partition1
18:04:01.0511 0x10a8  \Device\Harddisk0\DR0\Partition1 - ok
18:04:01.0527 0x10a8  [ 10D5C1515FA9DA74F69F9E2471AE3E3F ] \Device\Harddisk0\DR0\Partition2
18:04:01.0590 0x10a8  \Device\Harddisk0\DR0\Partition2 - ok
18:04:01.0590 0x10a8  [ 480BDA8D1115751CCE73079F499F788B ] \Device\Harddisk0\DR0\Partition3
18:04:01.0653 0x10a8  \Device\Harddisk0\DR0\Partition3 - ok
18:04:01.0653 0x10a8  [ D6935C7988861D5CF6985DDBDE9F8B3B ] \Device\Harddisk1\DR1\Partition1
18:04:01.0653 0x10a8  \Device\Harddisk1\DR1\Partition1 - ok
18:04:01.0653 0x10a8  ================ Scan generic autorun ======================
18:04:01.0669 0x10a8  [ 968EDA6EA6E00DFAE78586BFA6322B74, 8F3A01704E67D2F9212A08F0D5B4FF15DEE4791E1BB303DF4C9CF7DD3871E6E5 ] C:\VIA_XHCI\usb3Monitor.exe
18:04:01.0684 0x10a8  VIAxHCUtl - detected UnsignedFile.Multi.Generic ( 1 )
18:04:04.0680 0x10a8  Detect skipped due to KSN trusted
18:04:04.0680 0x10a8  VIAxHCUtl - ok
18:04:04.0744 0x10a8  [ A0012C1D9B8648C20C00202418B9D02F, 833AFB6BCABBF9991C811D6D1BF2C7B95A584F46D93C6B3F49CA2A8A6BE5E657 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:04:04.0807 0x10a8  NvBackend - ok
18:04:04.0823 0x10a8  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
18:04:04.0854 0x10a8  ShadowPlay - ok
18:04:04.0854 0x10a8  [ 5917DC01B9AC1FD64136D4691FFC7987, 8AAB5E31A4F4056843EC0896BF3F0A91604FF39F4AD439F64D2E882E72511A98 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
18:04:04.0870 0x10a8  Classic Start Menu - ok
18:04:04.0917 0x10a8  [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] D:\Program Files\iTunes\iTunesHelper.exe
18:04:04.0933 0x10a8  iTunesHelper - ok
18:04:05.0075 0x10a8  [ 25218B917E6C638A5A0257BBAF3AF7DB, 7DC4D65462D45CE4230300555C5EE666729179F135C720B2B79DC8409743A0F7 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
18:04:05.0232 0x10a8  WD Quick View - ok
18:04:05.0295 0x10a8  [ 0610E1989914B6DA54165A4F2C766721, CFFDCA465C9A6988A747C08346B9A122A4DB08AACE42B8AEB4AE410981044892 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
18:04:05.0342 0x10a8  WD Drive Unlocker - ok
18:04:05.0359 0x10a8  [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:04:05.0390 0x10a8  SunJavaUpdateSched - ok
18:04:05.0437 0x10a8  [ DB20FE51008B4030B8C1570C4E80A7FE, A4E14ED94D0DE3CFE0DC26DC33AEB7B4B8522C9E6F4BB628290AA772DC6A5779 ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
18:04:05.0501 0x10a8  DriveUtilitiesHelper - ok
18:04:05.0516 0x10a8  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:04:05.0516 0x10a8  Avira SystrayStartTrigger - ok
18:04:05.0547 0x10a8  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
18:04:05.0580 0x10a8  avgnt - ok
18:04:05.0784 0x10a8  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:06.0006 0x10a8  OneDriveSetup - ok
18:04:06.0211 0x10a8  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:06.0400 0x10a8  OneDriveSetup - ok
18:04:06.0416 0x10a8  Lync - ok
18:04:06.0447 0x10a8  [ 17A2A23B6701404FD9D33FB1D8956001, 63A8905CBDAB7ED74D2305E9D3B910AC01161C06051A1A1EF7FF78546F32CF8C ] D:\Program Files (x86)\No-IP\DUC40.exe
18:04:06.0464 0x10a8  NoIPDUCv4 - detected UnsignedFile.Multi.Generic ( 1 )
18:04:07.0250 0x16b0  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
18:04:09.0353 0x10a8  Detect skipped due to KSN trusted
18:04:09.0353 0x10a8  NoIPDUCv4 - ok
18:04:09.0384 0x10a8  [ BC49C6D6DC13F0AEEDC12264B7C9D4BE, BF50D3AB2AD246318D0B2CC01BFBA76AF6C9AC5AA41A807521ABA1E478C8CCF5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:04:09.0416 0x10a8  CFA4BAFF5696A87DDBFEBDBB843936345DB9A8D9._service_run - ok
18:04:09.0494 0x10a8  [ B8C93930C5F4F8C8EC46BFACD32078ED, C219B07C13DE0C45CB0D51CCD6971A389DCEDA316964CCBBF4F87CA60B31D01A ] C:\Users\Peter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
18:04:09.0589 0x10a8  Amazon Cloud Player - ok
18:04:09.0605 0x10a8  GoogleDriveSync - ok
18:04:09.0637 0x10a8  [ F6041A72058ADD22166C31B5FD5E919C, 3B10A1273C7E687B1C2D5895B576D4786E4D051E06D001F7B7B969401C58FD2D ] C:\Users\Peter\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:04:09.0684 0x10a8  Spotify Web Helper - ok
18:04:09.0684 0x10a8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:04:09.0699 0x10a8  Dropbox Update - ok
18:04:09.0858 0x10a8  [ 1D80C2AA59CFD761B362BE0C2A9A6600, D2D8C93DDD99791101C15C67CB3BD89400515AFD498B93EAF30E4A385488A5FC ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
18:04:10.0030 0x10a8  Plex Media Server - ok
18:04:10.0062 0x10a8  [ 3946B4FF12067113680EE9D61A1716EE, 408E05A05B0190840735DDF1B428C21ED2493C62D33B7DA69EAD54F718084240 ] C:\Program Files (x86)\ASUS\PC Link\PCLink.exe
18:04:10.0078 0x10a8  PCLink - ok
18:04:10.0204 0x10a8  [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] D:\Program Files (x86)\Steam\steam.exe
18:04:10.0299 0x10a8  Steam - ok
18:04:10.0315 0x10a8  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:04:10.0346 0x10a8  OneDrive - ok
18:04:10.0409 0x16b0  Object send P2P result: true
18:04:10.0409 0x16b0  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
18:04:10.0535 0x10a8  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:10.0724 0x10a8  OneDriveSetup - ok
18:04:10.0756 0x10a8  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:04:10.0803 0x10a8  WAB Migrate - ok
18:04:10.0803 0x10a8  Waiting for KSN requests completion. In queue: 176
18:04:11.0246 0x09f0  Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:04:11.0813 0x10a8  Waiting for KSN requests completion. In queue: 170
18:04:12.0822 0x10a8  Waiting for KSN requests completion. In queue: 170
18:04:13.0617 0x16b0  Object send P2P result: true
18:04:13.0632 0x16b0  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
18:04:13.0838 0x10a8  Waiting for KSN requests completion. In queue: 84
18:04:13.0900 0x2274  Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] D:\Program Files (x86)\Steam\steam.exe
18:04:14.0331 0x09f0  Object send P2P result: true
18:04:14.0331 0x09f0  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:04:14.0852 0x10a8  Waiting for KSN requests completion. In queue: 76
18:04:15.0866 0x10a8  Waiting for KSN requests completion. In queue: 76
18:04:16.0829 0x16b0  Object send P2P result: true
18:04:16.0875 0x10a8  Waiting for KSN requests completion. In queue: 8
18:04:17.0128 0x2274  Object send P2P result: true
18:04:17.0128 0x2274  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:04:17.0586 0x09f0  Object send P2P result: true
18:04:17.0884 0x10a8  Waiting for KSN requests completion. In queue: 2
18:04:18.0894 0x10a8  Waiting for KSN requests completion. In queue: 2
18:04:19.0903 0x10a8  Waiting for KSN requests completion. In queue: 2
18:04:20.0425 0x2274  Object send P2P result: true
18:04:20.0977 0x10a8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
18:04:20.0993 0x10a8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
18:04:20.0993 0x10a8  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x40010 ( disabled : outofdate )
18:04:20.0993 0x10a8  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x40010 ( disabled )
18:04:21.0008 0x10a8  Win FW state via NFP2: enabled ( trusted )
18:04:23.0404 0x10a8  ============================================================
18:04:23.0404 0x10a8  Scan finished
18:04:23.0404 0x10a8  ============================================================
18:04:23.0405 0x0ae0  Detected object count: 1
18:04:23.0405 0x0ae0  Actual detected object count: 1
18:05:20.0429 0x0ae0  PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - skipped by user
18:05:20.0429 0x0ae0  PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:09:07.0457 0x10b4  Deinitialize success
         

Alt 06.01.2016, 19:10   #5
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus,




Mehrere Anti-Virus-Programme

Code:
ATTFilter
Ad-Aware AntiVirus
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Außerdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Programme deinstallieren.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 06.01.2016, 19:59   #6
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Hallo,

Erstmal danke für deine geduld

Ich hab Avira deinstalliert und Ad-Aware draufgelassen.

Reicht eigentlich der Windows Defender auch?

Ich hab mit mbar nur system gescanned (also Haken bei Drivers und Sectors rausgemacht) -> Keine Malware gefunden..
Scanne grade nochmal mit allem angehakt..

scan finished. No malware found

Geändert von Clusterix (06.01.2016 um 20:52 Uhr)

Alt 07.01.2016, 13:41   #7
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus,


ich verwende selbst den Windows Defender, klar genügt der auch.





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 07.01.2016, 15:16   #8
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus Matthias,

here we go:

Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 07/01/2016 um 14:24:17
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Peter - BEDA-AIO
# Gestartet von : C:\Users\Peter\Desktop\AdwCleaner_5.028.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Internetbrowser ] *****

[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.conduit.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.surfcanyon.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : conduit.search
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : istartsurf
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.icq.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : istartsurf.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : de.search.yahoo.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : omniboxes
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : kerbal-space-program.softonic.de
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : ask.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : aol.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : fmlgoencnlndpglbocajlimaikjohmab

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2432 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 07.01.2016
Suchlaufzeit: 14:37
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.07.03
Rootkit-Datenbank: v2016.01.05.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Peter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 445554
Abgelaufene Zeit: 10 Min., 25 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64 
Ran by Peter (Administrator) on 07.01.2016 at 15:01:15,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2016 at 15:03:37,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 07.01.2016, 15:18   #9
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



hier die FRST dateien

Alt 07.01.2016, 17:34   #10
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus,





Schritt 1
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick. Es wird etwas dauern, bis sich das Programm öffnet.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    shortcutfix;
    resethosts;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 2
Downloade dir ZHPCleaner auf deinen Desktop.
  • Schließe alle Internetbrowser.
  • Starte die ZHPCleaner.exe
  • Klicke auf Scanner und warte bis der Suchlauf abgeschlossen ist.
  • Klicke auf Bericht, eine Logdatei namens ZHPCleaner.txt wird sich öffnen.
  • Poste mir den Inhalt der Logdatei mit deiner nächsten Antwort.
  • Klicke auf Beenden, um ZHPCleaner zu schließen.





Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche? In welchem Browser treten eventuelle Probleme auf?






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von Zoek,
  • die Logdatei von ZHPCleaner,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 07.01.2016, 19:19   #11
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus Matthias,

hab mir leider auf der französischen Seite von ZHPCleaner aus Versehen den installer runtergeladen (hatte zwar einiges abgewählt gehabt, als er aber nicht installiert wurde, wurde mir das klar, dass ich toolbars o.Ä installiert hab was jetzt aber nicht so das problem sein sollte ;9)
Nichtsdestotrotz ist das popup pünktlich um 19:10 wieder gekommen (man kann anhaken und bei ok auf ...jmp2.in.. und von da auf nen mcafeestore weitergeleitet, hab mal ein Bild angehängt)

Code:
ATTFilter
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Peter on 07.01.2016 at 17:57:24,35.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Peter\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

07.01.2016 17:59:32 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://google.de");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
88C9284589B5AEEF93AAF8016BA1290D	- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll -	Microsoft Office 2013


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences.bak was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== shortcuts on Users Desktops ======================

C:\Users\Peter\Desktop\ALF-BanCo 4.lnk - D:\Program Files (x86)\ALFBanCo4\AlfBanCo4.exe 
C:\Users\Peter\Desktop\Amazon Cloud Player.lnk - C:\Users\Peter\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe 
C:\Users\Peter\Desktop\Beda - Verknüpfung.lnk -  
C:\Users\Peter\Desktop\DiskBoss.lnk - D:\Program Files (x86)\DiskBoss\bin\diskbsg.exe 
C:\Users\Peter\Desktop\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe 
C:\Users\Peter\Desktop\Easy Poster Printer.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{1B5979B5-FE79-405A-A023-592DCE48C522}\_98DB30F986FCF6D1CB2D3C.exe 
C:\Users\Peter\Desktop\Godmode.lnk - C:\Windows\explorer.exe 
C:\Users\Peter\Desktop\Google Drive.lnk - C:\Users\Peter\Google Drive 
C:\Users\Peter\Desktop\HE Laserscan V.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{4CAF1B06-DD5A-4DE1-A41A-0111C2F4226C}\_38cb61a.exe 
C:\Users\Peter\Desktop\Helium Music Manager 10.lnk - D:\Program Files (x86)\Intermedia Software\Helium 10\helium10.exe 
C:\Users\Peter\Desktop\IrfanView Thumbnails.lnk - D:\Program Files (x86)\IrfanView\i_view32.exe 
C:\Users\Peter\Desktop\IrfanView.lnk - D:\Program Files (x86)\IrfanView\i_view32.exe 
C:\Users\Peter\Desktop\KENWOOD Music Editor Light.lnk - D:\Program Files (x86)\KENWOOD\KENWOOD Music Editor Light\KMELight.exe 
C:\Users\Peter\Desktop\MP3 Repair Tool.lnk - C:\Program Files (x86)\Aspect one\MP3 Repair Tool\MP3RepairTool.exe 
C:\Users\Peter\Desktop\MusicBee.lnk - D:\Program Files (x86)\MusicBee\MusicBee.exe 
C:\Users\Peter\Desktop\MusicBrainz Picard.lnk - D:\Program Files (x86)\MusicBrainz Picard\picard.exe 
C:\Users\Peter\Desktop\MyPhoneExplorer.lnk - D:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe 
C:\Users\Peter\Desktop\Notepad++.lnk - D:\Program Files (x86)\Notepad++\notepad++.exe 
C:\Users\Peter\Desktop\OneDrive - Verknüpfung.lnk -  
C:\Users\Peter\Desktop\Spotify.lnk - C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe 
C:\Users\Peter\Desktop\TagScanner.lnk - D:\Program Files (x86)\TagScanner\Tagscan.exe 
C:\Users\Peter\Desktop\Total Commander 64 bit.lnk - D:\Program Files\totalcmd\TOTALCMD64.EXE 
C:\Users\Peter\Desktop\Zettelabgabe.lnk - C:\Users\Public\Documents\Zettelabgabe.xlsx 
C:\Users\Peter\Desktop\µTorrent.lnk -  
C:\Users\Peter\Desktop\Anti Malware\Ad-Aware Antivirus.lnk - C:\Program Files (x86)\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareDesktop.exe 
C:\Users\Peter\Desktop\Anti Malware\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe 
C:\Users\Peter\Desktop\Anti Malware\ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\Users\Peter\Desktop\Anti Malware\Spybot-S&D Start Center.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 
C:\Users\Public\Desktop\ALF-BanCo 5.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo5.exe 
C:\Users\Public\Desktop\ALF-BanCo 6.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo6.exe 
C:\Users\Public\Desktop\AllDup.lnk - D:\Program Files (x86)\AllDup\AllDup.exe 
C:\Users\Public\Desktop\Ashampoo Music Studio 6.lnk - D:\Program Files (x86)\Ashampoo\Ashampoo Music Studio 6\MusicStudio.exe 
C:\Users\Public\Desktop\Audials 11.lnk - D:\Program Files (x86)\Audials\Audials 11\AudialsStarter.exe 
C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk - D:\Program Files (x86)\Avidemux 2.6\avidemux.exe 
C:\Users\Public\Desktop\BanCo-Ticker 6.lnk - D:\Program Files (x86)\ALFBanCo6\BanCoTicker6.exe 
C:\Users\Public\Desktop\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo5\BanCoTicker5.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\CDBurnerXP.lnk - D:\Program Files (x86)\CDBurnerXP\cdbxpp.exe 
C:\Users\Public\Desktop\Data Migration.lnk - C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\Users\Public\Desktop\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\Users\Public\Desktop\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\Users\Public\Desktop\HDD Guardian.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\hddguardian.exe 
C:\Users\Public\Desktop\HTC Sync Manager.lnk - D:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe 
C:\Users\Public\Desktop\IIDSC Recorder.lnk - D:\Program Files (x86)\IIDSC_Project\IIDSC_Recorder\IIDSC Recorder.exe 
C:\Users\Public\Desktop\ImgBurn.lnk - D:\Program Files (x86)\ImgBurn\ImgBurn.exe 
C:\Users\Public\Desktop\iTunes.lnk - D:\Program Files\iTunes\iTunes.exe 
C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\Users\Public\Desktop\MediaMonkey.lnk - D:\Program Files (x86)\MediaMonkey\MediaMonkey.exe 
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\Public\Desktop\Mp3tag.lnk - D:\Program Files (x86)\Mp3tag\Mp3tag.exe 
C:\Users\Public\Desktop\MyPhoneExplorer.lnk - D:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe 
C:\Users\Public\Desktop\Paragon Backup and Recovery™ 12 Home.lnk -  
C:\Users\Public\Desktop\PC Link.lnk - C:\Program Files (x86)\ASUS\PC Link\PCLink.exe 
C:\Users\Public\Desktop\PhoenixSuit.lnk - C:\Windows\Installer\{EBF1BED9-4321-40D7-8837-177AE54C457C}\_204CCD2E1213AA4E8B3BAD.exe 
C:\Users\Public\Desktop\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe 
C:\Users\Public\Desktop\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe 
C:\Users\Public\Desktop\SeaTools for Windows.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe 
C:\Users\Public\Desktop\SiSoftware Sandra Lite 2016.RTM.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.exe 
C:\Users\Public\Desktop\SSD Fresh.lnk - D:\Program Files (x86)\SSD Fresh\SSDFresh.exe 
C:\Users\Public\Desktop\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe 
C:\Users\Public\Desktop\TeamViewer 11.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe 
C:\Users\Public\Desktop\VLC media player.lnk - D:\Program Files\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe 
C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe 
C:\Users\Public\Desktop\YouTube Song Downloader.lnk - D:\Program Files (x86)\YouTube Song Downloader\YouTubeSongDownloader.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -  page=SettingsPageAppsDefaults
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -  page=SettingsPagePCSystemDevices
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -  page=SettingsPageAppsDefaults
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -  page=SettingsPagePCSystemDevices
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -  page=SettingsPageAppsDefaults
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -  page=SettingsPagePCSystemDevices
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Poster Printer.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{1B5979B5-FE79-405A-A023-592DCE48C522}\_1C3B36736D8B29B25AABB8.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk - C:\Windows\System32\fodhelper.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -  page=SettingsPageAppsDefaults
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -  page=SettingsPagePCSystemDevices
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk - C:\WINDOWS\DevicesFlow\DevicesFlow.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk - C:\WINDOWS\System32\Control.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk - C:\WINDOWS\MiracastView\MiracastView.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk - C:\WINDOWS\PrintDialog\PrintDialog.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk - C:\WINDOWS\system32\rundll32.exe -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk - C:\WINDOWS\Speech\Common\sapisvr.exe -SpeechUX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\WINDOWS\system32\mspaint.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\WINDOWS\system32\mstsc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk - C:\WINDOWS\system32\psr.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk - C:\WINDOWS\system32\xpsrchvw.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk - C:\WINDOWS\system32\charmap.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk - C:\WINDOWS\system32\comexp.msc 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\WINDOWS\system32\compmgmt.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk - C:\WINDOWS\system32\dfrgui.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk - C:\WINDOWS\system32\cleanmgr.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk - C:\WINDOWS\system32\eventvwr.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\IIS Manager.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk - C:\WINDOWS\system32\iscsicpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk - C:\WINDOWS\syswow64\odbcad32.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk - C:\WINDOWS\system32\odbcad32.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk - C:\WINDOWS\system32\perfmon.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk - C:\WINDOWS\system32\perfmon.exe /res
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\WINDOWS\system32\services.msc 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk - C:\WINDOWS\system32\msinfo32.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk - C:\WINDOWS\system32\taskschd.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk - C:\WINDOWS\system32\WF.msc 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\ALF-BanCo 5 entfernen.lnk - D:\Program Files (x86)\ALFBanCo5\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\ALF-BanCo 5.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Auf Update prüfen.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo5\BanCoTicker5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Datensicherung.lnk - D:\Program Files (x86)\ALFBanCo5\AlfHbBackup5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Fernwartung.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo_Fernwartung.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Handbuch.lnk - D:\Program Files (x86)\ALFBanCo5\Daten\ALF-BanCo5Hilfe.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Kartenleser einrichten.lnk - D:\Program Files (x86)\ALFBanCo5\AlfCTInst5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Konvertierung alter Daten.lnk - D:\Program Files (x86)\ALFBanCo5\BanCo5Convert.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Support-Tool.lnk - D:\Program Files (x86)\ALFBanCo5\AlfSupport5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\ALF-BanCo 6 entfernen.lnk - D:\Program Files (x86)\ALFBanCo6\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\ALF-BanCo 6.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Auf Update prüfen.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo6\BanCoTicker6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Datensicherung.lnk - D:\Program Files (x86)\ALFBanCo6\AlfHbBackup6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Fernwartung.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo_Fernwartung.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Handbuch.lnk - D:\Program Files (x86)\ALFBanCo6\Daten\ALF-BanCo6Handbuch.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Kartenleser einrichten.lnk - D:\Program Files (x86)\ALFBanCo6\AlfCTInst6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Konvertierung alter Daten.lnk - D:\Program Files (x86)\ALFBanCo6\BanCo6Convert.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Support-Tool.lnk - D:\Program Files (x86)\ALFBanCo6\AlfSupport6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\DiskInternals Linux Reader.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\LinuxReader64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\DiskInternals Research.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\Documentation.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\help.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\Uninstall.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian 0.6.2 Deinstallation.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian Toolbox.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\toolbox.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\hddguardian.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\License.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\License.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\Logical Disk Monitor.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\ldm.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\Translation Tool.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\Languages\translationtool.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIDSC Project\IIDSC Recorder\Uninstall IIDSC Recorder.lnk - D:\Program Files (x86)\IIDSC_Project\IIDSC_Recorder\msiexec.exe  /x {02AB6049-EA12-4FFE-AF3C-159C28FEE0C8}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS\IIS Client Manager.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - D:\Program Files\iTunes\iTunes.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk - C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk - C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files\Java\jdk1.7.0_51\bin\jmc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Referenzdokumentation.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\outlook.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk - C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe d:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Deinstalliere Sandra.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Dokumentation.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.07.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\SiSoftware Sandra Lite 2016.RTM.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Analyse-Skript.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Analysis Script.sis 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Burn-in Skript.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Burn Script.sis 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Skript zur Berichtserzeugung.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Report Script.sis 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Skript zur Umgebungsueberwachung.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Monitor Script.sis 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im HTML-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im MIF-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.mif 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im Text-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im XML-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.xml 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\Access Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Access Schema.mdb 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\mySQL Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\mySQL Schema.sql 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\Oracle Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Oracle Schema.sql 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\SQL Server-Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\SQL Server Schema.sql 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\ Bestellen Sie die Vollversion, um weitere Features freizuschalten.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\order.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\Bestellen Sie die Vollversion für gewerbliche Nutzung, um weitere Features freizuschalten.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware @ Facebook.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\facebook.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware @ Twitter.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\twitter.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware im Internet.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sisoftware.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware Preisvergleich.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\shop.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\Statistiken und Bewertungen.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\ranks.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh\SSD Fresh.lnk - D:\Program Files (x86)\SSD Fresh\SSDFresh.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk - C:\WINDOWS\system32\control.exe /name Microsoft.DefaultPrograms
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk - C:\WINDOWS\system32\taskmgr.exe /7
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\WinDlg.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\help.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\unins000.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk - D:\Program Files (x86)\CDBurnerXP\cdbxpp.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Helium Music Manager 10.lnk - D:\Program Files (x86)\Intermedia Software\Helium 10\helium10.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk - D:\Program Files (x86)\ImgBurn\ImgBurn.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MP3 Repair Tool.lnk - C:\Program Files (x86)\Aspect one\MP3 Repair Tool\MP3RepairTool.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f966724577ef19eb\PokerStars.EU.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -  
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk - D:\Program Files\totalcmd\TOTALCMD64.EXE 
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE 

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found

==== EOF on 07.01.2016 at 18:03:07,02 ======================
         
Code:
ATTFilter
~ ZHPCleaner v2016.1.7.4 by Nicolas Coolman (2016/01/07)
~ Run by Peter (Administrator)  (07/01/2016 18:48:12)
~ Site : hxxp://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Peter\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Peter\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 10586)


---\\  Dienst. (0)
~ Alle bösartigen oder unnötige Element gefunden.


---\\  Browser. (1)
GEFUNDEN Chrome Secure Preferences: "hxxp://www.palikan.com/?f=7&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="  =>PUP.Optional.GoPalikan


---\\ Datei Host. (2)
GEFUNDEN:  
~ Anzahl der Weiterleitungen gefunden1/20


---\\  Geplante Tasks (1)
GEFUNDEN task: [Go_Palikan] [C:\WINDOWS\Tasks\Go_Palikan.job]  =>PUP.Optional.GoPalikan


---\\  Explorer (Ordner, Dateien). (6)
GEFUNDEN Datei: C:\Windows\Tasks\Go_Palikan.job    =>PUP.Optional.GoPalikan
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cinemaxx.de_0.localstorage    =>PUP.Optional.CrossRider
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cinemaxx.de_0.localstorage-journal    =>PUP.Optional.CrossRider
GEFUNDEN Ordner: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ


---\\  Registrierung (Schlüssel, Werte, Daten). (7)
GEFUNDEN key: HKEY_USERS\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Ad-Aware Search Protection []  =>PUP.Optional.Spigot
GEFUNDEN key: HKCU\Software\Ad-Aware Search Protection []  =>PUP.Optional.Spigot
GEFUNDEN key: HKCU\Software\AppDataLow\Software\adawarebp []  =>PUP.Optional.ToolbarCleaner
GEFUNDEN key: HKCU\Software\undefined []  =>.Superfluous.Downloader
GEFUNDEN key: HKCU\Software\ProductSetup []  =>Adware.InstallCore
GEFUNDEN key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0AFDD62D45EFE8155993FD43457FC680 [C:\Program Files (x86)\Plex\Plex Media Server\Resources\Plug-ins-8403350\Media-Flags.bundle\Contents\Resources\Studio\cinemax.png]  =>PUP.Optional.CrossRider
GEFUNDEN key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} [C:\Program Files (x86)\Toolbar Cleaner (Not File)]  =>PUP.Optional.ToolbarCleaner


---\\  Zusammenfassung der Elemente gefunden auf Ihrer workstation (8)
hxxp://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.GoPalikan
hxxp://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Generic
hxxp://www.nicolascoolman.fr/?p=180  =>PUP.Optional.CrossRider
hxxp://www.nicolascoolman.fr/?p=679  =>PUP.Optional.DomaIQ
hxxp://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Spigot
hxxp://www.nicolascoolman.fr/?p=712  =>PUP.Optional.ToolbarCleaner
hxxp://www.nicolascoolman.fr/?p=4664  =>.Superfluous.Downloader
hxxp://www.nicolascoolman.fr/?p=279  =>Adware.InstallCore


---\\Reparieren Check
~ keine Reparaturen.


---\\Statistiken
~ Elemente gescannt : 108742
~ Einträge gefunden : 19
~ Elemente abgesagt : 0
~ Elemente repariert : 0


~ End of search in 00h07mn52s
===================
ZHPCleaner-[S]-07012016-18_56_04.txt
         

Alt 08.01.2016, 16:13   #12
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus,



so, jetzt denk ich hab ichs.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
FF NewTab: about:newtab
Task: {1993C654-7DD8-4014-B83D-4DFBDD76ED70} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {1A354996-AFA2-4306-BDDE-8807C8F680E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B9FC618-4740-4540-A2D9-446805A5DECA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2E4F0410-E617-42D7-AE6C-44C57A304D40} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E03D51B-7D82-46C9-A06A-A6E34152211D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7781DD59-D58B-4354-AB7C-774E743F1173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7CB75333-C611-4E11-A2F2-BFACF36A6A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8BD00CCA-B537-4771-A49D-8D3FEB27DBE9} - System32\Tasks\Backup Update Service => p:\\jmp2.in\
Task: {9740C194-09ED-4026-876C-404A51AA2A47} - System32\Tasks\Go_Palikan => C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}\uninstall.exe [2016-01-07] ()
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}
Task: {C1FA49B7-C25D-4BAF-8E71-3F48830D67D2} - \Win Update Service -> Keine Datei <==== ACHTUNG
Task: {C82D4EC4-7BEE-42F7-9866-33BA0B12B91F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0A7DA6B-92C0-455F-BDF0-D5C55147AC55} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F3EF753A-7B45-44F2-8076-4398EB84EDF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Go_Palikan.job =>  
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Dann nochmal AdwCleaner und Malwarebytes' Anti-Malware ausführen und beide Logdateien posten.





Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *Palikan*
    
    :folderfind
    *Palikan*
    
    :regfind
    Palikan
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.








Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdateien von AdwCleaner und Malwarebytes,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 08.01.2016, 22:30   #13
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Hallo Matthias,

sry wegen der Unachtsamkeit mit dem Palikan... und danke dass du dir soviel Zeit nimmst

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Peter (2016-01-08 21:05:17) Run:1
Gestartet von C:\Users\Peter\Desktop\Anti Malware
Geladene Profile: Peter (Verfügbare Profile: Peter & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
FF NewTab: about:newtab
Task: {1993C654-7DD8-4014-B83D-4DFBDD76ED70} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {1A354996-AFA2-4306-BDDE-8807C8F680E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B9FC618-4740-4540-A2D9-446805A5DECA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2E4F0410-E617-42D7-AE6C-44C57A304D40} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E03D51B-7D82-46C9-A06A-A6E34152211D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7781DD59-D58B-4354-AB7C-774E743F1173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7CB75333-C611-4E11-A2F2-BFACF36A6A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8BD00CCA-B537-4771-A49D-8D3FEB27DBE9} - System32\Tasks\Backup Update Service => p:\\jmp2.in\
Task: {9740C194-09ED-4026-876C-404A51AA2A47} - System32\Tasks\Go_Palikan => C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}\uninstall.exe [2016-01-07] ()
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}
Task: {C1FA49B7-C25D-4BAF-8E71-3F48830D67D2} - \Win Update Service -> Keine Datei <==== ACHTUNG
Task: {C82D4EC4-7BEE-42F7-9866-33BA0B12B91F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0A7DA6B-92C0-455F-BDF0-D5C55147AC55} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F3EF753A-7B45-44F2-8076-4398EB84EDF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Go_Palikan.job =>  
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
Firefox "newtab" erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1993C654-7DD8-4014-B83D-4DFBDD76ED70}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1993C654-7DD8-4014-B83D-4DFBDD76ED70}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A354996-AFA2-4306-BDDE-8807C8F680E5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A354996-AFA2-4306-BDDE-8807C8F680E5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B9FC618-4740-4540-A2D9-446805A5DECA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B9FC618-4740-4540-A2D9-446805A5DECA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E4F0410-E617-42D7-AE6C-44C57A304D40}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E4F0410-E617-42D7-AE6C-44C57A304D40}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E03D51B-7D82-46C9-A06A-A6E34152211D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E03D51B-7D82-46C9-A06A-A6E34152211D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7781DD59-D58B-4354-AB7C-774E743F1173}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7781DD59-D58B-4354-AB7C-774E743F1173}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CB75333-C611-4E11-A2F2-BFACF36A6A5F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CB75333-C611-4E11-A2F2-BFACF36A6A5F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD00CCA-B537-4771-A49D-8D3FEB27DBE9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD00CCA-B537-4771-A49D-8D3FEB27DBE9}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Backup Update Service => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Backup Update Service" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9740C194-09ED-4026-876C-404A51AA2A47} => Schlüssel nicht gefunden. 
C:\WINDOWS\System32\Tasks\Go_Palikan => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go_Palikan => Schlüssel nicht gefunden. 
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1FA49B7-C25D-4BAF-8E71-3F48830D67D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1FA49B7-C25D-4BAF-8E71-3F48830D67D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Win Update Service" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82D4EC4-7BEE-42F7-9866-33BA0B12B91F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82D4EC4-7BEE-42F7-9866-33BA0B12B91F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0A7DA6B-92C0-455F-BDF0-D5C55147AC55}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0A7DA6B-92C0-455F-BDF0-D5C55147AC55}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3EF753A-7B45-44F2-8076-4398EB84EDF0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3EF753A-7B45-44F2-8076-4398EB84EDF0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
Task: C:\WINDOWS\Tasks\Go_Palikan.job => => nicht gefunden.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 787.4 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:05:53 ====
         
Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 08/01/2016 um 21:27:25
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Peter - BEDA-AIO
# Gestartet von : C:\Users\Peter\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fmlgoencnlndpglbocajlimaikjohmab

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [941 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.01.2016
Suchlaufzeit: 21:32
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.08.06
Rootkit-Datenbank: v2016.01.05.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Peter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 443370
Abgelaufene Zeit: 16 Min., 40 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 21:56 on 08/01/2016 by Peter
Administrator - Elevation successful

========== filefind ==========

Searching for "*Palikan*"
No files found.

========== folderfind ==========

Searching for "*Palikan*"
No folders found.

========== regfind ==========

Searching for "Palikan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="

-= EOF =-
         

Alt 09.01.2016, 02:40   #14
Clusterix
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Hallo Matthias,

jetzt sind vier xx:10 Uhr checkpoints durchgelaufen und es kam kein popup sieht also diesbezüglich top aus!
Ich möchte dir sehr herzlich danken, für deinen Einsatz und deine Geduld! Danke, Danke, Danke!!!
Was war das jetzt eigentlich genau und wie hab ich mir das eingefangen, weil scheints ist es ned so alltäglich, da man mit dem Problem keinen im Netz gefunden hat.

Ich hoffe das mit dem palikan hat sich, oder wird sich schnell erledigen, merken tu ich im moment jedenfalls auch nichts mehr

Viele Grüsse Peter

Alt 09.01.2016, 10:21   #15
M-K-D-B
/// TB-Ausbilder
 
Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Standard

Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite



Servus,



auf deinem Rechner war noch etwas Adware, die haben wir jetzt entfernt.


Ich würde gerne noch ein paar letzte Reste entfernen und einen Kontrollscan mit ESET durchführen, wenn das für dich ok ist.
Wir sichern uns hier immer mehrfach ab, wir wollen ja, dass alles sauber ist.





Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset









Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite
browser, dateiendung, erschein, erscheint, hilfe!, installier, installierte, kaufen, klicke, link, lösung, mcafee, popup, programm, scan, scanner, seite, stunde, update, virenscan, virenscanner, weiterleitung, werbeseite, win, windows



Ähnliche Themen: Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite


  1. Trojan-Dropper stündlich
    Plagegeister aller Art und deren Bekämpfung - 13.09.2015 (12)
  2. Seiten werden nicht gefunden und youradexchange Popup
    Plagegeister aller Art und deren Bekämpfung - 22.05.2015 (14)
  3. Macbook / OSX Yosemite 10.10.3: Fake-email link geöffnet, Weiterleitung unklar
    Alles rund um Mac OSX & Linux - 12.05.2015 (5)
  4. Win 8.1: Nach löschen von Virus mit Avira erscheint jedes Mal nach dem starten ein Fenster mit Auswahl, wie Datei geöffnet werden soll.
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (30)
  5. PDF soll als "BoBrowser HTML Document" geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 07.12.2014 (17)
  6. Popup und Weiterleitung auf: http://systweak.com/registrycleaner/apptvlatest/?pubid=1946
    Plagegeister aller Art und deren Bekämpfung - 04.07.2014 (5)
  7. Festplatte soll Formatiert werden bevor sie verwendet werden kann
    Alles rund um Windows - 28.05.2014 (3)
  8. DHL Paket Ihrer Sendung xxxxxxxxx - leider geöffnet - popup TÜV auf Bankseite
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (12)
  9. Falsche Weiterleitung von Links und Werbe-Popup unten Rechts
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (36)
  10. PopUp rechts unten, Weiterleitung von Links
    Log-Analyse und Auswertung - 10.09.2012 (27)
  11. Falsche Weiterleitung von Links und Werbe-Popup unten Rechts Falsche Weiterleitung von Links und Werbe-Popup unten Rechts
    Mülltonne - 03.09.2012 (1)
  12. AntiMalware kan nicht geöffnet werden, System stürzt ab und nfach geöffnet
    Log-Analyse und Auswertung - 10.01.2009 (29)
  13. stündlich weiter trojaner/virus
    Plagegeister aller Art und deren Bekämpfung - 09.02.2007 (6)
  14. Wie soll es eingebaut werden?
    Netzwerk und Hardware - 14.01.2007 (11)
  15. Wie soll es eingebaut werden?
    Mülltonne - 12.01.2007 (1)

Zum Thema Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite - Hallo, Ich habe viel gegoogelt, finde aber leider keine Lösung, deshalb wende ich mich hier an euch. Es popped jede Stunde um xx:10 ein Popup auf, wie soll dieser linktyp - Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite...
Archiv
Du betrachtest: Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.